def register(request, template_name="account/register.html"):
'''
This allows the anonymous user to become a registered user.
This is the form used to register a new user and sends email with the action link with a time out.
'''
if request.user.is_authenticated():
# They already have an account; don't let them register again
return HttpResponseRedirect(reverse('YAAS.views.my_account'))
if request.method == 'POST':
postdata = request.POST.copy()
page_title='Registration form'
form = RegistrationForm(postdata)
if form.is_valid():
# Build the activation key for their account
human = True
un = postdata.get('user_name','')
pw = postdata.get('pass_word','')
em = postdata.get('email','')
fn = postdata.get('first_name','')
ln = postdata.get('last_name','')
pn = postdata.get('phone_number','')
sx = postdata.get('sex','')
salt = sha_constructor(str(random.random())).hexdigest()[:5]
activation_key = sha_constructor(salt+un).hexdigest()
key_expires = datetime.datetime.today() + datetime.timedelta(2)
# Create and save their profile
hashpw = extra.hashPassword(pw)
new_profile = CustomUser.objects.create_user(username=un, email=em, password=hashpw)
new_profile.is_active = False
new_profile.first_name = fn
new_profile.last_name = ln
new_profile.activation_key = activation_key
new_profile.keyexpiry_date = key_expires
new_profile.phone_number = pn
new_profile.sex = sx
new_profile.save()
t = loader.get_template('registration/email.txt')
c = Context({
'firstname': new_profile.first_name,
'lastname': new_profile.last_name,
'site_name': 'YAAS Auction Site',
'username': new_profile.username,
'activationkey': new_profile.activation_key,
'admin': 'Kenneth Odoh',
})
email_subject = 'Your new YAAS account'
send_mail(email_subject, t.render(c), '*****@*****.**', [new_profile.email], fail_silently=False)
return HttpResponseRedirect(reverse('my_account'))
else:
#errors
form = RegistrationForm()
return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def login(request, template_name="account/login.html"):
'''
This is form is used to make a user login.
'''
if request.method == 'POST':
postdata = request.POST.copy()
page_title='Login form'
form = LoginForm(request, postdata)
if form.is_valid():
un = postdata.get('username','')
pw = postdata.get('password','')
hashpw = extra.hashPassword(pw)
from django.contrib.auth import login, authenticate
new_user = authenticate(username=un, password=hashpw)
if new_user and new_user.is_active:
login(request, new_user)
request.session['session_id'] = extra.generate_session_id()
return HttpResponseRedirect(reverse('my_account'))
else:
return render_to_response('errors/login.html',
context_instance=RequestContext(request))
else:
form = LoginForm(request=request, label_suffix=':')
# set the test cookie on our first GET request
request.session.set_test_cookie()
return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def password_change(request, template_name="account/password_change.html"):
'''
This allows the registered user to change their password
'''
if request.method == 'POST' and request.user.is_authenticated():
page_title='Password Change form'
postdata = request.POST.copy()
form = PasswordForm(CustomUser,postdata)
if form.is_valid():
human = True
pw = postdata.get('new_password','')
user_profile = get_object_or_404(CustomUser, pk=request.user.id)
hashpw = extra.hashPassword(pw)
user_profile.set_password(hashpw)
user_profile.save()
#force user log out
return HttpResponseRedirect(reverse('login'))
else:
form = PasswordForm(CustomUser)
return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def clean_password(self):
oldpass = self.cleaned_data['old_password']
hashpw = extra.hashPassword(oldpass)
valid = self.user.check_password(hashpw)
if not valid:
raise forms.ValidationError("Password Incorrect")
