def research_settings(request):
"""
Provides a view with which users can modify their settings
"""
passchange_form = PasswordChangeForm(
request.POST if request.POST else None)
if request.method == "POST":
if passchange_form.is_valid():
newpassword = passchange_form.cleaned_data["newpassword1"]
username = request.user.username
password = passchange_form.cleaned_data["oldpassword"]
user = authenticate(username=username, password=password)
if user:
user.set_password(newpassword)
user.save()
return redirect("research dashboard")
else:
return render(
request,
"change_password.html",
{
"form_errors": "You have entered wrong old password",
"form": passchange_form,
},
)
else:
form = PasswordChangeForm()
return render(request, "research_settings.html",
{"passchange_form": passchange_form})
def password_change(request):
"""Change password ajax view."""
form = PasswordChangeForm(user=request.user, data=request.POST)
if not form.is_valid():
return {'status': 'error', 'errors': dict(form.errors.iteritems())}
else:
form.save()
return {'status': 'success'}
def test_valid_input(self):
form = PasswordChangeForm(self.user,
data={
'password': '******',
'new_password': '******',
'new_password2': 'newpass'
})
assert form.is_valid()
def test_passwords_not_matching(self):
form = PasswordChangeForm(self.user,
data={
'password': '******',
'new_password': '******',
'new_password2': 'secondpass'
})
assert not form.is_valid()
def test_wrong_password(self):
form = PasswordChangeForm(self.user,
data={
'password': '******',
'new_password': '******',
'new_password2': 'newpassword'
})
assert not form.is_valid()
def test_passwords_not_matching(self):
form = PasswordChangeForm(
self.user,
data={
'password': '******',
'new_password': '******',
'new_password2': 'secondpass'
})
assert not form.is_valid()
def test_valid_input(self):
form = PasswordChangeForm(
self.user,
data={
'password': '******',
'new_password': '******',
'new_password2': 'newpass'
})
assert form.is_valid()
def password_change(request):
"""Change password ajax view."""
form = PasswordChangeForm(user=request.user, data=request.POST)
if not form.is_valid():
return {'status': 'error',
'errors': dict(form.errors.iteritems())}
else:
form.save()
return {'status': 'success'}
def test_wrong_password(self):
form = PasswordChangeForm(
self.user,
data={
'password': '******',
'new_password': '******',
'new_password2': 'newpassword'
})
assert not form.is_valid()
def test_form_with_valid_inputs_passes_validation(self):
test_inputs = {
'current_password': self.old_password,
'new_password': '******',
'confirm_password': '******',
}
form = PasswordChangeForm(user=self.user, data=test_inputs)
self.assertTrue(form.is_valid())
def test_form_fails_validation_if_old_password_wrong(self):
test_inputs = {
'current_password': '******',
'new_password': '******',
'confirm_password': '******',
}
form = PasswordChangeForm(user=self.user, data=test_inputs)
self.assertFalse(form.is_valid())
def test_form_fails_validation_if_passwords_dont_match(self):
test_inputs = {
'current_password': self.old_password,
'new_password': '******',
'confirm_password': '******',
}
form = PasswordChangeForm(user=self.user, data=test_inputs)
self.assertFalse(form.is_valid())
def password_change(request):
"""Change password form page."""
if request.method == 'POST':
form = PasswordChangeForm(user=request.user, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('users.pw_change_complete'))
else:
form = PasswordChangeForm(user=request.user)
return jingo.render(request, 'users/pw_change.html', {'form': form})
def test_same_old_and_new_password(self):
"""
Form should be invalidated when the new password is the same as the
old password.
"""
data = {
"oldpassword": self.password,
"newpassword1": self.password,
"newpassword2": self.password,
}
form = PasswordChangeForm(data=data)
self.assertFalse(form.is_valid())
def test_changing_to_weak_password(self):
"""
The form should not be validated when the user tries to use a weak
password.
"""
weak_pass = "******"
data = {
"oldpassword": self.password,
"newpassword1": weak_pass,
"newpassword2": weak_pass,
}
form = PasswordChangeForm(data=data)
self.assertFalse(form.is_valid())
def test_password_change(self):
"""
Ensure that the ChangePasswordForm correctly validates the user input
when they enter their original password, and the new passwords match.
