def login(request, mobile=False): """Try to log the user in.""" form = handle_login(request) next = clean_next_url(request) if mobile: next_url = next or reverse('mobile.home') if request.user.is_authenticated(): profile = request.user.profile if not profile.login_mobile: profile.login_mobile = True profile.save() profile.trigger_multisparker_badge() return HttpResponseRedirect(next_url) return jingo.render(request, 'users/mobile/login.html', {'form': form, 'next_url': next_url}) else: # ajax login if request.method == 'POST' and request.is_ajax(): if not form.is_valid(): return {'status': 'error', 'errors': dict(form.errors.iteritems())} else: profile = request.user.profile if not profile.login_desktop: profile.login_desktop = True profile.save() profile.trigger_multisparker_badge() return {'status': 'success', 'next': next or reverse('desktop.home')} return HttpResponseBadRequest()
def boost2_confirm(request): """ Boost your Spark step 2/2 confirmation. This view saves the parent-child relationship in the user tree. """ profile = request.user.profile ajax = request.is_ajax() if profile.boost2_completed: return HttpResponseRedirect(reverse('mobile.home')) username = request.POST.get('parent') no_parent = request.POST.get('no_parent') if username or no_parent: error = False if not no_parent: try: parent = User.objects.get(username=username) created = create_relationship(parent, request.user) if created: profile.no_parent = False profile.save() # Update 'longest chain' stat of all ancestors if necessary profile.update_ancestors_longest_chain() # Add a share for the parent SharingHistory.add_share(parent.profile) # Add a share between cities of this user and the parent user CitySharingHistory.add_share_from_profiles(parent.profile, profile) # Trigger challenge completion for the parent update_completed_challenges.delay(parent.id) else: error = True except User.DoesNotExist: error = True if not error: profile = request.user.profile profile.parent_username = username profile.boost2_completed = True profile.save() # Don't use a celery task here so that "+{n} new" notification # has the correct value in the mobile menu on the next page. # This requires to award badges synchronously for this particular step. update_completed_challenges(profile.user.id) if ajax: return {'status': 'success', 'url': reverse('desktop.parent_info')} else: return HttpResponseRedirect(reverse('mobile.home')) else: if ajax: return {'status': 'error'} return jingo.render(request, 'spark/handlers/mobile/400.html', status=400)
def test_login(self): '''Test a valid login.''' response = self.client.post(reverse('users.login'), {'username': '******', 'password': '******'}) eq_(302, response.status_code) eq_('http://testserver' + reverse('desktop.home', locale=settings.LANGUAGE_CODE), response['location'])
def test_login(self): '''Test a valid login.''' response = self.client.post(reverse('users.login'), { 'username': '******', 'password': '******' }) eq_(302, response.status_code) eq_( 'http://testserver' + reverse('desktop.home', locale=settings.LANGUAGE_CODE), response['location'])
def register(request, mobile=False): """Register a new user.""" form = handle_register(request) valid = form.is_valid() if valid: # User is logged-in automatically after registration new_user = auth.authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password']) auth.login(request, new_user) # Register for newletters data = form.cleaned_data optins = [] if data['newsletter']: optins.append(settings.MOZILLA_CAMPAIGN) if data['spark_newsletter']: optins.append(settings.SPARK_CAMPAIGN) if len(optins) > 0: # This will be async if Celery is enabled status= responsys.subscribe(optins, data['email'], 'html', responsys.make_source_url(request), request.locale) # Set a flag for mobile menu notifications profile = User.objects.get(username=form.cleaned_data['username']).profile profile.new_challenges = True # Set desktop or mobile login flag if mobile: profile.login_mobile = True else: profile.login_desktop = True profile.save() if mobile: if valid: return HttpResponseRedirect(reverse('mobile.boost')) else: return jingo.render(request, 'users/mobile/register.html', {'form': form}) else: # ajax desktop registration if valid: return {'status': 'success', 'next': reverse('desktop.home')} else: return {'status': 'error', 'errors': dict(form.errors.iteritems())}
