def user(request): if not request.user.is_authenticated(): messages.error(request, "Authentication required to access account information.") return redirect("/") u = User.objects.get(username=request.user) if request.method == "POST": pform = SetPasswordForm(user=u, data=request.POST) if pform.is_valid(): pform.save() messages.success(request, "Password Updated.") #else: # messages.warning(request, "Invalid Password.") mform = UserEmailForm(request.POST) if mform.is_valid(): m = mform.cleaned_data["email"] if m != u.email: u.email = m u.save() messages.success(request, "Email Address Updated.") else: messages.warning(request, "Invalid Email Address.") return redirect(".") #rc = RequestContext(request, { c = { 'form': QueryForm(), 'authform': AuthenticationForm(), 'passform': SetPasswordForm(request.user), 'emailform': UserEmailForm(instance=u), 'redirect': request.path, } #return render_to_response("account.html", rc) return render(request, "account.html", c)
def password_change(request, template_name='usuario/perfil/cambiar_clave.html', current_app=None, extra_context=None, expresion=None, tipo_mensaje=None, mensaje=None, palabra_clave=None): context = {} context.update(csrf(request)) # Determinar cuál formulario usar. # 'Asignar' no necesita contraseña anterior # 'Cambiar' necesita contraseña anterior accion = '' if palabra_clave == 'asignar': form = SetPasswordForm(user=request.user, data=request.POST or None) accion = 'cambiada' elif palabra_clave == 'cambiar': accion = 'actualizada' form = PasswordChangeForm(user=request.user, data=request.POST or None) if form.is_valid(): form.save() mensaje = u'Contraseña %s exitosamente' %(accion) tipo_mensaje = 'success' else: tipo_mensaje = 'error' for error in form.errors: mensaje = form.errors['%s' %(error)].as_text().replace('* ','') (tipo_mensaje, expresion) = msj_expresion(tipo_mensaje) context.update({'formulario':form}) context.update({'request':request}) context.update({'mensaje':mensaje}) context.update({'tipo_mensaje':tipo_mensaje}) context.update({'expresion':expresion}) return render_to_response(template_name, context)
def manager_update(request, id=None): user = User.objects.get(pk=id) user.save() if request.method == "POST": passForm = SetPasswordForm(user=user, data=request.POST) if passForm.is_valid(): passForm.save() messages.info(request, f"Password Changed") return redirect('adminPage') form = UpdateUserForm(request.POST, instance=user) if form.is_valid(): data = form.cleaned_data['email'] if "@crowdstrike.com" in data: form.save() return redirect('adminPage') #Not sure else: msg = 'Please use a crowdstrike email' form._errors['email'] = form.error_class([msg]) else: passForm = SetPasswordForm(user=user) form = UpdateUserForm(instance=user) context = {'form': form, 'passForm': passForm} return render(request, 'update_manager.html', context)
def forgot(request): if request.method == 'POST': ema = request.POST['email'] if (User.objects.filter(email=ema).exists()): user = User.objects.get(email=ema) data = { 'new_password1': request.POST['password'], 'new_password2': request.POST['password2'] } form = SetPasswordForm(user, data) if form.is_valid(): form.save() return render(request, "login.html", {'message': 'password successfully changed.'}) else: return render(request, 'resetpassword.html', { 'message': 'Password change unsuccessful. Please try again' }) else: return render( request, "resetpassword.html", {'message': 'User with specified email doesnot exist'}) else: return render(request, 'resetpassword.html')
def resetPassword(self, request): uidb64 = request.POST.get("uidb64") token = request.POST.get("token") password1 = request.POST.get("password1") password2 = request.POST.get("password2") try: uid = urlsafe_base64_decode(uidb64) user = User._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None token_generator = default_token_generator if user is not None and token_generator.check_token(user, token): context = {"status": 0} form = SetPasswordForm(user, request.POST) if form.is_valid(): user = form.save() else: context["status"] = -1 context["errors"] = [] for k, v in form.errors.items(): context["errors"].append(v.as_text()) return HttpResponse(json.dumps(context), content_type="application/json") else: context = {"status": -1} context["errors"].append(u'密码重置链接已失效') return HttpResponse(json.dumps(context), status=403)
def resetPassword(request, resetStr): filter_kwargs = { 'codestr__exact': resetStr, } selection = passwordreset.objects.filter(**filter_kwargs) if len(selection)>0: slot = selection[0] user = User.objects.get(username=slot.username) now = dt.datetime.now() slottime = slot.requesttime slottime = slottime.replace(tzinfo=None) diff = now - slottime diff_seconds = diff.total_seconds() if diff_seconds<(60*60*24): form = SetPasswordForm(user=user) if request.method=='POST': form = SetPasswordForm(data=request.POST, user=user) if form.is_valid(): form.save() messages.info(request, f"Your password has been changed.") return redirect('userlogin') context = {'form': form, 'resetStr':resetStr,} return render(request, 'registration/resetpassword.html', context) return redirect('userlogin')
