def process_login_form(request, login_form): user = login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, "portal/email_verification_needed.html", {"user": user}) login(request, login_form.user) if using_two_factor(request.user): return render( request, "portal/2FA_redirect.html", { "form": AuthenticationForm(), "username": request.user.username, "password": login_form.cleaned_data["teacher_password"], }, ) next_url = request.GET.get("next", None) if next_url and is_safe_url(next_url): return HttpResponseRedirect(next_url) teacher = request.user.userprofile.teacher return redirect_teacher_to_correct_page(request, teacher)
def process_update_account_form(request, teacher, old_anchor): update_account_form = TeacherEditAccountForm(request.user, request.POST) changing_email = False new_email = "" if update_account_form.is_valid(): data = update_account_form.cleaned_data changing_email = False # check not default value for CharField if data["password"] != "": teacher.new_user.set_password(data["password"]) teacher.new_user.save() update_session_auth_hash(request, update_account_form.user) teacher.title = data["title"] teacher.new_user.first_name = data["first_name"] teacher.new_user.last_name = data["last_name"] new_email = data["email"] if new_email != "" and new_email != teacher.new_user.email: # new email to set and verify changing_email = True send_verification_email(request, teacher.new_user, new_email) teacher.save() teacher.new_user.save() anchor = "#" messages.success( request, "Your account details have been successfully changed." ) else: anchor = old_anchor return changing_email, new_email, anchor
def process_signup_form(request, data): email = data['teacher_email'] teacher = None if email and Teacher.objects.filter(new_user__email=email).exists(): email_message = emailMessages.userAlreadyRegisteredEmail( request, email) send_email(NOTIFICATION_EMAIL, [email], email_message['subject'], email_message['message']) else: teacher = Teacher.objects.factory( title=data['teacher_title'], first_name=data['teacher_first_name'], last_name=data['teacher_last_name'], email=data['teacher_email'], password=data['teacher_password']) if _newsletter_ticked(data): user = teacher.user.user add_to_salesforce(user.first_name, user.last_name, user.email) send_verification_email(request, teacher.user.user) if teacher: return render(request, 'portal/email_verification_needed.html', {'user': teacher.user.user}) else: return render(request, 'portal/email_verification_needed.html')
def process_signup_form(request, data): email = data["teacher_email"] teacher = None if email and Teacher.objects.filter(new_user__email=email).exists(): email_message = email_messages.userAlreadyRegisteredEmail(request, email) send_email( NOTIFICATION_EMAIL, [email], email_message["subject"], email_message["message"], ) else: teacher = Teacher.objects.factory( title=data["teacher_title"], first_name=data["teacher_first_name"], last_name=data["teacher_last_name"], email=data["teacher_email"], password=data["teacher_password"], ) if _newsletter_ticked(data): user = teacher.user.user add_to_salesforce(user.first_name, user.last_name, user.email) send_verification_email(request, teacher.user.user) if teacher: return render( request, "portal/email_verification_needed.html", {"user": teacher.user.user}, ) else: return render(request, "portal/email_verification_needed.html")
def process_independent_student_signup_form(request, data): email = data["email"] independent_students = Student.objects.filter(class_field=None) if email and independent_students.filter(new_user__email=email).exists(): email_message = email_messages.userAlreadyRegisteredEmail(request, email) send_email( NOTIFICATION_EMAIL, [email], email_message["subject"], email_message["message"], ) return render(request, "portal/email_verification_needed.html") student = Student.objects.independentStudentFactory( username=data["username"], name=data["name"], email=data["email"], password=data["password"], ) if _newsletter_ticked(data): user = student.new_user add_to_salesforce(user.first_name, user.last_name, user.email) send_verification_email(request, student.new_user) return render( request, "portal/email_verification_needed.html", {"user": student.new_user} )
def process_login_form(request, login_form): user = login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, "portal/email_verification_needed.html", {"user": user}) login(request, login_form.user) if using_two_factor(request.user): return render( request, "portal/2FA_redirect.html", { "form": AuthenticationForm(), "username": request.user.username, "password": login_form.cleaned_data["teacher_password"], }, ) next_url = request.GET.get("next", None) if next_url and is_safe_url(next_url): return HttpResponseRedirect(next_url) teacher = request.user.userprofile.teacher return redirect_user_to_correct_page(request, teacher)