def forgot_password(request, mobile=False): """Password reset form. This view sends an email with a reset link. """ if request.method == "POST": form = PasswordResetForm(request.POST) valid = form.is_valid() if valid: form.save(use_https=request.is_secure(), token_generator=default_token_generator, email_template_name='users/email/pw_reset.ltxt') if mobile: if valid: return HttpResponseRedirect( reverse('users.mobile_pw_reset_sent')) else: if not valid: return { 'status': 'error', 'errors': dict(form.errors.iteritems()) } else: return {'status': 'success'} else: form = PasswordResetForm() if mobile: return jingo.render(request, 'users/mobile/pw_reset_form.html', {'form': form})
def visualization(request): from spark.models import City from stats.tasks import get_ordered_cities from stats.tasks import get_aggregate_history, get_final_history import json cities_by_name = City.objects.order_by('city_name').all() positions = get_ordered_cities() cities_by_longitude = City.objects.order_by('longitude') citylist = json.dumps([get_city_fullname(c.city_name, c.country_code, request.locale) for c in cities_by_longitude]) data = {'cities': [(positions[c.id], get_city_fullname(c.city_name, c.country_code, request.locale)) for c in cities_by_name], 'citylist': citylist, 'share_history': get_aggregate_history(-1), 'final_history': get_final_history(-1), 'starting_date': _timestamp(settings.CAMPAIGN_STARTING_DATE)} if request.user.is_authenticated(): data.update({'logged_in': True, 'user_history': get_aggregate_history(request.user.id), 'user_final_history': get_final_history(request.user.id) }) else: data.update({'login_next_url': reverse('desktop.visualization')}) return jingo.render(request, 'desktop/visualization.html', data)
def redirect_to(request, url, permanent=True, **kwargs): """Like Django's redirect_to except that 'url' is passed to reverse.""" dest = reverse(url, kwargs=kwargs) if permanent: return HttpResponsePermanentRedirect(dest) return HttpResponseRedirect(dest)
def test_no_match_passwords(self): response = self.client.post(reverse('users.mobile_register', locale='en-US'), {'username': '******', 'email': '*****@*****.**', 'password': '******', 'password2': 'barfoobaz'}, follow=True) self.assertContains(response, 'do not match')
def test_duplicate_username(self): response = self.client.post(reverse('users.mobile_register', locale='en-US'), {'username': '******', 'email': '*****@*****.**', 'password': '******', 'password2': 'foobarbaz'}, follow=True) self.assertContains(response, "not right")
def password_reset_confirm(request, uidb36=None, token=None, mobile=False): """View that checks the hash in a password reset link and presents a form for entering a new password. Based on django.contrib.auth.views. """ try: uid_int = base36_to_int(uidb36) except ValueError: raise Http404 user = get_object_or_404(User, id=uid_int) context = {} if default_token_generator.check_token(user, token): context['validlink'] = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() if mobile: return HttpResponseRedirect(reverse('users.mobile_pw_reset_complete')) else: return {'pw_reset_complete': True} else: form = SetPasswordForm(None) else: context['validlink'] = False form = None context['form'] = form return jingo.render(request, 'users/mobile/pw_reset_confirm.html', context)
def register(request): """Register a new user.""" form = handle_register(request) if form.is_valid(): return HttpResponseRedirect(reverse('mobile.home')) return jingo.render(request, 'users/mobile/register.html', {'form': form})
def sharebadge(request): badge_id = request.GET.get('id') try: # Verify that this badge exists badge = Challenge.objects.get(pk=badge_id) # Verify also that this user has earned this badge profile = request.user.profile has_badge = profile.has_badge(badge_id) if has_badge: data = {'badge_name': get_badge_name(badge.id), 'twitter_url': urlquote(profile.twitter_sharing_url), 'twitter_badge_msg': TWITTER_BADGE_MSG, 'facebook_url': profile.facebook_sharing_url, 'facebook_redirect': absolute_url(django_reverse('mobile.home')), 'facebook_title': urlquote(unicode(FACEBOOK_SPARK_TITLE)), 'facebook_badge_msg': FACEBOOK_BADGE_MSG, 'facebook_img': absolute_url(settings.MEDIA_URL+'img/badges/fb/'+badge.id.replace('_','-')+'.png'), 'facebook_desc': urlquote(badge.badge_description), 'FB_APP_ID': settings.FB_APP_ID} return jingo.render(request, 'mobile/sharebadge.html', data) except Challenge.DoesNotExist: # Ignore invalid badges pass # Return to earned badges page if the querystring contains an invalid badge id # or if the user tried to share a badge he/she has not earned yet. return HttpResponseRedirect(reverse('mobile.badges'))