def change_pass(request): try: if request.method == "GET": fb = fb_utils.FBConnect(request.GET.get('code', ''), change_pass) if fb.userid != request.user.fbprofile.fb_userid: messages.error(request, "Your facebook account did not" +\ " match the one registered with LitHub.") return redirect('bookswap.views.my_account') request.session['fb_password_uuid'] = str(uuid4()) form = SetPasswordForm(user=request.user) post_uuid = request.POST.get('uuid', '') if request.method=="POST" and post_uuid and \ post_uuid == request.session["fb_password_uuid"]: form = SetPasswordForm(request.user, request.POST) if form.is_valid(): form.save() request.session['fb_password_uuid'] = "" messages.success(request, "Your password was "+\ "successfully changed.") return redirect("bookswap.views.my_account") return render(request, "fbconnect/password_change.html", {'form':form, 'uuid':request.session["fb_password_uuid"]},) except ObjectDoesNotExist: messages.error(request, "Your facebook account was not recognized.") except ValueError: messages.error(request, "There was an error getting your " +\ "information from facebook.") return redirect('bookswap.views.my_account')
def change_password(request, domain, login_id, template="users/partial/reset_password.html"): # copied from auth's password_change commcare_user = CommCareUser.get_by_user_id(login_id, domain) json_dump = {} if not commcare_user: raise Http404() django_user = commcare_user.get_django_user() if request.method == "POST": form = SetPasswordForm(user=django_user, data=request.POST) if form.is_valid() and (request.project.password_format() != 'n' or request.POST.get('new_password1').isnumeric()): form.save() json_dump['status'] = 'OK' form = SetPasswordForm(user=django_user) else: form = SetPasswordForm(user=django_user) context = _users_context(request, domain) context.update({ 'reset_password_form': form, }) json_dump['formHTML'] = render_to_string(template, context) return HttpResponse(json.dumps(json_dump))
def new_password(request, uidb64, token): if request.method != "POST": return JsonResponse({"status": 405}, status=405) user = _get_user_by_uidb64(uidb64) if user is None or not token_generator.check_token(user, token): return JsonResponse( { "status": 400, "error": "Invalid activation uid/token" }, status=400) data = None if request.content_type.startswith('application/json'): data = json.load(request) else: data = request.POST form = SetPasswordForm(user, data=data) if not form.is_valid(): return JsonResponse(form.errors, status=400) form.save() return JsonResponse({"status": 200})
def user_password(request, user_id=None, template="user/password.html"): user = request.user if not user.is_superuser: return render_403( request, _('Only superusers have access to the change \ password form.')) user_edit = get_object_or_404(User, id=user_id) if request.method == "POST": form = SetPasswordForm(user=user_edit, data=request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('user-list')) else: form = SetPasswordForm(user=user_edit) return render_to_response( template, { 'form': form, 'username': user_edit, }, context_instance=RequestContext(request), )
def updateProfile(request): perm = general_methods.control_access(request) if not perm: logout(request) return redirect('accounts:login') user = request.user user_form = DisabledUserForm(request.POST or None, instance=user) password_form = SetPasswordForm(request.user, request.POST) if request.method == 'POST': if password_form.is_valid(): user.set_password(password_form.cleaned_data['new_password1']) user.save() update_session_auth_hash(request, user) messages.success(request, 'Şifre Başarıyla Güncellenmiştir.') aktif = general_methods.controlGroup(request) if aktif == "Admin": log = str(user.get_full_name()) + " admin sifre guncellendi" log = general_methods.logwrite(request, request.user, log) return redirect('sbs:admin-profil-guncelle') elif aktif == "Arsiv": log = str( user.get_full_name()) + " arsiv yönetici sifre guncellendi" log = general_methods.logwrite(request, request.user, log) return redirect('sbs:evrak-anasayfa') else: messages.warning(request, 'Alanları Kontrol Ediniz') return render(request, 'admin/admin-profil-guncelle.html', { 'user_form': user_form, 'password_form': password_form })
def post(self, request,username): # Create a serializer with request.DATA serializer = self.serializer_class(data=request.DATA) old_password = request.DATA.get('old_password','') new_password1 = request.DATA.get('new_password1', '') new_password2 = request.DATA.get('new_password2', '') user = authenticate(username=username, password=old_password) result = {} result['errCode'] = 10000 result['errDesc'] = errMsg[10000] if user is None: result['errCode'] = 10003 result['errDesc'] = errMsg[10003] return Response(result, status=status.HTTP_200_OK) if not old_password or not new_password1 or not new_password2: result['errCode'] = 10018 result['errDesc'] = errMsg[10018] return Response(result, status=status.HTTP_200_OK) if serializer.is_valid(): # Construct the SetPasswordForm instance form = SetPasswordForm(user=user, data=serializer.data) if form.is_valid(): form.save() # Return the success message with OK HTTP status return Response(result, status=status.HTTP_200_OK) result['errCode'] = 10004 result['errDesc'] = errMsg[10004] logger.debug(serializer.errors) return Response(result, status=status.HTTP_200_OK)
def reset_password(request, uidb36, token): try: uid_int = base36_to_int(uidb36) except ValueError: raise Http404 user = get_object_or_404(User, id=uid_int) if user and default_token_generator.check_token(user, token): form = SetPasswordForm(user=user, data=request.POST or None) if form.is_valid(): user = form.save() messages.success(request, 'Kata sandi baru anda berhasil disimpan') return redirect('website:accounts:login') else: messages.warning(request, 'Maaf, permintaan atur ulang kata sandi sudah' 'kadaluarsa. Silahkan coba lagi') return redirect('website:accounts:login') context = { 'title': 'Atur Ulang', 'form': form, 'page': 'reset-password' } return render(request, 'accounts/form.html', context)