def process_signup_form(request, data): email = data["teacher_email"] teacher = None if email and Teacher.objects.filter(new_user__email=email).exists(): email_message = email_messages.userAlreadyRegisteredEmail(request, email) send_email( NOTIFICATION_EMAIL, [email], email_message["subject"], email_message["message"], ) else: teacher = Teacher.objects.factory( title=data["teacher_title"], first_name=data["teacher_first_name"], last_name=data["teacher_last_name"], email=data["teacher_email"], password=data["teacher_password"], ) if _newsletter_ticked(data): user = teacher.user.user add_to_dotmailer(user.first_name, user.last_name, user.email) send_verification_email(request, teacher.user.user) if teacher: return render( request, "portal/email_verification_needed.html", {"user": teacher.user.user}, ) else: return render(request, "portal/email_verification_needed.html")
def process_update_account_form(request, teacher, old_anchor): update_account_form = TeacherEditAccountForm(request.user, request.POST) changing_email = False new_email = "" if update_account_form.is_valid(): data = update_account_form.cleaned_data changing_email = False # check not default value for CharField if (data['password'] != ''): teacher.new_user.set_password(data['password']) teacher.new_user.save() update_session_auth_hash(request, update_account_form.user) teacher.title = data['title'] teacher.new_user.first_name = data['first_name'] teacher.new_user.last_name = data['last_name'] new_email = data['email'] if new_email != '' and new_email != teacher.new_user.email: # new email to set and verify changing_email = True send_verification_email(request, teacher.new_user, new_email) teacher.save() teacher.new_user.save() anchor = '#' messages.success( request, 'Your account details have been successfully changed.') else: anchor = old_anchor return changing_email, new_email, anchor
def process_independent_student_signup_form(request, data): email = data["email"] independent_students = Student.objects.filter(class_field=None) if email and independent_students.filter(new_user__email=email).exists(): email_message = email_messages.userAlreadyRegisteredEmail( request, email) send_email( NOTIFICATION_EMAIL, [email], email_message["subject"], email_message["message"], ) return render(request, "portal/email_verification_needed.html") student = Student.objects.independentStudentFactory( username=data["username"], name=data["name"], email=data["email"], password=data["password"], ) if _newsletter_ticked(data): user = student.new_user add_to_salesforce(user.first_name, user.last_name, user.email) send_verification_email(request, student.new_user) return render(request, "portal/email_verification_needed.html", {"user": student.new_user})
def teacher_dismiss_students(request, access_code): klass = get_object_or_404(Class, access_code=access_code) # check user is authorised to deal with class if request.user.new_teacher != klass.teacher: raise Http404 # get student objects for students to be deleted, confirming they are in the class student_ids = json.loads(request.POST.get('transfer_students', '[]')) students = [ get_object_or_404(Student, id=i, class_field=klass) for i in student_ids ] TeacherDismissStudentsFormSet = formset_factory( wraps(TeacherDismissStudentsForm)(partial(TeacherDismissStudentsForm)), extra=0, formset=BaseTeacherDismissStudentsFormSet) if request.method == 'POST' and 'submit_dismiss' in request.POST: formset = TeacherDismissStudentsFormSet(request.POST) if formset.is_valid(): for data in formset.cleaned_data: student = get_object_or_404( Student, class_field=klass, new_user__first_name__iexact=data['orig_name']) student.class_field = None student.new_user.first_name = data['name'] student.new_user.username = data['name'] student.new_user.email = data['email'] student.save() student.new_user.save() send_verification_email(request, student.new_user) messages.success( request, 'The students have been removed successfully from the class.') return HttpResponseRedirect( reverse_lazy('teacher_class', kwargs={'access_code': access_code})) else: initial_data = [{ 'orig_name': student.new_user.first_name, 'name': generate_new_student_name(student.new_user.first_name), 'email': '' } for student in students] formset = TeacherDismissStudentsFormSet(initial=initial_data) return render(request, 'portal/teach/teacher_dismiss_students.html', { 'formset': formset, 'class': klass, 'students': students })
def process_indep_student_login_form(request, independent_student_login_form): user = independent_student_login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, "portal/email_verification_needed.html", {"user": user}) login(request, independent_student_login_form.user) next_url = request.GET.get("next", None) if next_url and is_safe_url(next_url): return HttpResponseRedirect(next_url) return HttpResponseRedirect(reverse_lazy("student_details"))
