def sign_in_by_email(request): if not settings.RELATE_SIGN_IN_BY_EMAIL_ENABLED: messages.add_message(request, messages.ERROR, _("Email-based sign-in is not being used")) return redirect("relate-sign_in_choice") if request.method == 'POST': form = SignInByEmailForm(request.POST) if form.is_valid(): email = form.cleaned_data["email"] user, created = get_user_model().objects.get_or_create( email__iexact=email, defaults=dict(username=email, email=email)) if created: user.set_unusable_password() user.status = user_status.unconfirmed, user.sign_in_key = make_sign_in_key(user) user.save() from relate.utils import render_email_template message = render_email_template("course/sign-in-email.txt", { "user": user, "sign_in_uri": request.build_absolute_uri( reverse( "relate-sign_in_stage2_with_token", args=(user.id, user.sign_in_key,))), "home_uri": request.build_absolute_uri(reverse("relate-home")) }) from django.core.mail import EmailMessage msg = EmailMessage( _("Your %(relate_site_name)s sign-in link") % {"relate_site_name": _(get_site_name())}, message, getattr(settings, "NO_REPLY_EMAIL_FROM", settings.ROBOT_EMAIL_FROM), [email]) from relate.utils import get_outbound_mail_connection msg.connection = ( get_outbound_mail_connection("no_reply") if hasattr(settings, "NO_REPLY_EMAIL_FROM") else get_outbound_mail_connection("robot")) msg.send() messages.add_message(request, messages.INFO, _("Email sent. Please check your email and click the link.")) return redirect("relate-home") else: form = SignInByEmailForm() return render(request, "course/login-by-email.html", { "form_description": "", "form": form })
def sign_in_by_email(request): if not settings.RELATE_SIGN_IN_BY_EMAIL_ENABLED: messages.add_message(request, messages.ERROR, _("Email-based sign-in is not being used")) return redirect("relate-sign_in_choice") if request.method == 'POST': form = SignInByEmailForm(request.POST) if form.is_valid(): email = form.cleaned_data["email"] user, created = get_user_model().objects.get_or_create( email__iexact=email, defaults=dict(username=email, email=email)) if created: user.set_unusable_password() user.status = user_status.unconfirmed, user.sign_in_key = make_sign_in_key(user) user.save() from relate.utils import render_email_template message = render_email_template("course/sign-in-email.txt", { "user": user, "sign_in_uri": request.build_absolute_uri( reverse( "relate-sign_in_stage2_with_token", args=(user.id, user.sign_in_key,))), "home_uri": request.build_absolute_uri(reverse("relate-home")) }) from django.core.mail import EmailMessage msg = EmailMessage( _("Your %(relate_site_name)s sign-in link") % {"relate_site_name": _(get_site_name())}, message, getattr(settings, "NO_REPLY_EMAIL_FROM", settings.ROBOT_EMAIL_FROM), [email]) from relate.utils import get_outbound_mail_connection msg.connection = ( get_outbound_mail_connection("no_reply") if hasattr(settings, "NO_REPLY_EMAIL_FROM") else get_outbound_mail_connection("robot")) msg.send() messages.add_message(request, messages.INFO, _("Email sent. Please check your email and click the link.")) return redirect("relate-home") else: form = SignInByEmailForm() return render(request, "course/login-by-email.html", { "form_description": "", "form": form })
def reset_password_stage2(request, user_id, sign_in_key): if not settings.RELATE_REGISTRATION_ENABLED: raise SuspiciousOperation(_("self-registration is not enabled")) def check_sign_in_key(user_id, token): user = get_user_model().objects.get(id=user_id) return user.sign_in_key == token try: if not check_sign_in_key(user_id=int(user_id), token=sign_in_key): messages.add_message( request, messages.ERROR, _("Invalid sign-in token. Perhaps you've used an old token " "email?")) raise PermissionDenied(_("invalid sign-in token")) except get_user_model().DoesNotExist: messages.add_message(request, messages.ERROR, _("Account does not exist.")) raise PermissionDenied(_("invalid sign-in token")) if request.method == 'POST': form = ResetPasswordStage2Form(request.POST) if form.is_valid(): from django.contrib.auth import authenticate, login user = authenticate(user_id=int(user_id), token=sign_in_key) if