def password_reset_confirm(request, uidb36=None, token=None): token_generator = default_token_generator try: uid_int = base36_to_int(uidb36) user = User.objects.get(id=uid_int) except (ValueError, User.DoesNotExist): user = None if user is not None and token_generator.check_token(user, token): validlink = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() messages.success(request, _(u'Пароль изменён')) return redirect('/') else: form = SetPasswordForm(None) else: validlink = False form = None context = { 'form': form, 'validlink': validlink, } return render(request, 'account/password_reset_confirm.html', context)
def newpasswordset(request): if request.user.has_usable_password(): return HttpResponseRedirect(reverse('all-poll')) else: try: if request.method == 'POST': form = SetPasswordForm(data=request.POST, user=request.user) if form.is_valid(): form.save() update_session_auth_hash(request, form.user) messages.success(request, f'Password has been set sucessfully') return HttpResponseRedirect(reverse('all-poll')) else: messages.warning( request, f'Password is similar to username or is invalid') return HttpResponseRedirect(reverse('password_new_set')) else: form = SetPasswordForm(user=request.user) context = { 'form': form, } return render(request, 'poll/set-new-password.html', context) except Exception: messages.warning( request, f'Some technical error has occured pls try again') return HttpResponseRedirect(reverse('password_new_set'))
def confirm_reset_password(request, username, confirmation_code): logout(request) tagging = RecipientUserTagging.get_or_none(user__username=username) error = None if not tagging: error = "Unknown username" #elif tagging.is_confirmed: # error = "Registration is already complete." elif not tagging.confirm(confirmation_code): error = "Error confirming confirmation_code %s" % confirmation_code else: if request.POST: form = SetPasswordForm(tagging.user, request.POST) if form.is_valid(): form.save() success = tagging.confirm(confirmation_code) if not success: return render_response(request, 'procrasdonate/recipient_organizer_pages/account/confirmation_error.html', locals()) user = authenticate(username=username, password=form.cleaned_data['new_password1']) if user.is_active: login(request, user) user.message_set.create(message='Password reset complete!') return HttpResponseRedirect(reverse('recipient_organizer_dashboard')) else: return HttpResponseRedirect(reverse('login')) form = SetPasswordForm(tagging.user) instructions = """Enter a new password. It can be whatever you want, but it will be more secure if you use numbers and uppercase letters in addition to lowercase letters.""" return render_response(request, 'procrasdonate/recipient_organizer_pages/account/confirm.html', locals())
def reset_password_input(request, uid): """ Reset password and save user model """ try: user = CustomUser.objects.get(pk=uid) except CustomUser.DoesNotExist: return render(request, 'message.html', {'message': 'User ID is invalid.'}) context = { 'form': SetPasswordForm(user), 'action': '/auth/reset/change/{0}/'.format(uid), 'button_text': 'Change password' } context.update(csrf(request)) if request.POST: new_password = SetPasswordForm(user, request.POST) if new_password.is_valid(): new_password.save() return render( request, 'message.html', { 'message': 'Your password has been set. You may go ahead and sign in now.' }) else: context['form'] = new_password return render(request, 'form.html', context)
class PasswordResetConfirmSerializer(serializers.Serializer): """ 邮件重置密码 验证用户信息,保存新密码 """ new_password1 = serializers.CharField(max_length=128) new_password2 = serializers.CharField(max_length=128) uid = serializers.CharField() token = serializers.CharField() set_password_form_class = SetPasswordForm _errors = {} def validate(self, attrs): try: uid = force_text(urlsafe_base64_decode(attrs['uid'])) self.user = UserModel._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): raise exceptions.ValidationError({"value_error": "Uid is invalid"}) self.set_password_form = SetPasswordForm(user=self.user, data=attrs) if not self.set_password_form.is_valid(): raise serializers.ValidationError(self.set_password_form.errors) if not default_token_generator.check_token(self.user, attrs['token']): raise exceptions.ValidationError({"value_error": "Token is invalid"}) return attrs def save(self): return self.set_password_form.save()
def password_reset_confirm(request, key): template_name = 'doctor/password_reset_confirm.html' contexto = {} reset = get_object_or_404(PasswordReset, key = key) form = SetPasswordForm(user = reset.user, data = request.POST or None) if form.is_valid(): MIN_LENGTH = 8 password1 = form.cleaned_data['new_password1'] # At least one letter and one non-letter first_isalpha = password1[0].isalpha() if all(c.isalpha() == first_isalpha for c in password1): messages.success(request,'A senha deve conter pelo menos uma letra e pelo menos um dígito ou "\ "um caractere de pontuação.') form = SetPasswordForm(user = reset.user, data = request.POST) # At least MIN_LENGTH long elif len(password1) < MIN_LENGTH: messages.success(request,'A senha deve ter %d caracteres no mínimo.' % MIN_LENGTH) form = SetPasswordForm(user = reset.user, data = request.POST) else: form.save() contexto['success'] = True messages.success(request,'Sua senha foi criada com sucesso') contexto['form'] = form return render(request,template_name,contexto)
