def change_password(request): if request.method=="POST": form=ChangePassword(request.POST) if form.is_valid(): register_user=User.objects.get(username=request.user.username) register_user.set_password(str(form.cleaned_data['password'])) register_user.save() return HttpResponseRedirect('/foodline/login/') else: state="please enter a new password" return render_to_response('reset.html',locals()) else: form=ChangePassword() state="Enter a New Password" return render_to_response('reset.html',locals())
def change_password(request, username=None): form = ChangePassword(request.POST or None) message = None if request.method == 'POST': if form.is_valid(): if authenticate(username=request.user.username, password=form.cleaned_data['current_password']): request.user.set_password(form.cleaned_data['new_password']) request.user.save() #https://docs.djangoproject.com/en/1.7/topics/auth/default/#session-invalidation-on-password-change update_session_auth_hash(request, request.user) message = "Password actualizada" else: message = "No es la password actual" else: message = form.errors.as_data().itervalues().next()[0].message context = {'form': form, 'message': message} return render(request, 'clients/settings_password.html', context)
def manage_password(request, account_id, conn=None, **kwargs): template = "omero_signup/password.html" error = None if request.method == 'POST': password_form = ChangePassword(data=request.POST.copy()) if not password_form.is_valid(): error = password_form.errors else: old_password = password_form.cleaned_data['old_password'] password = password_form.cleaned_data['password'] if conn.isAdmin(): account = get_object_or_404(models.Account, pk=account_id) account.password = password account.save() context = {'error': error, 'password_form': password_form, 'account_id': account_id} context['template'] = template return context
def manage_password(request, eid, conn=None, **kwargs): template = "webadmin/password.html" error = None if request.method == 'POST': password_form = ChangePassword(data=request.POST.copy()) if not password_form.is_valid(): error = password_form.errors else: old_password = password_form.cleaned_data['old_password'] password = password_form.cleaned_data['password'] # if we're trying to change our own password... if conn.getEventContext().userId == int(eid): try: conn.changeMyPassword(password, old_password) except Exception, x: error = x.message # E.g. old_password not valid elif conn.isAdmin(): exp = conn.getObject("Experimenter", eid) try: conn.changeUserPassword(exp.omeName, password, old_password) except Exception, x: error = x.message
def manage_password(request, eid, conn=None, **kwargs): template = "webadmin/password.html" error = None if request.method == 'POST': password_form = ChangePassword(data=request.POST.copy()) if not password_form.is_valid(): error = password_form.errors else: old_password = password_form.cleaned_data['old_password'] password = password_form.cleaned_data['password'] # if we're trying to change our own password... if conn.getEventContext().userId == int(eid): try: conn.changeMyPassword(password, old_password) except Exception, x: error = x.message # E.g. old_password not valid elif conn.isAdmin(): exp = conn.getObject("Experimenter", eid) try: conn.changeUserPassword(exp.omeName, password, old_password) except Exception, x: error = x.message
def manage_password(request, eid, **kwargs): experimenters = True template = "webadmin/password.html" conn = None try: conn = kwargs["conn"] except: logger.error(traceback.format_exc()) info = {'today': _("Today is %(tday)s") % {'tday': datetime.date.today()}, 'experimenters':experimenters} eventContext = {'userName':conn.getEventContext().userName, 'isAdmin':conn.getEventContext().isAdmin, 'version': request.session.get('version')} error = None if request.method != 'POST': password_form = ChangePassword() else: password_form = ChangePassword(data=request.POST.copy()) if password_form.is_valid(): old_password = password_form.cleaned_data['old_password'] password = password_form.cleaned_data['password'] if conn.isAdmin(): exp = conn.getExperimenter(eid) try: conn.changeUserPassword(exp.omeName, password, old_password) except Exception, x: error = x.message else: request.session['password'] = password return HttpResponseRedirect(reverse(viewname="wamanageexperimenterid", args=["edit", eid])) else: try: conn.changeMyPassword(password, old_password) except Exception, x: error = x.message else:
def userAdmin(request, userId2): WEB_FILES, LIVE_SITE, totalNumberOfGames, sendBackUrl, startOffset, \ user, userId, message, topHits, topRated = initialVars(request) #log(request, 'USERADMINPAGE', 'just landed', sendBackUrl) # need to convert to strings otherwise methods are unhappy. # (should look into why this is.... TODO) userId = str(userId) userId2 = str(userId2) # set sendBackUrl to their userPage if they logout sendBackUrl = "/user/" + userId # This will see if the user who's page is queried exists. try: userAdmin = User.objects.get(id__exact=userId) except ObjectDoesNotExist: request.session['message'] = "Something is amiss with your session.\ Please log in again!" return HttpResponseRedirect('/') if user == None: request.session['message'] = "Something is amiss with your session.\ Please log in again." return HttpResponseRedirect('/') elif user != userAdmin: request.session['message'] = "You aren't allowed on that page!" return HttpResponseRedirect('/') elif int(userId) != int(userId2): # just another paranoid check request.session['message'] = "You aren't allowed on that page!" return HttpResponseRedirect('/') if request.method == 'GET': # forms to change password and description try: userDescription = UserProfile.objects.get(user=user) except ObjectDoesNotExist: userDescription = None passwordForm = ChangePassword(initial={'username': user.username}) descriptionForm = UserDescription(initial={ 'userId': userId, 'description': userDescription }) elif request.method == 'POST': whichform = request.POST.get('descriptionName', '') if whichform: # Form is description form descriptionForm = UserDescription(request.POST) if descriptionForm.is_valid(): userFromProfile = descriptionForm.cleaned_data['userId'] description = descriptionForm.cleaned_data['description'] try: userDescription = UserProfile.objects.get(user=user) except ObjectDoesNotExist: userDescription = None if userDescription == None: userDescription = UserProfile(user=user, description=description) else: userDescription.description = description userDescription.save() #log(request, 'USERADMINPAGE', 'modified description', sendBackUrl) message = "The description has been changed. Perhaps to something\ more meaningful. Perhaps to less. Tough to say." else: # need to reload to User Admin Page with all variables message = "Dude, something went wrong. Why you trying to hack our\ system?" #log(request, 'USERADMINPAGEERROR', 'failed to modify description', sendBackUrl) # passwordForm = ChangePassword(initial={'username': user.username}) # return render_to_response('useradmin.html' , locals()) passwordForm = ChangePassword(initial={'username': user.username}) return render_to_response('useradmin.html', locals()) else: # Password form is submitted, POST # First reinitialize the description form. try: userDescription = UserProfile.objects.get(user=user) except ObjectDoesNotExist: userDescription = None descriptionForm = UserDescription(initial={ 'userId': userId, 'description': userDescription }) passwordForm = ChangePassword(request.POST) if passwordForm.is_valid(): username = passwordForm.cleaned_data['username'] passwordOld = passwordForm.cleaned_data['passwordOld'] passwordNew1 = passwordForm.cleaned_data['passwordNew1'] passwordNew2 = passwordForm.cleaned_data['passwordNew2'] else: # need to reload to User Admin Page with all variables #log(request, 'USERADMINPAGEERROR', 'Password Form not valid', sendBackUrl) return render_to_response('useradmin.html', locals()) if passwordNew1 != passwordNew2: #log(request, 'USERADMINPAGEERROR', 'Passwords do not match', sendBackUrl) message = "Passwords do not match!" return render_to_response('useradmin.html', locals()) try: #Check username from hidden field against user.username from session if user.username != username: message = "User Names don't match. Something Funny's going on." return render_to_response('useradmin.html', locals()) # get user again based upon username just to be sure. u = User.objects.get(username__exact=username) if u: verifyOldPassword = u.check_password(passwordOld) if verifyOldPassword: u.set_password(passwordNew1) u.save() #log(request, 'USERADMINPAGE', 'Successfully Changed passwords', sendBackUrl) else: message = "Old Password did not match!" #log(request, 'USERADMINPAGEERROR', 'Old Password did not match', sendBackUrl) return render_to_response('useradmin.html', locals()) request.session[ 'message'] = "Password has been changed. Now go do something productive!" return HttpResponseRedirect("/useradmin/" + userId) #return render_to_response('useradmin.html' , locals()) else: # No user id?! Just return the user to the home page. return HttpResponseRedirect('/') except: # TODO log that there was an invalid POST #log(request, 'USERADMINPAGEERROR', 'invalid form POST', sendBackUrl) return HttpResponseRedirect('/') return render_to_response('useradmin.html', locals())