def boost2(request): """ Boost your Spark step 2/2 : Allows a Spark user to find a parent user by username or email address.""" profile = request.user.profile ajax = request.is_ajax() if profile.boost2_completed: return HttpResponseRedirect(reverse('mobile.home')) if request.method == 'POST': form = BoostStep2Form(request.user, request.POST) if form.is_valid(): data = {} if form.parent_username: data.update({'parent': form.parent_username}) else: # User just checked the 'I started a new Spark on my own' box data.update({'no_parent': True}) if ajax: return {'status': 'success', 'data': data} else: return jingo.render(request, 'mobile/boost_step2_found.html', data) else: if ajax: return {'status': 'error', 'errors': dict([(k, [unicode(e) for e in v]) for k,v in form.errors.items()])} else: form = BoostStep2Form(request.user) return jingo.render(request, 'mobile/boost_step2.html', {'form': form})
def boost1(request): data = {} if request.method == 'POST': if('next' in request.POST): return HttpResponseRedirect(reverse('mobile.boost2')) data.update({'geolocation': 'success'}) return jingo.render(request, 'mobile/boost_step1.html', data)
def boost(request): profile = request.user.profile # 'Boost your Spark' is not available once both steps have been completed if profile.boost2_completed and profile.boost1_completed: return HttpResponseRedirect(reverse('mobile.home')) return jingo.render(request, 'mobile/boost.html')
def test_no_parent_confirm(self): self.client.login(username='******', password='******') response = self.client.post(self.url, {'no_parent': True}) assert isinstance(response, HttpResponseRedirect) eq_('http://testserver/en-US%s' % reverse('mobile.home'), response['location']) profile = User.objects.get(username='******').profile eq_(True, profile.boost2_completed)
def register(request, mobile=False): """Register a new user.""" form = handle_register(request) valid = form.is_valid() if valid: # User is logged-in automatically after registration new_user = auth.authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password']) auth.login(request, new_user) # Register for newletters data = form.cleaned_data optins = [] if data['newsletter']: optins.append(settings.MOZILLA_CAMPAIGN) if data['spark_newsletter']: optins.append(settings.SPARK_CAMPAIGN) if len(optins) > 0: # This will be async if Celery is enabled status = responsys.subscribe(optins, data['email'], 'html', responsys.make_source_url(request), request.locale) # Set a flag for mobile menu notifications profile = User.objects.get( username=form.cleaned_data['username']).profile profile.new_challenges = True # Set desktop or mobile login flag if mobile: profile.login_mobile = True else: profile.login_desktop = True profile.save() if mobile: if valid: return HttpResponseRedirect(reverse('mobile.boost')) else: return jingo.render(request, 'users/mobile/register.html', {'form': form}) else: # ajax desktop registration if valid: return {'status': 'success', 'next': reverse('desktop.home')} else: return {'status': 'error', 'errors': dict(form.errors.iteritems())}
def test_duplicate_email(self): User.objects.create(username='******', email='*****@*****.**').save() response = self.client.post(reverse('users.mobile_register', locale='en-US'), {'username': '******', 'email': '*****@*****.**', 'password': '******', 'password2': 'foobarbaz'}, follow=True) self.assertContains(response, "not right")
def setUp(self): self.client = LocalizingClient() self.url = reverse('mobile.boost1') self.fake_geo_data = {'lat': 48.8, 'long': 2.3, 'city': 'Paris', 'country': 'France', 'country_code': 'FR'}
def test_new_user(self, get_current): get_current.return_value.domain = 'su.mo.com' response = self.client.post(reverse('users.mobile_register', locale='en-US'), {'username': '******', 'email': '*****@*****.**', 'password': '******', 'password2': 'foobarbaz'}) eq_(302, response.status_code) u = User.objects.get(username='******') assert u.password.startswith('sha256') # Now try to log in u.save() response = self.client.post(reverse('users.mobile_login', locale='en-US'), {'username': '******', 'password': '******'}, follow=True) eq_(200, response.status_code) eq_('http://testserver/en-US/m/home', response.redirect_chain[0][0])