def change_password(request): if not password_management_enabled(): raise Http404 can_change_password = request.user.has_usable_password() if can_change_password: if request.POST: form = SetPasswordForm(request.user, request.POST) if form.is_valid(): form.save() update_session_auth_hash(request, form.user) messages.success(request, _("Your password has been changed successfully!")) return redirect('wagtailadmin_account') else: form = SetPasswordForm(request.user) else: form = None return render(request, 'wagtailadmin/account/change_password.html', { 'form': form, 'can_change_password': can_change_password, })
def test_password_whitespace_not_stripped(self): user = User.objects.get(username="******") data = {"new_password1": " password ", "new_password2": " password "} form = SetPasswordForm(user, data) self.assertTrue(form.is_valid()) self.assertEqual(form.cleaned_data["new_password1"], data["new_password1"]) self.assertEqual(form.cleaned_data["new_password2"], data["new_password2"])
def post(self, request): form = SetPasswordForm(request.user, request.POST) if not form.is_valid(): pass user = form.save() update_session_auth_hash(request, user) return redirect('articles:article-list')
def mutate(cls, _, info, **kwargs): data = { 'uid': kwargs.get('uid'), 'token': kwargs.get('token'), 'new_password1': kwargs.get('password'), 'new_password2': kwargs.get('password') } try: uid = force_text(uid_decoder(data['uid'])) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): raise ValueError('The uid is not valid.') form = SetPasswordForm(user=user, data=data) if not form.is_valid() or not token_generator.check_token(user, data['token']): raise ValueError("The token is not valid.") form.save() change_password_confirmation.send(sender=User, user=user, request=info.context) token = get_token(user, info.context) payload = get_payload(token, info.context) return cls(user=user, token=token, payload=payload)
def password_reset_confirm(request, uidb36=None, token=None): """View that checks the hash in a password reset link and presents a form for entering a new password. Based on django.contrib.auth.views. """ try: uid_int = base36_to_int(uidb36) except ValueError: raise Http404 user = get_object_or_404(User, id=uid_int) context = {} if default_token_generator.check_token(user, token): context['validlink'] = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('users.pw_reset_complete')) else: form = SetPasswordForm(None) else: context['validlink'] = False form = None context['form'] = form return render(request, 'users/pw_reset_confirm.html', context)
def reset_view(request, user_id, pwreset_key): try: user = Account.objects.get(id=user_id) except Account.DoesNotExist: user = None if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() user.pwreset = False user.save() return render(request, 'accounts/reset_success.html') context = { 'form': form, } return render(request, 'accounts/set_pass.html', context) if user is not None: if pwreset_key == user.pwreset_key and user.pwreset: if timezone.now() > user.pwreset_expires: baseurl = settings.SITE_BASE_URL + "/accounts/new_activation_link/" context = { 'user_id': user.id, 'baseurl': baseurl, } return render(request, 'accounts/pwkey_expired.html', context) else: form = SetPasswordForm(user) context = { 'form': form, } return render(request, 'accounts/set_pass.html', context) return render(request, 'accounts/error.html')
def profile(request): """ Shows a user's profile page, where they can set various options on their account. """ password_form = SetPasswordForm(request.user) profile_form = '' current_org = request.session['current_org'] if 'current_org' in request.session.keys() else '' if current_org: profile = UserProfile.objects.get(user=request.user, org=current_org) profile_form = ProfileForm(instance=profile) if request.method == 'POST': if 'password' in request.POST: # changing password password_form = SetPasswordForm(request.user, request.POST) if password_form.is_valid(): password_form.save() request.user.message_set.create(message="s|Your password was successfully changed.") return HttpResponseRedirect(reverse('profile')) else: request.user.message_set.create(message="e|There was a problem with your submission. Refer to the messages below and try again.") elif 'profile' in request.POST: # changing prefs profile_form = ProfileForm(request.POST, instance=profile) if profile_form.is_valid(): profile_form.save() request.user.message_set.create(message="s|Your profile was successfully saved.") return render_to_response( 'profile.html', { 'password_form': password_form, 'profile_form': profile_form, 'current_org': current_org }, context_instance=RequestContext(request))
def user_password(request): name = _("Update Password") if request.method == 'POST': form = SetPasswordForm(request.user, request.POST) if form.is_valid(): form.save() messages.success(request, _("Password successfully updated.")) return HttpResponseRedirect(reverse('home')) else: # The form is invalid messages.error( request, _("Please correct the errors in the form.")) return render(request, 'djmongo/console/generic/bootstrapform.html', {'form': form, 'name': name, }) # this is a GET context = {'name': name, 'form': SetPasswordForm(user=request.user) } return render(request, 'djmongo/console/generic/bootstrapform.html', context)
def change_password(request): if request.method == "POST": form = SetPasswordForm(user=request.user, data=request.POST) if form.is_valid(): form.save() callback_js = "$('#ModalChangePassword').modal('hide');" return HttpResponse( json.dumps({ 'result': 'success', 'callback_js': callback_js })) else: response = {} for k in form.errors: response[k] = form.errors[k][0] return HttpResponse( json.dumps({ 'response': response, 'result': 'error' })) else: form = SetPasswordForm(user=request.user) return render(request, 'account/modal_change_password.html', {'form': form})
