def test_reset_form_get_users(self): """Check that a user with an unknown password hash can reset their password""" user = User.objects.create_user("testuser", email="*****@*****.**") # Using Django's password reset form, no user will be returned form = PasswordResetForm() dj_users = form.get_users("*****@*****.**") self.assertEqual(len(list(dj_users)), 0) # But using our form, a user will be returned form = FsPasswordResetForm() fs_users = form.get_users("*****@*****.**") self.assertEqual(list(fs_users)[0].get_username(), user.get_username())
def forget_password(request,*args,**kwargs): if request.method == "POST": form = PasswordResetForm(request.POST) if form.is_valid(): user=form.get_users(form.cleaned_data['email']) if user is not None: user.reset_password_code=make_password(user.username,'reset_password',hasher='pbkdf2_sha256') subject='password reset' message='please open the link below to activate your account\n'\ +SITE_URL+'people/'+user.username+'/reset_password_code/'+tokens user.email_user(subject,message,EMAIL_SENDER) user.save() return redirect('/people/reset_password_done/') else: username=None context={'title':'activation','message':'your account has been activated or activation code is out of date'} redirect('/people/%s/' %username,context) # return HttpResponseRedirect(post_reset_redirect) else: form = PasswordResetForm() context = { 'form': form, 'title':'Password reset', } return render(request, 'people/reset_password.html',context)
def post(self, request, *args, **kwargs): serializer_context = {'request': request} serializer = self.serializer_class(data=request.data, context=serializer_context) context = { 'success': False, 'request': request, } if serializer.is_valid(): form = PasswordResetForm(data=serializer.data) form.is_valid() users = form.get_users(serializer.data['email']) users = list(users) if not users: context['serializer'] = serializer context['error_message'] = _('No matching user found.') return Response(context, status=status.HTTP_400_BAD_REQUEST) form.save( email_template_name= 'localcosmos_server/registration/password_reset_email.html') context['success'] = True else: context['serializer'] = serializer return Response(context, status=status.HTTP_400_BAD_REQUEST) context['serializer'] = serializer return Response(context)
def obj_create(self, bundle, **kwargs): required = ['username', ] check_required_params(bundle, required) username = bundle.data['username'] # find if username or email address user = User.objects.filter(Q(username=username) | Q(email__iexact=username)).first() if user is not None: prf = PasswordResetForm({'email': user.email}) if prf.is_valid(): prf.get_users(user.email) prf.save(request=bundle.request, from_email=settings.SERVER_EMAIL, use_https=bundle.request.is_secure()) return bundle
def forgot(request): form = PasswordResetForm(request.POST) if form.is_valid(): email = form.cleaned_data['email'] try: # If there are active user(s) that match email next(form.get_users(email)) form.save(request=request) response_data = {'result': 'success', 'guest': True} status_code = status.HTTP_200_OK except StopIteration: response_data = {'errors': ["Email cannot be found"]} status_code = status.HTTP_400_BAD_REQUEST else: response_data = {'errors': ["Email is invalid"]} status_code = status.HTTP_400_BAD_REQUEST return Response(data=response_data, status=status_code)
def request_password_reset(request): if request.method != "POST": return JsonResponse({"status": 405}, status=405) data = None if request.content_type.startswith('application/json'): data = json.load(request) else: data = request.POST form = PasswordResetForm(data) if not form.is_valid(): return JsonResponse(form.errors, status=400) users = list(form.get_users(form.cleaned_data["email"])) if not users: return JsonResponse( { "email": "No active account is associated with given email address." }, status=400) subject = "Password Reset" for user in users: template_context = _email_context(request, user) message = render_to_string("accounts/reset_password_email.txt", template_context) html_message = render_to_string("accounts/reset_password_email.html", template_context) recipient_list = [user.email] send_mail(subject, message, settings.EMAIL_HOST_USER, recipient_list, html_message=html_message) return JsonResponse({"status": 200})