def boost2_confirm(request): """ Boost your Spark step 2/2 completion. """ username = request.POST.get('parent') if username: parent_user = User.objects.filter(username=username) if parent_user: return HttpResponseRedirect(reverse('mobile.home')) return jingo.render(request, 'spark/handlers/mobile/400.html', status=400)
def test_success(self, get_current): get_current.return_value.domain = 'testserver.com' r = self.client.post(reverse('users.mobile_forgot_password'), {'email': self.user.email}) eq_(302, r.status_code) eq_('http://testserver/en-US/m/pwresetsent', r['location']) eq_(1, len(mail.outbox)) assert mail.outbox[0].subject.find('Password reset') == 0 assert mail.outbox[0].body.find('pwreset/%s' % self.uidb36) > 0
def test_bad_reset_url(self): r = self.client.get('/m/pwreset/junk/', follow=True) eq_(r.status_code, 404) r = self.client.get( reverse('users.pw_reset_confirm', args=[self.uidb36, '12-345'])) eq_(200, r.status_code) doc = pq(r.content) eq_('Password reset unsuccessful', doc('#header h1').text())
def test_bad_reset_url(self): r = self.client.get('/m/pwreset/junk/', follow=True) eq_(r.status_code, 404) r = self.client.get(reverse('users.pw_reset_confirm', args=[self.uidb36, '12-345'])) eq_(200, r.status_code) doc = pq(r.content) eq_('Password reset unsuccessful', doc('#header h1').text())
def test_login_next_parameter(self): '''Test with a valid ?next=url parameter.''' next = '/kb/new' # Verify that next parameter is set in form hidden field. response = self.client.get(urlparams(reverse('users.login'), next=next)) eq_(200, response.status_code) doc = pq(response.content) eq_(next, doc('input[name="next"]')[0].attrib['value']) # Verify that it gets used on form POST. response = self.client.post(reverse('users.login'), {'username': '******', 'password': '******', 'next': next}) eq_(302, response.status_code) eq_('http://testserver' + next, response['location'])
def setUp(self): self.client = LocalizingClient() self.url = reverse('mobile.boost1') self.fake_geo_data = { 'lat': 48.8, 'long': 2.3, 'city': 'Paris', 'country': 'France', 'country_code': 'FR' }
def test_relationship_created(self): self.client.login(username='******', password='******') response = self.client.post(self.url, {'parent': 'john'}) assert isinstance(response, HttpResponseRedirect) eq_('http://testserver/en-US%s' % reverse('mobile.home'), response['location']) bob = User.objects.get(username='******') john = User.objects.get(username='******') eq_(bob.node.parent, john.node) eq_(True, bob.profile.boost2_completed)
def test_login_next_parameter(self): '''Test with a valid ?next=url parameter.''' next = '/kb/new' # Verify that next parameter is set in form hidden field. response = self.client.get(urlparams(reverse('users.login'), next=next)) eq_(200, response.status_code) doc = pq(response.content) eq_(next, doc('input[name="next"]')[0].attrib['value']) # Verify that it gets used on form POST. response = self.client.post(reverse('users.login'), { 'username': '******', 'password': '******', 'next': next }) eq_(302, response.status_code) eq_('http://testserver' + next, response['location'])
def test_unicode_password(self, get_current): u_str = u'\xe5\xe5\xee\xe9\xf8\xe7\u6709\u52b9' get_current.return_value.domain = 'su.mo.com' response = self.client.post(reverse('users.mobile_register', locale='en-US'),#locale='ja'), {'username': '******', 'email': '*****@*****.**', 'password': u_str, 'password2': u_str}, follow=True) eq_(200, response.status_code) u = User.objects.get(username='******') u.save() assert u.password.startswith('sha256') # make sure you can login now response = self.client.post(reverse('users.mobile_login', locale='en-US'),#locale='ja'), {'username': '******', 'password': u_str}, follow=True) eq_(200, response.status_code) #eq_('http://testserver/ja/home', response.redirect_chain[0][0]) eq_('http://testserver/en-US/m/home', response.redirect_chain[0][0])