def userAdmin(request, userId2): WEB_FILES, LIVE_SITE, totalNumberOfGames, sendBackUrl, startOffset, \ user, userId, message, topHits, topRated = initialVars(request) #log(request, 'USERADMINPAGE', 'just landed', sendBackUrl) # need to convert to strings otherwise methods are unhappy. # (should look into why this is.... TODO) userId = str(userId) userId2 = str(userId2) # set sendBackUrl to their userPage if they logout sendBackUrl = "/user/" + userId # This will see if the user who's page is queried exists. try: userAdmin = User.objects.get(id__exact=userId) except ObjectDoesNotExist: request.session['message'] = "Something is amiss with your session.\ Please log in again!" return HttpResponseRedirect('/') if user == None: request.session['message'] = "Something is amiss with your session.\ Please log in again." return HttpResponseRedirect('/') elif user != userAdmin: request.session['message'] = "You aren't allowed on that page!" return HttpResponseRedirect('/') elif int(userId) != int(userId2): # just another paranoid check request.session['message'] = "You aren't allowed on that page!" return HttpResponseRedirect('/') if request.method == 'GET': # forms to change password and description try: userDescription = UserProfile.objects.get(user=user) except ObjectDoesNotExist: userDescription = None passwordForm = ChangePassword(initial={'username': user.username}) descriptionForm = UserDescription(initial={ 'userId': userId, 'description': userDescription }) elif request.method == 'POST': whichform = request.POST.get('descriptionName', '') if whichform: # Form is description form descriptionForm = UserDescription(request.POST) if descriptionForm.is_valid(): userFromProfile = descriptionForm.cleaned_data['userId'] description = descriptionForm.cleaned_data['description'] try: userDescription = UserProfile.objects.get(user=user) except ObjectDoesNotExist: userDescription = None if userDescription == None: userDescription = UserProfile(user=user, description=description) else: userDescription.description = description userDescription.save() #log(request, 'USERADMINPAGE', 'modified description', sendBackUrl) message = "The description has been changed. Perhaps to something\ more meaningful. Perhaps to less. Tough to say." else: # need to reload to User Admin Page with all variables message = "Dude, something went wrong. Why you trying to hack our\ system?" #log(request, 'USERADMINPAGEERROR', 'failed to modify description', sendBackUrl) # passwordForm = ChangePassword(initial={'username': user.username}) # return render_to_response('useradmin.html' , locals()) passwordForm = ChangePassword(initial={'username': user.username}) return render_to_response('useradmin.html' , locals()) else: # Password form is submitted, POST # First reinitialize the description form. try: userDescription = UserProfile.objects.get(user=user) except ObjectDoesNotExist: userDescription = None descriptionForm = UserDescription(initial={ 'userId': userId, 'description': userDescription }) passwordForm = ChangePassword(request.POST) if passwordForm.is_valid(): username = passwordForm.cleaned_data['username'] passwordOld = passwordForm.cleaned_data['passwordOld'] passwordNew1 = passwordForm.cleaned_data['passwordNew1'] passwordNew2 = passwordForm.cleaned_data['passwordNew2'] else: # need to reload to User Admin Page with all variables #log(request, 'USERADMINPAGEERROR', 'Password Form not valid', sendBackUrl) return render_to_response('useradmin.html' , locals()) if passwordNew1 != passwordNew2: #log(request, 'USERADMINPAGEERROR', 'Passwords do not match', sendBackUrl) message = "Passwords do not match!" return render_to_response('useradmin.html' , locals()) try: #Check username from hidden field against user.username from session if user.username != username: message = "User Names don't match. Something Funny's going on." return render_to_response('useradmin.html' , locals()) # get user again based upon username just to be sure. u = User.objects.get(username__exact=username) if u: verifyOldPassword = u.check_password(passwordOld) if verifyOldPassword: u.set_password(passwordNew1) u.save() #log(request, 'USERADMINPAGE', 'Successfully Changed passwords', sendBackUrl) else: message = "Old Password did not match!" #log(request, 'USERADMINPAGEERROR', 'Old Password did not match', sendBackUrl) return render_to_response('useradmin.html' , locals()) request.session['message'] = "Password has been changed. Now go do something productive!" return HttpResponseRedirect("/useradmin/" + userId) #return render_to_response('useradmin.html' , locals()) else: # No user id?! Just return the user to the home page. return HttpResponseRedirect('/') except: # TODO log that there was an invalid POST #log(request, 'USERADMINPAGEERROR', 'invalid form POST', sendBackUrl) return HttpResponseRedirect('/') return render_to_response('useradmin.html', locals())