"""
newpass = random_password(self.rd)
data = {
"oldpassword": self.password,
"newpassword1": newpass,
"newpassword2": newpass,
}
form = PasswordChangeForm(data=data)
self.assertTrue(form.is_valid())
def user_password_change(request):
"""
Change user password
"""
form = PasswordChangeForm(data=request.POST or None, user=request.user)
if request.method == 'POST':
if form.is_valid():
form.save()
messages.success(request, "Password changed successfully")
return redirect('login')
context = {'form': form}
template = 'users/change_password.html'
return render(request, template, context)
def test_new_passwords_do_not_match(self):
"""
The form should be invalidated when the user enters two different
passwords.
"""
newpass1 = "ed3447ba-2a94-4a58-b5ae-90b8d64aa292"
newpass2 = "06fe3a38-09cb-43aa-a87b-f06cbb43c787"
data = {
"oldpassword": self.password,
"newpassword1": newpass1,
"newpassword2": newpass2,
}
form = PasswordChangeForm(data=data)
self.assertFalse(form.is_valid())
def change_password(request):
# Source: https://simpleisbetterthancomplex.com/tips/2016/08/04/django-tip-9-password-change-form.html
if request.method != 'POST':
form = PasswordChangeForm(request.user)
else:
form = PasswordChangeForm(request.user, request.POST)
if form.update(request):
return redirect('home')
# Render
context = regular_context(request.user)
context['form'] = form
return render(request, 'change_password.html', context)
def post(self, request: HttpRequest) -> Union[HttpResponseRedirect,
HttpResponse]:
form = PasswordChangeForm(request.POST)
if form.is_valid():
form_data = form.cleaned_data
user: User = User.objects.filter(username=request.user).first()
if user.check_password(form_data['old_password']):
user.set_password(form_data['password'])
user.save()
messages.info(request, 'Password changed')
return redirect(LogInView.name)
messages.error(request, 'Wrong password')
return render(request, 'users/password_change.html', {'form': form})
messages.error(request, 'Passwords not match')
return render(request, 'users/password_change.html', {'form': form})
def passwordChange(request):
if request.method == 'POST':
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
form.save()
messages.success(request, 'Contraseña cambiada con éxito')
return redirect(index)
else:
form = PasswordChangeForm(request.user)
return render(request, 'users/password_change.html', locals())
def password_change(request):
"""Change password form page."""
if request.method == 'POST':
form = PasswordChangeForm(user=request.user, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('users.pw_change_complete'))
else:
form = PasswordChangeForm(user=request.user)
return jingo.render(request, 'users/pw_change.html', {'form': form})
def chpw(request, key=None, template_name='users/chpw_req.html'):
from users.forms import PasswordChangeRequestForm, PasswordChangeForm
if not key:
form = PasswordChangeRequestForm(request.POST)
else:
form = PasswordChangeForm(key, request.POST)
if request.method == 'POST':
if form.is_valid():
if not key:
user = form.cleaned_data['username'] or \
form.cleaned_data['email']
if not user:
return render_to_response(
template_name, {
'form':
form,
'error_message':
_(u'Please specify valid Username or E-mail.'),
},
context_instance=RequestContext(request))
form.save(user)
return HttpResponseRedirect('/chpw_urlsent/')
else:
form.save(form.cleaned_data['user'], form.cleaned_data['pwd'])
return HttpResponseRedirect('/chpw_done/')
else:
return render_to_response(template_name, {
'form': form,
},
context_instance=RequestContext(request))
else:
if not key:
form = PasswordChangeRequestForm()
else:
form = PasswordChangeForm(key)
return render_to_response(template_name, {
'form': form,
},
context_instance=RequestContext(request))
def change_password(request):
user = request.user
form = PasswordChangeForm(user)
if request.method == "POST":
form = PasswordChangeForm(user, request.POST)
if form.is_valid():
u = form.save()
update_session_auth_hash(request, u)
messages.success(request, "Password successfully changed")
return redirect(reverse('accounts:profile'))
template = 'accounts/change_password.html'
context = {'form': form}
return render(request, template, context)
def get(self, request: HttpRequest) -> TemplateResponse:
form = PasswordChangeForm()
return render(request, 'users/password_change.html', {'form': form})