def process_student_signup_form(request, data): student = Student.objects.independentStudentFactory( username=data['username'], name=data['name'], email=data['email'], password=data['password']) email_supplied = (data['email'] != '') if email_supplied: send_verification_email(request, student.new_user) return render(request, 'portal/email_verification_needed.html', {'user': student.new_user}) return render(request, 'portal/play/student_details.html')
def process_indep_student_login_form(request, independent_student_login_form): user = independent_student_login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, "portal/email_verification_needed.html", {"user": user}) login(request, independent_student_login_form.user) next_url = request.GET.get("next", None) if next_url and is_safe_url(next_url): return HttpResponseRedirect(next_url) return HttpResponseRedirect(reverse_lazy("student_details"))
def process_indep_student_login_form(request, independent_student_login_form): user = independent_student_login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, 'portal/email_verification_needed.html', {'user': user}) login(request, independent_student_login_form.user) next_url = request.GET.get('next', None) if next_url: return HttpResponseRedirect(next_url) return HttpResponseRedirect(reverse_lazy('student_details'))
def student_edit_account(request): student = request.user.new_student if request.method == "POST": form = StudentEditAccountForm(request.user, request.POST) if form.is_valid(): data = form.cleaned_data changing_email = False # check not default value for CharField if data["password"] != "": student.new_user.set_password(data["password"]) student.new_user.save() update_session_auth_hash(request, form.user) # allow individual students to update more if not student.class_field: new_email = data["email"] if new_email != "" and new_email != student.new_user.email: # new email to set and verify changing_email = True send_verification_email(request, student.new_user, new_email) student.new_user.first_name = data["name"] # save all tables student.save() student.new_user.save() messages.success( request, "Your account details have been changed successfully." ) if changing_email: logout(request) return render( request, "portal/email_verification_needed.html", {"userprofile": student.user, "email": new_email}, ) return HttpResponseRedirect(reverse_lazy("student_details")) else: form = StudentEditAccountForm( request.user, initial={"name": student.new_user.first_name} ) return render(request, "portal/play/student_edit_account.html", {"form": form})
def student_edit_account(request): student = request.user.new_student if request.method == 'POST': form = StudentEditAccountForm(request.user, request.POST) if form.is_valid(): data = form.cleaned_data changing_email = False # check not default value for CharField if (data['password'] != ''): student.new_user.set_password(data['password']) student.new_user.save() update_session_auth_hash(request, form.user) # allow individual students to update more if not student.class_field: new_email = data['email'] if new_email != '' and new_email != student.new_user.email: # new email to set and verify changing_email = True send_verification_email(request, student.user, new_email) student.new_user.first_name = data['name'] # save all tables student.save() student.new_user.save() messages.success( request, 'Your account details have been changed successfully.') if changing_email: logout(request) return render(request, 'portal/email_verification_needed.html', { 'userprofile': student.user, 'email': new_email }) return HttpResponseRedirect(reverse_lazy('student_details')) else: form = StudentEditAccountForm( request.user, initial={'name': student.new_user.first_name}) return render(request, 'portal/play/student_edit_account.html', {'form': form})
def process_dismiss_student_form(request, formset, klass, access_code): for data in formset.cleaned_data: student = get_object_or_404( Student, class_field=klass, new_user__first_name__iexact=data['orig_name']) student.class_field = None student.new_user.first_name = data['name'] student.new_user.username = data['name'] student.new_user.email = data['email'] student.save() student.new_user.save() send_verification_email(request, student.new_user) messages.success( request, 'The students have been removed successfully from the class.') return HttpResponseRedirect( reverse_lazy('view_class', kwargs={'access_code': access_code}))
def process_student_signup_form(request, data): student = Student.objects.independentStudentFactory( username=data['username'], name=data['name'], email=data['email'], password=data['password']) email_supplied = (data['email'] != '') if email_supplied: if _newsletter_ticked(data): user = student.new_user add_to_salesforce(user.first_name, user.last_name, user.email) send_verification_email(request, student.new_user) return render(request, 'portal/email_verification_needed.html', {'user': student.new_user}) return render(request, 'portal/play/student_details.html')