def post(self, request, **kwargs): """ Reset learner password using passed token and new credentials """ reset_status = False uidb36 = kwargs.get('uidb36') token = kwargs.get('token') has_required_values, uid_int = self._check_token_has_required_values(uidb36, token) if not has_required_values: AUDIT_LOG.exception("Invalid password reset confirm token") return Response({'reset_status': reset_status}) request.data._mutable = True # lint-amnesty, pylint: disable=protected-access request.data['new_password1'] = normalize_password(request.data['new_password1']) request.data['new_password2'] = normalize_password(request.data['new_password2']) password = request.data['new_password1'] try: user = User.objects.get(id=uid_int) if not default_token_generator.check_token(user, token): AUDIT_LOG.exception("Token validation failed") return Response({'reset_status': reset_status}) validate_password(password, user=user) form = SetPasswordForm(user, request.data) if form.is_valid(): form.save() reset_status = True if 'is_account_recovery' in request.GET: try: old_primary_email = user.email user.email = user.account_recovery.secondary_email user.account_recovery.delete() # emit an event that the user changed their secondary email to the primary email tracker.emit( SETTING_CHANGE_INITIATED, { "setting": "email", "old": old_primary_email, "new": user.email, "user_id": user.id, } ) user.save() except ObjectDoesNotExist: err = 'Account recovery process initiated without AccountRecovery instance for user {username}' log.error(err.format(username=user.username)) send_password_reset_success_email(user, request) except ValidationError as err: AUDIT_LOG.exception("Password validation failed") error_status = { 'reset_status': reset_status, 'err_msg': ' '.join(err.messages) } return Response(error_status) except Exception: # pylint: disable=broad-except AUDIT_LOG.exception("Setting new password failed") return Response({'reset_status': reset_status})
def change_password(request): can_change_password = request.user.has_usable_password() if can_change_password: if request.POST: form = SetPasswordForm(request.user, request.POST) if form.is_valid(): form.save() if django.VERSION >= (1, 7): from django.contrib.auth import update_session_auth_hash update_session_auth_hash(request, form.user) messages.success(request, _("Your password has been changed successfully!")) return redirect('wagtailadmin_account') else: form = SetPasswordForm(request.user) else: form = None return render(request, 'wagtailadmin/account/change_password.html', { 'form': form, 'can_change_password': can_change_password, })
def password_reset_confirm(request, key): try: reset = PasswordReset.objects.get(key=key) user = reset.user except PasswordReset.DoesNotExist: user = None if user is not None: validlink = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() reset.delete() return redirect('accounts.password_reset_done') else: form = SetPasswordForm(None) else: validlink = False form = None return render(request, 'accounts/password_reset_confirm.j.html', { 'validlink': validlink, 'form': form })
def password_reset_confirm(request, uidb64=None, token=None): if request.user.is_authenticated(): return HttpResponseRedirect(reverse("index")) context = {} UserModel = get_user_model() assert uidb64 is not None and token is not None try: uid = force_text(urlsafe_base64_decode(uidb64)) user = UserModel._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): valid_link = True title = _("Enter new password") if request.method == "POST": form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse("players:password_reset_complete")) else: form = SetPasswordForm(user) else: valid_link = False title = _("Password reset failed") form = None context.update({"form": form, "title": title, "valid_link": valid_link}) context.update({"request": request}) return render(request, "players/password_reset/confirm.html", context)
def set_password(request): # This shows the signup form and displays errors if request.method == 'POST': # This form has been filled in by the user form = SetPasswordForm(request.user, request.POST) if form.is_valid(): form.save() logger.debug('Set password for ' + request.user.email) # Set a message and redirect # Django logs the user out after successful password set :( WTF # Crazy hack: http://stackoverflow.com/questions/15192808/django-automatic-login-after-user-registration-1-4 request.user.backend = "django.contrib.auth.backends.ModelBackend" auth_login(request, request.user) message = "Your password has been set!" messages.add_message(request, messages.SUCCESS, message) logger.debug(message) return redirect('accounts:profile') else: # initial, empty form form = SetPasswordForm(user=request.user) context = { 'form': form, } return render(request, 'registration/password_set_form.html', context)
def password_reset_confirm(request, uidb36=None, token=None): """ View that checks the hash in a password reset link and presents a form for entering a new password. """ assert uidb36 is not None and token is not None # checked by URLconf post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete') try: uid_int = base36_to_int(uidb36) user = User.objects.get(pk=uid_int) except (ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): validlink = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() return JsonResponse({'status': True, 'redirect': post_reset_redirect}) else: status = False else: form = SetPasswordForm(None) status = True else: raise Http404 context = {'form': form, 'validlink': validlink, 'uidb36': uidb36, 'token': token} if request.is_ajax(): return JsonResponse({'status': status, 'template': render_to_string( 'account/password_reset/confirm_form.html', context, context_instance=RequestContext(request))}) return TemplateResponse(request, 'account/password_reset/confirm_container.html', context)