user is None: messages.add_message( request, messages.ERROR, _("Invalid sign-in token. Perhaps you've used an old token " "email?")) raise PermissionDenied(_("invalid sign-in token")) if not user.is_active: messages.add_message(request, messages.ERROR, _("Account disabled.")) raise PermissionDenied(_("invalid sign-in token")) user.set_password(form.cleaned_data["password"]) user.save() login(request, user) if (not (user.first_name and user.last_name) or "to_profile" in request.GET): messages.add_message( request, messages.INFO, _("Successfully signed in. " "Please complete your registration information below.")) return redirect( reverse("relate-user_profile") + "?first_login=1") else: messages.add_message(request, messages.INFO, _("Successfully signed in.")) return redirect("relate-home") else: form = ResetPasswordStage2Form() return render( request, "generic-form.html", { "form_description": _("Password reset on %(site_name)s") % { "site_name": _(get_site_name()) }, "form": form })
def reset_password(request, field="email"): if not settings.RELATE_REGISTRATION_ENABLED: raise SuspiciousOperation(_("self-registration is not enabled")) # return form class by string of class name ResetPasswordForm = globals()["ResetPasswordFormBy" + field.title()] # noqa if request.method == 'POST': form = ResetPasswordForm(request.POST) user = None if form.is_valid(): exist_users_with_same_email = False if field == "instid": inst_id = form.cleaned_data["instid"] try: user = get_user_model().objects.get( institutional_id__iexact=inst_id) except ObjectDoesNotExist: pass if field == "email": email = form.cleaned_data["email"] try: user = get_user_model().objects.get(email__iexact=email) except ObjectDoesNotExist: pass except MultipleObjectsReturned: exist_users_with_same_email = True if exist_users_with_same_email: # This is for backward compatibility. messages.add_message( request, messages.ERROR, _("Failed to send an email: multiple users were " "unexpectedly using that same " "email address. Please " "contact site staff.")) else: if user is None: FIELD_DICT = { # noqa "email": _("email address"), "instid": _("institutional ID") } messages.add_message( request, messages.ERROR, _("That %(field)s doesn't have an " "associated user account. Are you " "sure you've registered?") % {"field": FIELD_DICT[field]}) else: if not user.email: messages.add_message( request, messages.ERROR, _("The account with that institution ID " "doesn't have an associated email.")) else: email = user.email user.sign_in_key = make_sign_in_key(user) user.save() from relate.utils import render_email_template message = render_email_template( "course/sign-in-email.txt", { "user": user, "sign_in_uri": request.build_absolute_uri( reverse("relate-reset_password_stage2", args=( user.id, user.sign_in_key, ))), "home_uri": request.build_absolute_uri( reverse("relate-home")) }) from django.core.mail import EmailMessage msg = EmailMessage( string_concat("[%s] " % _(get_site_name()), _("Password reset")), message, getattr(settings, "NO_REPLY_EMAIL_FROM", settings.ROBOT_EMAIL_FROM), [email]) from relate.utils import get_outbound_mail_connection msg.connection = ( get_outbound_mail_connection("no_reply") if hasattr(settings, "NO_REPLY_EMAIL_FROM") else get_outbound_mail_connection("robot")) msg.send() if field == "instid": messages.add_message( request, messages.INFO, _("The email address associated with that " "account is %s.") % masked_email(email)) messages.add_message( request, messages.INFO, _("Email sent. Please check your email and " "click the link.")) return redirect("relate-home") else: form = ResetPasswordForm() return render( request, "reset-passwd-form.html", { "field": field, "form_description": _("Password reset on %(site_name)s") % { "site_name": _(get_site_name()) }, "form": form })