def test_login_invalid_next_parameter(self, get_current): '''Test with an invalid ?next=http://example.com parameter.''' get_current.return_value.domain = 'testserver.com' invalid_next = 'http://foobar.com/evil/' valid_next = reverse('desktop.home', locale=settings.LANGUAGE_CODE) # Verify that _valid_ next parameter is set in form hidden field. response = self.client.get(urlparams(reverse('users.login'), next=invalid_next)) eq_(200, response.status_code) doc = pq(response.content) eq_(valid_next, doc('input[name="next"]')[0].attrib['value']) # Verify that it gets used on form POST. response = self.client.post(reverse('users.login'), {'username': '******', 'password': '******', 'next': invalid_next}) eq_(302, response.status_code) eq_('http://testserver' + valid_next, response['location'])
def login(request, mobile=False): """Try to log the user in.""" form = handle_login(request) next = clean_next_url(request) if mobile: next_url = next or reverse('mobile.home') if request.user.is_authenticated(): profile = request.user.profile if not profile.login_mobile: profile.login_mobile = True profile.save() profile.trigger_multisparker_badge() return HttpResponseRedirect(next_url) return jingo.render(request, 'users/mobile/login.html', { 'form': form, 'next_url': next_url }) else: # ajax login if request.method == 'POST' and request.is_ajax(): if not form.is_valid(): return { 'status': 'error', 'errors': dict(form.errors.iteritems()) } else: profile = request.user.profile if not profile.login_desktop: profile.login_desktop = True profile.save() profile.trigger_multisparker_badge() return { 'status': 'success', 'next': next or reverse('desktop.home') } return HttpResponseBadRequest()
def test_login_invalid_next_parameter(self, get_current): '''Test with an invalid ?next=http://example.com parameter.''' get_current.return_value.domain = 'testserver.com' invalid_next = 'http://foobar.com/evil/' valid_next = reverse('desktop.home', locale=settings.LANGUAGE_CODE) # Verify that _valid_ next parameter is set in form hidden field. response = self.client.get( urlparams(reverse('users.login'), next=invalid_next)) eq_(200, response.status_code) doc = pq(response.content) eq_(valid_next, doc('input[name="next"]')[0].attrib['value']) # Verify that it gets used on form POST. response = self.client.post(reverse('users.login'), { 'username': '******', 'password': '******', 'next': invalid_next }) eq_(302, response.status_code) eq_('http://testserver' + valid_next, response['location'])
def password_reset_confirm(request, uidb36=None, token=None): """View that checks the hash in a password reset link and presents a form for entering a new password. It's used on both desktop (ajax) and mobile websites. """ try: uid_int = base36_to_int(uidb36) except ValueError: raise Http404 user = get_object_or_404(User, id=uid_int) context = {} # Display mobile or desktop version by sniffing user-agent mobile = is_mobile(request) if default_token_generator.check_token(user, token): context['validlink'] = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() if mobile: return HttpResponseRedirect( reverse('users.mobile_pw_reset_complete')) else: return {'status': 'success'} elif not mobile: return { 'status': 'error', 'errors': dict(form.errors.iteritems()) } else: form = SetPasswordForm(None) else: context['validlink'] = False form = None context['form'] = form if mobile: return jingo.render(request, 'users/mobile/pw_reset_confirm.html', context) else: context.update({ 'uidb36': uidb36, 'token': token, 'is_pwreset': True, 'is_homepage': True, 'stats': get_global_stats() }) return jingo.render(request, 'desktop/home.html', context)
def test_login_legacy_password(self): '''Test logging in with a legacy md5 password.''' legacypw = 'legacypass' # Set the user's password to an md5 user = User.objects.get(username='******') user.password = hashlib.md5(legacypw).hexdigest() user.save() # Log in and verify that it's updated to a SHA-256 response = self.client.post(reverse('users.login'), {'username': '******', 'password': legacypw}) eq_(302, response.status_code) user = User.objects.get(username='******') assert user.password.startswith('sha256$') # Try to log in again. response = self.client.post(reverse('users.login'), {'username': '******', 'password': legacypw}) eq_(302, response.status_code)