def profileupdate(request): ## profile update form if request.method == 'POST' and 'profileupdate' in request.POST: profileform = ProfileUpdateForm(request.POST, request.FILES, instance=request.user) if profileform.is_valid(): profileform.save() messages.success(request, 'Profile details updated') return HttpResponseRedirect(reverse('profile-update')) else: profileform = ProfileUpdateForm(instance=request.user) ## password change form if request.method == 'POST' and 'passwordchange' in request.POST: passwordform = SetPasswordForm(request.user, request.POST) if passwordform.is_valid(): passwordform.save() messages.success(request, 'Password changed') return HttpResponseRedirect(reverse('profile-update') + '#body') else: passwordform = SetPasswordForm(request.user) return render(request, 'accounts/update.html', { 'profileform': profileform, 'passwordform': passwordform, })
def reset_password(request): if request.user.is_authenticated(): return HttpResponse(status=400) uidb36 = request.POST['uidb36'] token = request.POST['token'] try: uid_int = base36_to_int(uidb36) user = User.objects.get(id=uid_int) except (ValueError, ObjectDoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() user = auth.authenticate( username=user.username, password=request.POST['new_password1']) auth.login(request, user) return HttpResponse(JSON_SUCCESS) else: return get_json_errors(form.errors) else: return HttpResponse(status=400)
def resetpassword(self,request): uidb64 = self.request.POST.get("uidb64","") token = self.request.POST.get("token","") password1 = self.request.POST.get("password1","") password2 = self.request.POST.get("password2","") try: uid = urlsafe_base64_decode(uidb64) user = User.objects.get(id=uid) except (TypeError,ValueError,OverflowError,User.DoesNotExist): user = None token_generator = default_token_generator if user is not None and token_generator.check_token(user,token): form = SetPasswordForm(user,request.POST) error = [] if form.is_valid(): user = form.save() else: #如果表单不正确,保存错误到errors列表中 for k,v in form.errors.items(): errors.append(v.as_text()) else: return HttpResponse("密码重设失败!\n密码重置链接无效,可能因为它已使用。可以请求一次新的密码重设.",status=403)
def resetpassword(self, request): uidb64 = self.request.POST.get("uidb64", "") token = self.request.POST.get("token", "") password1 = self.request.POST.get("password1", "") password2 = self.request.POST.get("password2", "") try: uid = urlsafe_base64_decode(uidb64) user = User.objects.get(id=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None token_generator = default_token_generator if user is not None and token_generator.check_token(user, token): form = SetPasswordForm(user, request.POST) error = [] if form.is_valid(): user = form.save() else: #如果表单不正确,保存错误到errors列表中 for k, v in form.errors.items(): errors.append(v.as_text()) else: return HttpResponse("密码重设失败!\n密码重置链接无效,可能因为它已使用。可以请求一次新的密码重设.", status=403)
def updateProfile(request): perm = general_methods.control_access(request) if not perm: logout(request) return redirect('accounts:login') user = request.user user_form = DisabledUserForm(request.POST or None, instance=user) password_form = SetPasswordForm(request.user, request.POST) if request.method == 'POST': if password_form.is_valid(): user.set_password(password_form.cleaned_data['new_password1']) user.save() update_session_auth_hash(request, user) messages.success(request, 'Şifre Başarıyla Güncellenmiştir.') return redirect('wushu:admin-profil-guncelle') else: messages.warning(request, 'Alanları Kontrol Ediniz') return render(request, 'admin/admin-profil-guncelle.html', { 'user_form': user_form, 'password_form': password_form })
def resetpassword(self, request): uidb64 = self.request.POST.get("uidb64", "") token = self.request.POST.get("token", "") password1 = self.request.POST.get("password1", "") password2 = self.request.POST.get("password2", "") try: uid = urlsafe_base64_decode(uidb64) user = VmaigUser._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, VmaigUser.DoesNotExist): user = None token_generator = default_token_generator if user is not None and token_generator.check_token(user, token): form = SetPasswordForm(user, request.POST) errors = [] if form.is_valid(): user = form.save() else: #如果表单不正确,保存错误到errors列表中 for k, v in form.errors.items(): #v.as_text() 详见django.forms.util.ErrorList 中 errors.append(v.as_text()) mydict = {"errors": errors} return HttpResponse(json.dumps(mydict), content_type="application/json") else: logger.error(u'[UserControl]用户重置密码连接错误:[%s]/[%s]' % (uid64, token)) return HttpResponse("密码重设失败!\n密码重置链接无效,可能是因为它已使用。可以请求一次新的密码重置.", status=403)
def account_verified(request): group = Group.objects.get(name='verified') if group in request.user.groups.all(): messages.error(request, 'This account has already been verified') return redirect('index') else: if request.method == 'POST': form = SetPasswordForm(request.user, request.POST) if form.is_valid(): user = form.save() update_session_auth_hash(request, user) # Important! # the user should be added to the People object of data inventory # user_instance = User.objects.get(pk=user.id) #for some reason, the create() method does not want to accept the user instance # new_person = inventory_models.Person.objects.create( # user=user_instance, # full_name="{}, {}".format(user.last_name, user.first_name), # organization_id=6 # ) user.groups.add(group) messages.success(request, 'Your password was successfully updated!') return redirect('index') else: form = SetPasswordForm(request.user) return render(request, 'registration/account_verified.html', {'form': form})