def sign_up(request): if not settings.RELATE_REGISTRATION_ENABLED: raise SuspiciousOperation(_("self-registration is not enabled")) if request.method == 'POST': form = SignUpForm(request.POST) if form.is_valid(): if get_user_model().objects.filter( username=form.cleaned_data["username"]).count(): messages.add_message( request, messages.ERROR, _("A user with that username already exists.")) else: email = form.cleaned_data["email"] user = get_user_model()(email=email, username=form.cleaned_data["username"]) user.set_unusable_password() user.status = user_status.unconfirmed user.sign_in_key = make_sign_in_key(user) user.save() from relate.utils import render_email_template message = render_email_template( "course/sign-in-email.txt", { "user": user, "sign_in_uri": request.build_absolute_uri( reverse("relate-reset_password_stage2", args=( user.id, user.sign_in_key, )) + "?to_profile=1"), "home_uri": request.build_absolute_uri(reverse("relate-home")) }) from django.core.mail import EmailMessage msg = EmailMessage( string_concat("[%s] " % _(get_site_name()), _("Verify your email")), message, getattr(settings, "NO_REPLY_EMAIL_FROM", settings.ROBOT_EMAIL_FROM), [email]) from relate.utils import get_outbound_mail_connection msg.connection = (get_outbound_mail_connection("no_reply") if hasattr(settings, "NO_REPLY_EMAIL_FROM") else get_outbound_mail_connection("robot")) msg.send() messages.add_message( request, messages.INFO, _("Email sent. Please check your email and click " "the link.")) return redirect("relate-home") else: if ("email" in form.errors and "That email address is already in use." in form.errors["email"]): messages.add_message( request, messages.ERROR, _("That email address is already in use. " "Would you like to " "<a href='%s'>reset your password</a> instead?") % reverse("relate-reset_password")) else: form = SignUpForm() return render(request, "generic-form.html", { "form_description": _("Sign up"), "form": form })
def reset_password_stage2(request, user_id, sign_in_key): if not settings.RELATE_REGISTRATION_ENABLED: raise SuspiciousOperation( _("self-registration is not enabled")) def check_sign_in_key(user_id, token): user = get_user_model().objects.get(id=user_id) return user.sign_in_key == token try: if not check_sign_in_key(user_id=int(user_id), token=sign_in_key): messages.add_message(request, messages.ERROR, _("Invalid sign-in token. Perhaps you've used an old token " "email?")) raise PermissionDenied(_("invalid sign-in token")) except get_user_model().DoesNotExist: messages.add_message(request, messages.ERROR, _("Account does not exist.")) raise PermissionDenied(_("invalid sign-in token")) if request.method == 'POST': form = ResetPasswordStage2Form(request.POST) if form.is_valid(): from django.contrib.auth import authenticate, login user = authenticate(user_id=int(user_id), token=sign_in_key) if user is None: messages.add_message(request, messages.ERROR, _("Invalid sign-in token. Perhaps you've used an old token " "email?")) raise PermissionDenied(_("invalid sign-in token")) if not user.is_active: messages.add_message(request, messages.ERROR, _("Account disabled.")) raise PermissionDenied(_("invalid sign-in token")) user.set_password(form.cleaned_data["password"]) user.save() login(request, user) if (not (user.first_name and user.last_name) or "to_profile" in request.GET): messages.add_message(request, messages.INFO, _("Successfully signed in. " "Please complete your registration information below.")) return redirect( reverse("relate-user_profile")+"?first_login=1") else: messages.add_message(request, messages.INFO, _("Successfully signed in.")) return redirect("relate-home") else: form = ResetPasswordStage2Form() return render(request, "generic-form.html", { "form_description": _("Password reset on %(site_name)s") % {"site_name": _(get_site_name())}, "form": form })