def login(request, mobile=False): """Try to log the user in.""" form = handle_login(request) if mobile: next_url = _clean_next_url(request) or reverse('mobile.home') if request.user.is_authenticated(): return HttpResponseRedirect(next_url) return jingo.render(request, 'users/mobile/login.html', {'form': form, 'next_url': next_url}) else: # ajax login if request.method == 'POST' and request.is_ajax(): if not form.is_valid(): return {'status': 'error', 'errors': dict(form.errors.iteritems())} else: return {'status': 'success', 'next': reverse('desktop.dashboard')} return HttpResponseBadRequest()
def boost1(request): """ Boost your Spark step 1/2 : Allows a Spark user to be geolocated by the application.""" profile = request.user.profile ajax = request.is_ajax() if profile.boost1_completed: return HttpResponseRedirect(reverse('mobile.boost2')) data = {} invalid = False if request.method == 'POST': form = BoostStep1Form(request.POST) if form.is_valid(): data = form.cleaned_data invalid = data['city'] == '' or data['country_code'] == '' if not invalid: data.update({'lat': str(data['lat']), 'long': str(data['long']), 'city_id': 0, 'geo_result': get_city_fullname(data['city'], data['country_code'], request.locale)}) if invalid: from decimal import * city = get_nearest_city(Decimal(data['lat']), Decimal(data['long']), 1000) if city: data.update({ 'geo_fallback': True, 'lat': city.latitude, 'long': city.longitude, 'city_id': city.id, 'city': city.city_name, 'country_code': city.country_code, 'us_state': '', 'geo_result': get_city_fullname(city.city_name, city.country_code, request.locale) }) elif not ajax: data.update({'geolocation': 'error'}) return jingo.render(request, 'mobile/boost_step1.html', data) if ajax: data.update({'lon': data['long']}) # JS compression bug fix return {'status': 'success', 'data': data} else: return jingo.render(request, 'mobile/boost_step1_found.html', data) else: data.update({'geolocation': 'error'}) return jingo.render(request, 'mobile/boost_step1.html', data)
def boost2(request): """ Boost your Spark step 2/2 : Allows a Spark user to link his account to a parent user.""" if request.method == 'POST': form = BoostStep2Form(request.user, request.POST) if form.is_valid(): if form.parent_username: return jingo.render(request, 'mobile/boost_step2_found.html', {'parent': form.parent_username}) else: # User just checked the checkbox return HttpResponseRedirect(reverse('mobile.home')) else: form = BoostStep2Form(request.user) return jingo.render(request, 'mobile/boost_step2.html', {'form': form})
def boost1_confirm(request): ajax = request.is_ajax() profile = request.user.profile form = BoostStep1ConfirmForm(request.POST) if form.is_valid(): data = form.cleaned_data profile.latitude = data['lat'] profile.longitude = data['long'] if data['city_id'] != '0': try: city = City.objects.get(pk=data['city_id']) profile.major_city = city except City.DoesNotExist: # Wrong city in the POST data, redirect to manual geolocation page return HttpResponseRedirect(reverse('mobile.yourlocation')) profile.city_name = data['city'] profile.country_code = data['country_code'] if data['country_code'] == 'US': profile.us_state = data['us_state'] profile.boost1_completed = True profile.save() if not profile.major_city: approximate_major_city(profile, 1000) CountrySparked.add_country(data['country_code']) update_completed_challenges(profile.user.id) profile.add_city_shares_for_children() if ajax: return {'status': 'success', 'url': reverse('desktop.location_info')} else: return HttpResponseRedirect(reverse('mobile.boost2'))
def test_login_legacy_password(self): '''Test logging in with a legacy md5 password.''' legacypw = 'legacypass' # Set the user's password to an md5 user = User.objects.get(username='******') user.password = hashlib.md5(legacypw).hexdigest() user.save() # Log in and verify that it's updated to a SHA-256 response = self.client.post(reverse('users.login'), { 'username': '******', 'password': legacypw }) eq_(302, response.status_code) user = User.objects.get(username='******') assert user.password.startswith('sha256$') # Try to log in again. response = self.client.post(reverse('users.login'), { 'username': '******', 'password': legacypw }) eq_(302, response.status_code)
