def deactivate_user(request):
if request.method == 'GET' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.GET["key"])
u_name = v.clean_usernameRE(request.GET["user"])
# If key and username are valid
if request.GET["key"] == key and u_name:
try:
# Check profile for key and compare.
user = User.objects.get(username=u_name)
user_profile = get_or_create_profile(user)
# If you wish to have your users deactivate with the same
# link sent in activation, remove this if statement
if user_profile.activated:
key_correct = False
elif user_profile.activate_key == key:
# Disable account.
user_profile.activated = False
user_profile.save()
user.is_active = False
user.save()
key_correct = True
else:
key_correct = False
except ObjectDoesNotExist:
key_correct = False
else:
key_correct = False
if key_correct:
user_name = user.username
response = render_to_response(
'auth/deactivated.html',
locals()
)
else:
error = "Deactivation failed."
response = render_to_response(
'error.html',
locals()
)
return response
# Logged on or didn't give GET data.
return HttpResponseRedirect('/')
def activate_user(request):
if request.method == 'GET' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.GET["key"])
u_name = v.clean_usernameRE(request.GET["user"])
# If key and username are valid
if request.GET["key"] == key and u_name:
try:
# Check profile for key and compare.
user = User.objects.get(username=u_name)
user_profile = get_or_create_profile(user)
# You're already activated
if user_profile.activated:
key_correct = False
# You're disabled.
elif user.is_active == False:
key_correct = False
elif user_profile.activate_key == key:
# Activate user
user_profile.activated = True
user_profile.save()
key_correct = True
else:
key_correct = False
except ObjectDoesNotExist:
key_correct = False
else:
key_correct = False
user_navigation = user_nav(False)
if key_correct:
user_name = user.username
response = render_to_response(
'auth/activated.html',
locals()
)
else:
error = "Activation failed."
response = render_to_response(
'error.html',
locals()
)
return response
# Logged on or didn't give GET data.
return HttpResponseRedirect('/')
def activate_user(request):
if request.method == 'GET' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.GET["key"])
u_name = v.clean_usernameRE(request.GET["user"])
# If key and username are valid
if request.GET["key"] == key and u_name:
try:
# Check profile for key and compare.
user = User.objects.get(username=u_name)
user_profile = get_or_create_profile(user)
# You're already activated
if user_profile.activated:
key_correct = False
# You're disabled.
elif user.is_active == False:
key_correct = False
elif user_profile.activate_key == key:
# Activate user
user_profile.activated = True
user_profile.save()
key_correct = True
else:
key_correct = False
except ObjectDoesNotExist:
key_correct = False
else:
key_correct = False
user_navigation = user_nav(False)
if key_correct:
user_name = user.username
response = render_to_response('auth/activated.html', locals())
else:
error = "Activation failed."
response = render_to_response('error.html', locals())
return response
# Logged on or didn't give GET data.
return HttpResponseRedirect('/')
def deactivate_user(request):
if request.method == 'GET' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.GET["key"])
u_name = v.clean_usernameRE(request.GET["user"])
# If key and username are valid
if request.GET["key"] == key and u_name:
try:
# Check profile for key and compare.
user = User.objects.get(username=u_name)
user_profile = get_or_create_profile(user)
# If you wish to have your users deactivate with the same
# link sent in activation, remove this if statement
if user_profile.activated:
key_correct = False
elif user_profile.activate_key == key:
# Disable account.
user_profile.activated = False
user_profile.save()
user.is_active = False
user.save()
key_correct = True
else:
key_correct = False
except ObjectDoesNotExist:
key_correct = False
else:
key_correct = False
if key_correct:
user_name = user.username
response = render_to_response('auth/deactivated.html', locals())
else:
error = "Deactivation failed."