def update(request, id): user = User.objects.get(id=id) if request.POST: user_form = UserForm(request.POST, instance=user) setpassword_form = SetPasswordForm(user, request.POST) new_password1 = request.POST.get('new_password1', '') new_password2 = request.POST.get('new_password2', '') if not new_password1 and not new_password2: if user_form.is_valid(): user_form.save() return HttpResponseRedirect(reverse('account_index')) else: if user_form.is_valid() and setpassword_form.is_valid(): user_form.save() setpassword_form.save() return HttpResponseRedirect(reverse('account_index')) else: user_form = UserForm(instance=user) setpassword_form = SetPasswordForm(user) return { 'user_form':user_form, 'setpassword_form':setpassword_form, 'id':id }
def reset_password_new_user(request, uidb36, token): """ Checks the link the user clicked and prompts for a new password :param request: the standard request given by Django :param uidb36: the id's hash :param token: token created dynamically """ try: uid_int = base36_to_int(uidb36) user = User.objects.get(pk=uid_int) except (ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and not user.has_usable_password() \ and default_token_generator.check_token(user, token): validlink = True if request.method == "POST": form = SetPasswordForm(user, request.POST) if form.is_valid(): user = form.save() user.is_active = True user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return HttpResponseRedirect(reverse('index')) else: form = SetPasswordForm(None) else: validlink = False form = None return render(request, 'registration/reset_password_complete.html', { 'form': form, 'validlink': validlink })
def test_password_verification(self): # The two new passwords do not match. user = User.objects.get(username="******") data = {"new_password1": "abc123", "new_password2": "abc"} form = SetPasswordForm(user, data) self.assertFalse(form.is_valid()) self.assertEqual(form["new_password2"].errors, [force_unicode(form.error_messages["password_mismatch"])])
def reset_password(request, hash): """Perform a password change. If the request method is set to GET and the hash matches a form will be displayed to the user allowing the password change. If the request method is POST the user password will be changed to the newly set data. """ profile = get_object_or_404(UserProfile, verification_hash=hash) user = profile.user form = SetPasswordForm(profile.user) template_data = {"form": form, "hash": hash} if request.method == "GET": return render_to_response("account_change_password.html", template_data, RequestContext(request)) form = SetPasswordForm(user, request.POST) template_data.update({"form": form}) if not form.is_valid(): return render_to_response("account_change_password.html", template_data, RequestContext(request)) profile.verification_hash = "verified" profile.save() user.set_password(form.cleaned_data.get("new_password1")) user.save() template_data.update({"msg": _(u"Password changed successfully!"), "msg_css_class": "success"}) return render_to_response("account_message.html", template_data, RequestContext(request))
def post(self, request, *args, **kwargs): """ request associate profile """ response_data = {} response_data['status'] = True if request.is_ajax(): user_id = request.POST.get('user_id') try: if request.POST.get('associate'): user = User.objects.get(id=user_id) else: store_user = StoreAccountProfile.objects.get(id=user_id) user = User.objects.get(id=store_user.user.id) password_form = SetPasswordForm(user, request.POST) if password_form.is_valid(): password = password_form.cleaned_data.get('new_password1') user.set_password(password) user.save() else: response_data['status'] = False response_data['errors'] = password_form.errors except User.DoesNotExist: response_data['status'] = False return HttpResponse(json.dumps(response_data), content_type="application/json")
def resetpassword(self, request): uidb64 = self.request.POST.get("uidb64", "") token = self.request.POST.get("token", "") password1 = self.request.POST.get("password1", "") password2 = self.request.POST.get("password2", "") try: uid = urlsafe_base64_decode(uidb64) user = JoklinUser._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, JoklinUser.DoesNotExist): user = None token_generator = default_token_generator if user is not None and token_generator.check_token(user, token): form = SetPasswordForm(user, request.POST) errors = [] if form.is_valid(): user = form.save() else: # 如果表单不正确,保存错误到errors列表中 for k, v in form.errors.items(): # v.as_text() 详见django.forms.util.ErrorList 中 errors.append(v.as_text()) mydict = {"errors": errors} return HttpResponse(json.dumps(mydict), content_type="application/json") else: logger.error(u"[UserControl]用户重置密码连接错误:[{}]/[{}]".format(uid64, token)) return HttpResponse(u"密码重设失败!\n密码重置链接无效,可能是因为它已使用。可以请求一次新的密码重置.", status=403)
def mutate_and_get_payload(cls, input, request, info): errors = [] UserModel = User._meta.model try: # urlsafe_base64_decode() decodes to bytestring on Python 3 uid = force_text(urlsafe_base64_decode(input.get('uidb64'))) user = UserModel.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user and default_token_generator.check_token(user, input.get('token')): form = SetPasswordForm(user=user, data=input) if form.is_valid(): user = form.save(commit=False) user.save(request=request) # workarout to re authenticate the user # when as change the user on the DB it gets disconected user.backend = settings.DEFAULT_AUTHENTICATION_BACKENDS auth_login(request, user) else: errors = form_erros(form, errors) else: errors.append(Error( code='password_reset_incorrect_token', message=_('Password reset failed') )) return PasswordResetComplete(errors=errors)