def reset_password(request, field="email"): if not settings.RELATE_REGISTRATION_ENABLED: raise SuspiciousOperation( _("self-registration is not enabled")) # return form class by string of class name ResetPasswordForm = globals()["ResetPasswordFormBy" + field.title()] # noqa if request.method == 'POST': form = ResetPasswordForm(request.POST) user = None if form.is_valid(): exist_users_with_same_email = False if field == "instid": inst_id = form.cleaned_data["instid"] try: user = get_user_model().objects.get( institutional_id__iexact=inst_id) except ObjectDoesNotExist: pass if field == "email": email = form.cleaned_data["email"] try: user = get_user_model().objects.get(email__iexact=email) except ObjectDoesNotExist: pass except MultipleObjectsReturned: exist_users_with_same_email = True if exist_users_with_same_email: # This is for backward compatibility. messages.add_message(request, messages.ERROR, _("Failed to send an email: multiple users were " "unexpectedly using that same " "email address. Please " "contact site staff.")) else: if user is None: FIELD_DICT = { # noqa "email": _("email address"), "instid": _("institutional ID") } messages.add_message(request, messages.ERROR, _("That %(field)s doesn't have an " "associated user account. Are you " "sure you've registered?") % {"field": FIELD_DICT[field]}) else: if not user.email: messages.add_message(request, messages.ERROR, _("The account with that institution ID " "doesn't have an associated email.")) else: email = user.email user.sign_in_key = make_sign_in_key(user) user.save() from relate.utils import render_email_template message = render_email_template( "course/sign-in-email.txt", { "user": user, "sign_in_uri": request.build_absolute_uri( reverse( "relate-reset_password_stage2", args=(user.id, user.sign_in_key,))), "home_uri": request.build_absolute_uri( reverse("relate-home")) }) from django.core.mail import EmailMessage msg = EmailMessage( string_concat("[%s] " % _(get_site_name()), _("Password reset")), message, getattr(settings, "NO_REPLY_EMAIL_FROM", settings.ROBOT_EMAIL_FROM), [email]) from relate.utils import get_outbound_mail_connection msg.connection = ( get_outbound_mail_connection("no_reply") if hasattr(settings, "NO_REPLY_EMAIL_FROM") else get_outbound_mail_connection("robot")) msg.send() if field == "instid": messages.add_message(request, messages.INFO, _("The email address associated with that " "account is %s.") % masked_email(email)) messages.add_message(request, messages.INFO, _("Email sent. Please check your email and " "click the link.")) return redirect("relate-home") else: form = ResetPasswordForm() return render(request, "reset-passwd-form.html", { "field": field, "form_description": _("Password reset on %(site_name)s") % {"site_name": _(get_site_name())}, "form": form })
def sign_up(request): if not settings.RELATE_REGISTRATION_ENABLED: raise SuspiciousOperation( _("self-registration is not enabled")) if request.method == 'POST': form = SignUpForm(request.POST) if form.is_valid(): if get_user_model().objects.filter( username=form.cleaned_data["username"]).count(): messages.add_message(request, messages.ERROR, _("A user with that username already exists.")) else: email = form.cleaned_data["email"] user = get_user_model()( email=email, username=form.cleaned_data["username"]) user.set_unusable_password() user.status = user_status.unconfirmed user.sign_in_key = make_sign_in_key(user) user.save() from relate.utils import render_email_template message = render_email_template("course/sign-in-email.txt", { "user": user, "sign_in_uri": request.build_absolute_uri( reverse( "relate-reset_password_stage2", args=(user.id, user.sign_in_key,)) + "?to_profile=1"), "home_uri": request.build_absolute_uri( reverse("relate-home")) }) from django.core.mail import EmailMessage msg = EmailMessage( string_concat("[%s] " % _(get_site_name()), _("Verify your email")), message, getattr(settings, "NO_REPLY_EMAIL_FROM", settings.ROBOT_EMAIL_FROM), [email]) from relate.utils import get_outbound_mail_connection msg.connection = ( get_outbound_mail_connection("no_reply") if hasattr(settings, "NO_REPLY_EMAIL_FROM") else get_outbound_mail_connection("robot")) msg.send() messages.add_message(request, messages.INFO, _("Email sent. Please check your email and click " "the link.")) return redirect("relate-home") else: if ("email" in form.errors and "That email address is already in use." in form.errors["email"]): messages.add_message(request, messages.ERROR, _("That email address is already in use. " "Would you like to " "<a href='%s'>reset your password</a> instead?") % reverse( "relate-reset_password")) else: form = SignUpForm() return render(request, "generic-form.html", { "form_description": _("Sign up"), "form": form })