def process_dismiss_student_form(request, formset, klass, access_code): for data in formset.cleaned_data: student = get_object_or_404( Student, class_field=klass, new_user__first_name__iexact=data["orig_name"] ) student.class_field = None student.new_user.first_name = data["name"] student.new_user.username = data["name"] student.new_user.email = data["email"] student.save() student.new_user.save() send_verification_email(request, student.new_user) messages.success( request, "The students have been removed successfully from the class." ) return HttpResponseRedirect( reverse_lazy("view_class", kwargs={"access_code": access_code}) )
def process_dismiss_student_form(request, formset, klass, access_code): for data in formset.cleaned_data: student = get_object_or_404( Student, class_field=klass, new_user__first_name__iexact=data["orig_name"]) remove_access_from_all_aimmo_games(student, klass.teacher) student.class_field = None student.new_user.first_name = data["name"] student.new_user.username = data["name"] student.new_user.email = data["email"] student.save() student.new_user.save() student.new_user.userprofile.save() send_verification_email(request, student.new_user) messages.success( request, "The students have been removed successfully from the class.") return HttpResponseRedirect( reverse_lazy("view_class", kwargs={"access_code": access_code}))
def process_login_form(request, login_form): user = login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, 'portal/email_verification_needed.html', {'user': user}) login(request, login_form.user) if using_two_factor(request.user): return render( request, 'portal/2FA_redirect.html', { 'form': AuthenticationForm(), 'username': request.user.username, 'password': login_form.cleaned_data['teacher_password'], }) next_url = request.GET.get('next', None) if next_url: return HttpResponseRedirect(next_url) teacher = request.user.userprofile.teacher return redirect_user_to_correct_page(request, teacher)
def teach(request): invalid_form = False limits = getattr(request, 'limits', {'ip': [0], 'email': [0]}) captcha_limit = 5 using_captcha = (limits['ip'][0] > captcha_limit or limits['email'][0] > captcha_limit) should_use_captcha = (limits['ip'][0] >= captcha_limit or limits['email'][0] >= captcha_limit) LoginFormWithCaptcha = partial( create_form_subclass_with_recaptcha(TeacherLoginForm, recaptcha_client), request) InputLoginForm = LoginFormWithCaptcha if using_captcha else TeacherLoginForm OutputLoginForm = LoginFormWithCaptcha if should_use_captcha else TeacherLoginForm login_form = OutputLoginForm(prefix='login') signup_form = TeacherSignupForm(prefix='signup') if request.method == 'POST': if 'login' in request.POST: login_form = InputLoginForm(request.POST, prefix='login') if login_form.is_valid(): user = login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, 'portal/email_verification_needed.html', {'user': user}) login(request, login_form.user) if using_two_factor(request.user): return render(request, 'portal/2FA_redirect.html', { 'form': AuthenticationForm(), 'username': request.user.username, 'password': login_form.cleaned_data['password'], }) else: link = reverse('two_factor:profile') messages.info( request, ("You are not currently set up with two-factor authentication. " + "Use your phone or tablet to enhance your account's security. " + "Click <a href='" + link + "'>here</a> to find out more and " + "set it up or go to your account page at any time."), extra_tags='safe') next_url = request.GET.get('next', None) if next_url: return HttpResponseRedirect(next_url) return HttpResponseRedirect(reverse_lazy('teacher_home')) else: login_form = OutputLoginForm(request.POST, prefix='login') invalid_form = True if 'signup' in request.POST: signup_form = TeacherSignupForm(request.POST, prefix='signup') if signup_form.is_valid(): data = signup_form.cleaned_data teacher = Teacher.objects.factory( title=data['title'], first_name=data['first_name'], last_name=data['last_name'], email=data['email'], password=data['password']) send_verification_email(request, teacher.new_user) return render(request, 'portal/email_verification_needed.html', {'user': teacher.new_user}) logged_in_as_teacher = hasattr(request.user, 'userprofile') and \ hasattr(request.user, 'teacher') and \ (request.user.is_verified() or not using_two_factor(request.user)) res = render(request, 'portal/teach.html', { 'login_form': login_form, 'signup_form': signup_form, 'logged_in_as_teacher': logged_in_as_teacher, }) res.count = invalid_form return res