def change_pass(request): code = request.GET.get('code', '') if code: try: uid = fb_utils.get_userid(code, change_pass) if uid != request.user.fbprofile.fb_userid: messages.error(request, "Your facebook account did not" +\ " match the one registered with LitHub.") return redirect('bookswap.views.my_account') form = SetPasswordForm(user=request.user) if request.method=="POST": form = SetPasswordForm(request.user, request.POST) if form.is_valid(): form.save() messages.success(request, "Your password was "+\ "successfully changed.") return redirect("bookswap.views.my_account") return render(request, "fbconnect/password_change.html", {'form':form},) except ObjectDoesNotExist: return redirect('bookswap.views.my_account') except ValueError: return render(request, "fbconnect/code_error.html") else: messages.error(request, "There was an error getting your " +\ "information from facebook.") return redirect('django.contrib.auth.views.login')
def new_password(request, activation_key): """ Display form for recovering password **Context** set password Form **Template:** :template:`new_password.html` """ try: embigo_user = EmbigoUser.objects.get(activation_key=activation_key) if embigo_user.key_expires > timezone.now() and embigo_user.hash_type == "PASSWORD_HASH": if request.method == 'POST': form = SetPasswordForm(embigo_user.user, request.POST) if form.is_valid(): embigo_user.activation_key = None embigo_user.save() form.save() context = {'message': "Twoje hasło zostało zmienione"} return render(request, 'confirmation.html', context) else: form = SetPasswordForm(embigo_user.user) context = {'form': form} return render(request, 'new_password.html', context) else: context = {'message': "Błąd, podany link jest nieaktywny."} except ObjectDoesNotExist: context = {'message': "Błąd, podany link jest nieaktywny."} return render(request, 'confirmation.html', context)
def confirm_email(request, key): """Confirm Email receives a key and tries to confirm it if the key is valid, reload the page with a form to set their passwords when the user submits the password, set it as key's owner password, confirm the key and login the user """ # Get the key's owner manager = EmailManager.find_key(key) # If the key does not exist or was already used, redirect to index and tell them that if not manager or manager.is_active: messages.add_message(request, messages.SUCCESS, 'Chave de ativação inválida ou já usada.') return redirect(index) # If the user is submitting their new passwords(POST) if request.method == 'POST': # Load the data form = SetPasswordForm(manager.user, request.POST) # If the password is valid if form.is_valid(): # try to confirm the key user = EmailManager.confirm(key) # if the key was confirmed if user.is_active: form = SetPasswordForm(user, request.POST) form.is_valid() form.save() # Login the new user and validate their accounts login(request, user) messages.add_message(request, messages.SUCCESS, 'Sua conta foi ativada com sucesso!') return redirect(profile) # if the key was not confirmed else: messages.add_message(request, messages.SUCCESS, 'Não foi possível confirmar seu email!') # If the user just clicked the activation link, generate a password form else: form = SetPasswordForm(manager.user) return render(request, 'maro_auth/set_password.html', { 'form': form, 'key': key })
class Edit(generic.edit.UpdateView): """ User profile editing """ template_name = 'identity/edit.html' form_class = UserEditForm success_url = reverse_lazy('homepage') model = Identity @method_decorator(never_cache) @method_decorator(login_required) def dispatch(self, request, *args, **kwargs): return super(Edit, self).dispatch(request, *args, **kwargs) def get(self, request, *args, **kwargs): self.password_form = SetPasswordForm(user=request.user) return super(Edit, self).get(request, *args, **kwargs) def post(self, request, *args, **kwargs): self.object = self.get_object() forms_valid = True change_password = False form = self.get_form(self.get_form_class()) if not form.is_valid(): forms_valid = False if self.request.POST.get('new_password1'): change_password = True self.password_form = SetPasswordForm( data=request.POST, user=request.user) if not self.password_form.is_valid(): forms_valid = False else: self.password_form = SetPasswordForm(user=request.user) if forms_valid: form.save() if change_password: self.password_form.save() self.notifications_form.save() return HttpResponseRedirect(self.get_success_url()) else: return self.render_to_response( self.get_context_data(form=form)) def get_object(self): return self.request.user def get_context_data(self, **kwargs): return super(Edit, self).get_context_data( password_form=self.password_form, notifications_form=self.notifications_form, **kwargs )
def test_success(self): user = User.objects.get(username='******') data = { 'new_password1': 'abc123', 'new_password2': 'abc123', } form = SetPasswordForm(user, data) self.assertTrue(form.is_valid())
def post(self, request, **kwargs): user_token = request.GET.get('user_token') user = get_object_or_404(MyUser, id=user_token) form = SetPasswordForm(user) if form.is_valid(): form.save() login(request, user) return redirect('/profile/')
def test_correct_password(self): form = SetPasswordForm(user=self.user, data={ "new_password1": "1pasSword#", "new_password2": "1pasSword#" }) self.assertTrue(form.is_valid())