def reset(request, username="", user="******", token=""): user = int(user) try: user = User.objects.get(pk=user) user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) if user.activation != User.ACTIVATION_NONE: return error403(request, Message(request, 'users/activation/required', {'user': user})) if not token or not user.token or user.token != token: return error403(request, Message(request, 'users/invalid_confirmation_link', {'user': user})) new_password = get_random_string(6) user.token = None user.set_password(new_password) user.save(force_update=True) # Logout signed in and kill remember me tokens Session.objects.filter(user=user).update(user=None) Token.objects.filter(user=user).delete() # Set flash and mail new password request.messages.set_flash(Message(request, 'users/password/reset_done', extra={'user':user}), 'success') user.email_user( request, 'users/password/new', _("Your New Password"), {'password': new_password} ) return redirect(reverse('sign_in')) except User.DoesNotExist: return error404(request)
def form(request): message = None if request.method == "POST": form = UserSendSpecialMailForm(request.POST, request=request) if form.is_valid(): user = form.found_user user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) if user.activation == User.ACTIVATION_NONE: return error403(request, Message(request, "users/activation/not_required", extra={"user": user})) if user.activation == User.ACTIVATION_ADMIN: return error403(request, Message(request, "users/activation/only_by_admin", extra={"user": user})) request.messages.set_flash(Message(request, "users/activation/resent", extra={"user": user}), "success") user.email_user(request, "users/activation/resend", _("Account Activation")) return redirect(reverse("index")) else: message = Message(request, form.non_field_errors()[0], "error") else: form = UserSendSpecialMailForm(request=request) return request.theme.render_to_response( "users/resend_activation.html", {"message": message, "form": FormLayout(form)}, context_instance=RequestContext(request), )
def form(request): message = None if request.method == 'POST': form = UserSendSpecialMailForm(request.POST, request=request) if form.is_valid(): user = form.found_user user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) elif user.activation != User.ACTIVATION_NONE: return error403(request, Message(request, 'users/activation/required', {'user': user})) user.token = get_random_string(12) user.save(force_update=True) request.messages.set_flash(Message(request, 'users/password/reset_confirm', extra={'user':user}), 'success') user.email_user( request, 'users/password/confirm', _("Confirm New Password Request") ) return redirect(reverse('index')) else: message = Message(request, form.non_field_errors()[0]) else: form = UserSendSpecialMailForm(request=request) return request.theme.render_to_response('users/forgot_password.html', { 'message': message, 'form': FormLayout(form), }, context_instance=RequestContext(request));
def activate(request, username="", user="******", token=""): user = int(user) try: user = User.objects.get(pk=user) current_activation = user.activation # Run checks user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) if user.activation == User.ACTIVATION_NONE: return error403(request, Message(request, "users/activation/not_required", extra={"user": user})) if user.activation == User.ACTIVATION_ADMIN: return error403(request, Message(request, "users/activation/only_by_admin", extra={"user": user})) if not token or not user.token or user.token != token: return error403(request, Message(request, "users/invalid_confirmation_link", extra={"user": user})) # Activate and sign in our member user.activation = User.ACTIVATION_NONE sign_user_in(request, user) # Update monitor request.monitor["users_inactive"] = request.monitor["users_inactive"] - 1 if current_activation == User.ACTIVATION_CREDENTIALS: request.messages.set_flash( Message(request, "users/activation/credentials", extra={"user": user}), "success" ) else: request.messages.set_flash(Message(request, "users/activation/new", extra={"user": user}), "success") return redirect(reverse("index")) except User.DoesNotExist: return error404(request)
def reset(request, username="", user="******", token=""): user = int(user) try: user = User.objects.get(pk=user) user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) if user.activation != User.ACTIVATION_NONE: return error403( request, Message(request, 'users/activation/required', {'user': user})) if not token or not user.token or user.token != token: return error403( request, Message(request, 'users/invalid_confirmation_link', {'user': user})) new_password = get_random_string(6) user.token = None user.set_password(new_password) user.save(force_update=True) # Logout signed in and kill remember me tokens Session.objects.filter(user=user).update(user=None) Token.objects.filter(user=user).delete() # Set flash and mail new password request.messages.set_flash( Message(request, 'users/password/reset_done', extra={'user': user}), 'success') user.email_user(request, 'users/password/new', _("Your New Password"), {'password': new_password}) return redirect(reverse('sign_in')) except User.DoesNotExist: return error404(request)
def form(request): message = None if request.method == 'POST': form = UserSendSpecialMailForm(request.POST, request=request) if form.is_valid(): user = form.found_user user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) elif user.activation != User.ACTIVATION_NONE: return error403( request, Message(request, 'users/activation/required', {'user': user})) user.token = get_random_string(12) user.save(force_update=True) request.messages.set_flash( Message(request, 'users/password/reset_confirm', extra={'user': user}), 'success') user.email_user(request, 'users/password/confirm', _("Confirm New Password Request")) return redirect(reverse('index')) else: message = Message(request, form.non_field_errors()[0]) else: form = UserSendSpecialMailForm(request=request) return request.theme.render_to_response( 'users/forgot_password.html', { 'message': message, 'form': FormLayout(form), }, context_instance=RequestContext(request))
def decorator(*args, **kwargs): request = args[0] try: if request.ban.is_banned(): return error_banned(request) return f(*args, **kwargs) except AttributeError: pass return f(*args, **kwargs)
def activate(request, username="", user="******", token=""): user = int(user) try: user = User.objects.get(pk=user) current_activation = user.activation # Run checks user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) if user.activation == User.ACTIVATION_NONE: return error403( request, Message(request, 'users/activation/not_required', extra={'user': user})) if user.activation == User.ACTIVATION_ADMIN: return error403( request, Message(request, 'users/activation/only_by_admin', extra={'user': user})) if not token or not user.token or user.token != token: return error403( request, Message(request, 'users/invalid_confirmation_link', extra={'user': user})) # Activate and sign in our member user.activation = User.ACTIVATION_NONE sign_user_in(request, user) # Update monitor request.monitor[ 'users_inactive'] = request.monitor['users_inactive'] - 1 if current_activation == User.ACTIVATION_CREDENTIALS: request.messages.set_flash( Message(request, 'users/activation/credentials', extra={'user': user}), 'success') else: request.messages.set_flash( Message(request, 'users/activation/new', extra={'user': user}), 'success') return redirect(reverse('index')) except User.DoesNotExist: return error404(request)
def form(request): message = None if request.method == 'POST': form = UserSendSpecialMailForm(request.POST, request=request) if form.is_valid(): user = form.found_user user_ban = check_ban(username=user.username, email=user.email) if user_ban: return error_banned(request, user, user_ban) if user.activation == User.ACTIVATION_NONE: return error403( request, Message(request, 'users/activation/not_required', extra={'user': user})) if user.activation == User.ACTIVATION_ADMIN: return error403( request, Message(request, 'users/activation/only_by_admin', extra={'user': user})) request.messages.set_flash( Message(request, 'users/activation/resent', extra={'user': user}), 'success') user.email_user( request, 'users/activation/resend', _("Account Activation"), ) return redirect(reverse('index')) else: message = Message(request, form.non_field_errors()[0], 'error') else: form = UserSendSpecialMailForm(request=request) return request.theme.render_to_response( 'users/resend_activation.html', { 'message': message, 'form': FormLayout(form), }, context_instance=RequestContext(request))