def play(request): invalid_form = False limits = getattr(request, 'limits', {'ip': [0], 'name': [0]}) ip_captcha_limit = 30 name_captcha_limit = 5 using_captcha = (limits['ip'][0] > ip_captcha_limit or limits['name'][0] >= name_captcha_limit) should_use_captcha = (limits['ip'][0] >= ip_captcha_limit or limits['name'][0] >= name_captcha_limit) StudentLoginFormWithCaptcha = partial( create_form_subclass_with_recaptcha(StudentLoginForm, recaptcha_client), request) InputStudentLoginForm = StudentLoginFormWithCaptcha if using_captcha else StudentLoginForm OutputStudentLoginForm = StudentLoginFormWithCaptcha if should_use_captcha else StudentLoginForm IndependentStudentLoginFormWithCaptcha = partial( create_form_subclass_with_recaptcha(IndependentStudentLoginForm, recaptcha_client), request) InputIndependentStudentLoginForm = IndependentStudentLoginFormWithCaptcha if using_captcha else IndependentStudentLoginForm OutputIndependentStudentLoginForm = IndependentStudentLoginFormWithCaptcha if should_use_captcha else IndependentStudentLoginForm school_login_form = OutputStudentLoginForm(prefix='login') independent_student_login_form = IndependentStudentLoginForm(prefix='independent_student') signup_form = StudentSignupForm(prefix='signup') independent_student_view = False signup_view = False if request.method == 'POST': if 'school_login' in request.POST: school_login_form = InputStudentLoginForm(request.POST, prefix='login') if school_login_form.is_valid(): login(request, school_login_form.user) next_url = request.GET.get('next', None) if next_url: return HttpResponseRedirect(next_url) return HttpResponseRedirect(reverse_lazy('student_details')) else: school_login_form = OutputStudentLoginForm(request.POST, prefix='login') invalid_form = True elif 'independent_student_login' in request.POST: independent_student_login_form = InputIndependentStudentLoginForm(request.POST, prefix='independent_student') if independent_student_login_form.is_valid(): user = independent_student_login_form.user if not is_verified(user): send_verification_email(request, user) return render(request, 'portal/email_verification_needed.html', {'user': user}) login(request, independent_student_login_form.user) next_url = request.GET.get('next', None) if next_url: return HttpResponseRedirect(next_url) return HttpResponseRedirect(reverse_lazy('student_details')) else: independent_student_view = True independent_student_login_form = OutputIndependentStudentLoginForm(request.POST, prefix='independent_student') school_login_form = StudentLoginForm(prefix='login') invalid_form = True elif 'signup' in request.POST: signup_form = StudentSignupForm(request.POST, prefix='signup') if signup_form.is_valid(): data = signup_form.cleaned_data student = Student.objects.independentStudentFactory( username=data['username'], name=data['name'], email=data['email'], password=data['password']) email_supplied = (data['email'] != '') if (email_supplied): send_verification_email(request, student.new_user) return render(request, 'portal/email_verification_needed.html', {'user': student.new_user}) else: # dead code - frontend ensures email supplied. auth_user = authenticate(username=data['username'], password=data['password']) login(request, auth_user) return render(request, 'portal/play/student_details.html') else: signup_view = True res = render(request, 'portal/play.html', { 'school_login_form': school_login_form, 'independent_student_login_form': independent_student_login_form, 'signup_form': signup_form, 'independent_student_view': independent_student_view, 'signup_view': signup_view, }) res.count = invalid_form return res
def teacher_edit_account(request): teacher = request.user.new_teacher backup_tokens = 0 # For teachers using 2FA, find out how many backup tokens they have if using_two_factor(request.user): try: backup_tokens = request.user.staticdevice_set.all( )[0].token_set.count() except Exception: backup_tokens = 0 if request.method == 'POST': form = TeacherEditAccountForm(request.user, request.POST) if form.is_valid(): data = form.cleaned_data changing_email = False # check not default value for CharField if (data['password'] != ''): teacher.new_user.set_password(data['password']) teacher.new_user.save() update_session_auth_hash(request, form.user) teacher.title = data['title'] teacher.new_user.first_name = data['first_name'] teacher.new_user.last_name = data['last_name'] new_email = data['email'] if new_email != '' and new_email != teacher.new_user.email: # new email to set and verify changing_email = True send_verification_email(request, teacher.new_user, new_email) teacher.save() teacher.new_user.save() if changing_email: logout(request) messages.success( request, 'Your account details have been successfully changed. Your email will be changed once you have verified it, until then you can still log in with your old email.' ) return render(request, 'portal/email_verification_needed.html', { 'userprofile': teacher.user, 'email': new_email }) messages.success( request, 'Your account details have been successfully changed.') return HttpResponseRedirect(reverse_lazy('teacher_home')) else: form = TeacherEditAccountForm(request.user, initial={ 'title': teacher.title, 'first_name': teacher.new_user.first_name, 'last_name': teacher.new_user.last_name, 'school': teacher.school, }) return render(request, 'portal/teach/teacher_edit_account.html', { 'form': form, 'backup_tokens': backup_tokens })