def password_reset_confirm(request, uidb36=None, token=None): """View that checks the hash in a password reset link and presents a form for entering a new password. It's used on both desktop (ajax) and mobile websites. """ try: uid_int = base36_to_int(uidb36) except ValueError: raise Http404 user = get_object_or_404(User, id=uid_int) context = {} # Display mobile or desktop version by sniffing user-agent mobile = is_mobile(request) if default_token_generator.check_token(user, token): context['validlink'] = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() if mobile: return HttpResponseRedirect(reverse('users.mobile_pw_reset_complete')) else: return {'status': 'success'} elif not mobile: return {'status': 'error', 'errors': dict(form.errors.iteritems())} else: form = SetPasswordForm(None) else: context['validlink'] = False form = None context['form'] = form if mobile: return jingo.render(request, 'users/mobile/pw_reset_confirm.html', context) else: context.update({'uidb36': uidb36, 'token': token, 'is_pwreset': True, 'is_homepage': True, 'stats': get_global_stats() }) return jingo.render(request, 'desktop/home.html', context)
def delete_account(request): """Delete account ajax view.""" form = PasswordConfirmationForm(user=request.user, data=request.POST) if not form.is_valid(): return {'status': 'error', 'errors': dict(form.errors.iteritems())} else: # Anonymize user instead of actually deleting it. # We need to keep user metadata in Profile and UserNode # so that the game keeps working as intended. # If we used user.delete() these would get deleted too. request.user.username = None request.user.password = None request.user.email = None request.user.is_active = False request.user.save() auth.logout(request) return {'status': 'success', 'next': reverse('desktop.home')}
def geolocation_fallback(request): ajax = request.is_ajax() profile = request.user.profile if not profile.boost1_completed: if request.method == 'POST': city_id = request.POST.get('city') try: city = City.objects.get(pk=city_id) data = { 'lat': city.latitude, 'long': city.longitude, 'city_id': city_id, 'city': city.city_name, 'country_code': city.country_code, 'us_state': '', 'geo_result': get_city_fullname(city.city_name, city.country_code, request.locale) } if ajax: data.update({'lon': data['long']}) # JS compression bug fix return {'status': 'success', 'data': data} else: return jingo.render(request, 'mobile/boost_step1_found.html', data) except City.DoesNotExist: # Wrong city in the POST data if ajax: return {'status': 'error', 'errors': {'citylist': [_(u'Select your location manually')]}} cities = City.objects.order_by('city_name') citylist = [(city.id, get_city_fullname(city.city_name, city.country_code, request.locale)) for city in cities] return jingo.render(request, 'mobile/citylist.html', {'cities': citylist}) # Ignore chosen city and redirect if user has already completed Boost step 1. return HttpResponseRedirect(reverse('mobile.boost2'))
def forgot_password(request, mobile=False): """Password reset form. This view sends an email with a reset link. """ if request.method == "POST": form = PasswordResetForm(request.POST) valid = form.is_valid() if valid: form.save(use_https=request.is_secure(), token_generator=default_token_generator, email_template_name='users/email/pw_reset.ltxt') if mobile: if valid: return HttpResponseRedirect(reverse('users.mobile_pw_reset_sent')) else: if not valid: return {'status': 'error', 'errors': dict(form.errors.iteritems())} else: return {'status': 'success'} else: form = PasswordResetForm() if mobile: return jingo.render(request, 'users/mobile/pw_reset_form.html', {'form': form})
def password_reset(request, mobile=False): """Password reset form. Based on django.contrib.auth.views. This view sends the email. """ if request.method == "POST": form = PasswordResetForm(request.POST) if form.is_valid(): form.save(use_https=request.is_secure(), token_generator=default_token_generator, email_template_name='users/email/pw_reset.ltxt') # Don't leak existence of email addresses # (No error if wrong email address) if mobile: return HttpResponseRedirect(reverse('users.mobile_pw_reset_sent')) else: return {'pw_reset_sent': True} else: form = PasswordResetForm() if mobile: return jingo.render(request, 'users/mobile/pw_reset_form.html', {'form': form})
def setUp(self): super(EmailChangeTests, self).setUp() self.url = reverse('users.change_email') self.user = User.objects.get(username='******') self.client.login(username='******', password='******')
def setUp(self): super(PasswordChangeTests, self).setUp() self.user = User.objects.get(username='******') self.url = reverse('users.pw_change') self.new_pw = 'fjdka387fvstrongpassword!' self.client.login(username='******', password='******')