def recover_password(request):
"""Endpoint for requesting user's password recovery."""
data = request.body
if data:
try:
data = json.loads(data)
user = User.objects.get(username=data.get("username",False))
if user:
form = PasswordResetForm({'email': user.email})
if form.is_valid():
opts = {
'use_https': request.is_secure(),
'token_generator': default_token_generator,
'from_email': None,
'email_template_name': 'password_reset_email.html',
'subject_template_name': 'password_reset_subject.txt',
'request': request,
'html_email_template_name': None,
}
form.save(**opts)
return HttpResponse(json.dumps({"detail": "ok"}), status=status.HTTP_200_OK,
content_type="application/json")
except Exception as e:
pass
return HttpResponse(status=status.HTTP_400_BAD_REQUEST)
def forgot_password(request, mobile=False):
"""Password reset form. This view sends an email with a reset link.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
valid = form.is_valid()
if valid:
form.save(use_https=request.is_secure(),
token_generator=default_token_generator,
email_template_name='users/email/pw_reset.ltxt')
if mobile:
if valid:
return HttpResponseRedirect(
reverse('users.mobile_pw_reset_sent'))
else:
if not valid:
return {
'status': 'error',
'errors': dict(form.errors.iteritems())
}
else:
return {'status': 'success'}
else:
form = PasswordResetForm()
if mobile:
return jingo.render(request, 'users/mobile/pw_reset_form.html',
{'form': form})
def password_reset(request):
"""Password reset form.
Based on django.contrib.auth.views. This view sends the email.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
if form.is_valid():
form.save(use_https=request.is_secure(),
token_generator=default_token_generator,
email_template_name='users/email/pw_reset.ltxt')
# Don't leak existence of email addresses.
return HttpResponseRedirect(reverse('users.pw_reset_sent'))
else:
form = PasswordResetForm()
return render(request, 'users/pw_reset_form.html', {'form': form})
def password_reset(request):
"""Password reset form.
Based on django.contrib.auth.views. This view sends the email.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
if form.is_valid():
form.save(use_https=request.is_secure(),
token_generator=default_token_generator,
email_template_name='users/email/pw_reset.ltxt')
# Don't leak existence of email addresses.
return HttpResponseRedirect(reverse('users.pw_reset_sent'))
else:
form = PasswordResetForm()
return jingo.render(request, 'users/pw_reset_form.html', {'form': form})
def reset_password(request):
form = PasswordResetForm()
status = request.GET.get('status')
if request.method == 'POST':
form = PasswordResetForm(request.POST)
elif request.user.has_perm('auth.change_user'): # Prefill user email
try:
user = User.objects.get(id=request.GET.get('id'))
form = PasswordResetForm({'email': user.email})
except User.DoesNotExist:
pass
if not status == 'invalid_token':
status = None
if form.is_valid():
form.save()
status = 'success'
return render(request, 'users/reset_password.html', {'form': form, 'status': status})
def reset_password(request):
form = PasswordResetForm()
status = request.GET.get('status')
if request.method == 'POST':
form = PasswordResetForm(request.POST)
elif request.user.has_perm('auth.change_user'): # Prefill user email
try:
user = User.objects.get(id=request.GET.get('id'))
form = PasswordResetForm({'email': user.email})
except User.DoesNotExist:
pass
if not status == 'invalid_token':
status = None
if form.is_valid():
form.save()
status = 'success'
return render(request, 'users/reset_password.html', {
'form': form,
'status': status
})
def forgot_password(request, mobile=False):
"""Password reset form. This view sends an email with a reset link.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
valid = form.is_valid()
if valid:
form.save(use_https=request.is_secure(),
token_generator=default_token_generator,
email_template_name='users/email/pw_reset.ltxt')
if mobile:
if valid:
return HttpResponseRedirect(reverse('users.mobile_pw_reset_sent'))
else:
if not valid:
return {'status': 'error',
'errors': dict(form.errors.iteritems())}
else:
return {'status': 'success'}
else:
form = PasswordResetForm()
if mobile:
return jingo.render(request, 'users/mobile/pw_reset_form.html', {'form': form})
