def lost(request, next_page, recovery_page,
mail_template_name='accounts/recovery_mail.txt',
form_template_name='accounts/recovery_form.html',
sent_template_name='accounts/recovery_mail_sent.html'):
error = None
if request.POST:
user = get_user(request.POST.get('username'))
if not user:
error = "Incorrect username."
if not error:
# Password recovery works via a special kind of session
# which is transmitted over e-mail, rather than via a
# cookie. Create a session which includes the username
# this request was generated for.
key = Session.objects.get_new_session_key()
expire_date = datetime.datetime.now() + datetime.timedelta(hours=12)
Session.objects.save(key, {
'account_recovery_session': True,
'username': user.username,
}, expire_date)
send_mail_to_user(user, mail_template_name,
request = request,
recovery_path = recovery_page % key)
return render_to_response(sent_template_name)
return render_to_response(form_template_name, RequestContext(request, {'error': error}))
def save(self):
if not self.errors:
# XXX Compatibility with Django 0.96 and 1.0
formdata = getattr(self, "cleaned_data",
getattr(self, "clean_data", None))
d = dict((k, v.encode("utf8")) for k, v in formdata.iteritems())
try:
user = auth.models.User.objects.create_user(
d['username'], d['email'], d['password1'])
return user
except:
# We check for duplicate users here instead of clean, since it's
# possible that two users could race for a name.
if get_user(username=d['username']):
self.errors['username'] = \
forms.util.ErrorList(["Sorry, this username is taken."])
else:
raise
def save(self):
if not self.errors:
formdata = self.cleaned_data
d = dict((k, v.encode("utf8")) for k, v in formdata.iteritems())
try:
user = auth.models.User.objects.create_user(d['username'],
d['email'],
d['password1'])
user.first_name = d['first_name']
user.last_name = d['last_name']
user.save()
return user
except:
# We check for duplicate users here instead of clean, since it's
# possible that two users could race for a name.
if get_user(username=d['username']):
self.errors['username'] = \
forms.util.ErrorList(["Sorry, this username is taken."])
else:
raise
def save(self):
if not self.errors:
# XXX Compatibility with Django 0.96 and 1.0
formdata = getattr(self, "cleaned_data",
getattr(self, "clean_data", None))
d = dict((k, v.encode("utf8")) for k, v in formdata.iteritems())
try:
user = auth.models.User.objects.create_user(d['username'],
d['email'],
d['password1'])
return user
except:
# We check for duplicate users here instead of clean, since it's
# possible that two users could race for a name.
if get_user(username=d['username']):
self.errors['username'] = \
forms.util.ErrorList(["Sorry, this username is taken."])
else:
raise
def reset(request, key, next_page,
form_template_name='accounts/reset_password.html',
error_template_name='accounts/recovery_key_error.html'):
session = get_recovery_session(key)
if not session:
return render_to_response(error_template_name, RequestContext(request))
user = get_user(session.get('username'))
if request.POST:
form = ResetPasswordForm(request.POST)
form.full_clean()
validate_test_cookie(form, request)
if not form.errors:
# XXX Compatibility with Django 0.96 and 1.0
formdata = getattr(form, "cleaned_data",
getattr(form, "clean_data", None))
user.set_password(formdata['password1'])
user.save()
# Try to log in using the new password
loginError = internal_login(request, user.username,
formdata['password1'])
if loginError:
# This might happen if the account is deactivated.
form.errors['submit'] = forms.util.ErrorList([loginError])
else:
# We're in successfully. Expire the recovery session.
Session.objects.save(key, None, datetime.datetime.now())
return HttpResponseRedirect(next_page)
else:
form = None
request.session.set_test_cookie()
return render_to_response(form_template_name, RequestContext(request, {
'form_path': request.path,
'username': user.username,
'form': form,
}))