response = render_to_response('error.html', locals())
return response
# Logged on or didn't give GET data.
return HttpResponseRedirect('/')
def recover_attempt(request):
global base_title
global global_nav, user_nav
title = base_title + "Recovery"
global_navigation=global_nav()
# If user is not logged on
if request.method == 'GET' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.GET["key"])
u_name = v.clean_usernameRE(request.GET["user"])
# If valid data
if request.GET["key"] == key and u_name:
# return new password form
the_user = u_name
the_key = key
response = render_to_response(
'auth/recoveryattempt.html',
locals(),
context_instance=RequestContext(request)
)
else:
error = "User does not exist."
response = render_to_response(
'error.html',
locals()
)
# If user isn't online and is sending post data
elif request.method == 'POST' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.POST["key"])
u_name = v.clean_usernameRE(request.POST["user"])
# If key/username is validated by regex
if request.POST["key"] == key and u_name:
try:
# Check profile for key and compare.
user = User.objects.get(username=u_name)
user_profile = get_or_create_profile(user)
# Get database key and key time limit
key_db = user_profile.recovery_key
keylimit_db = user_profile.recovery_time
# Current time
time_now = now()
# If the key hasn't expired and is correct
if now() < keylimit_db and key_db == key:
password = v.clean_password(request.POST["p1"])
recover_error = ""
if not request.POST["p1"] == request.POST["p2"]:
recover_error = "Passwords don't match."
elif password == None:
recover_error = "No password entered."
elif password == -1:
recover_error = "Passwords have to be at least 5 characters."
# If there is an error
if recover_error != '':
# Set error variable for template
error = recover_error
response = render_to_response(
'error.html',
locals()
)
else:
# No errors, change password
user.set_password(password)
user.save()
# Expire recovery time.
user_profile.recovery_time = now()
user_profile.save()
response = render_to_response(
'auth/recoverysuccess.html',
locals()
)
else:
error = "Invalid key and/or username."
response = render_to_response(
'error.html',
locals()
)
except User.DoesNotExist:
error = "User doesn't exist."
response = render_to_response(
'error.html',
locals()
)
else:
error = "Invalid key and/or username."
response = render_to_response(
'error.html',
locals()
)
else:
# logged on, no recovery.
return HttpResponseRedirect('/')
return response
def recover_user(request):
global base_title
global global_nav, user_nav
title = base_title + "Recovery"
global_navigation=global_nav()
# If user is not logged on
if not request.user.is_authenticated():
# Return user navigation for an anonymous session
user_navigation = user_nav(False)
# Set up captcha html.
captcha_test = captcha.displayhtml(captcha_publickey)
# If user has sent POST data (not logged in)
if request.method == 'POST':
# Check info via regex
u_name = v.clean_usernameRE(request.POST["usern"])
email = v.clean_emailRE(request.POST["email"])
if email == request.POST["email"] and u_name:
try:
user = User.objects.get(username__iexact=u_name)
user_profile = get_or_create_profile(user)
# Current time
time_now = now()
# Recovery time
recovery_time = user_profile.recovery_time
if time_now > recovery_time:
# Key has been requested too many times in 2 hours.
error = "Recovery keys can only be requested once every 2 hours."
response = render_to_response(
'error.html',
locals()
)
else:
# Connect to SMTP server
connection = mail.get_connection()
connection.open()
# Create a recovery key
user_profile.recovery_key = KeyGen()
user_profile.save()
# Create account recovery link
message_recoveryurl = baseurl+"/recover/?key="+str(user_profile.recovery_key)
message_recoveryurl = message_recoveryurl+"&user="******"<$user>", str(user.username))
message = message.replace("<$recoverylink>", message_recoveryurl)
message = message.replace("<$time>", str(user_profile.recovery_time))
# Send email
email = EmailMessage(
"Account Recovery",
message,
EMAIL_HOST_USER,
[user.email]
)
email.send()
connection.close()
# Tell user to check their email.
error = "Check your email for a recovery link."
response = render_to_response(
'error.html',
locals()
)
except User.DoesNotExist:
error = "No user with that email exists."
response = render_to_response(
'error.html',
locals()
)
else:
error = "No user with that email exists."
response = render_to_response(
'error.html',
locals()
)
else:
# Didn't submit, give recovery form.
response = render_to_response(
'auth/recovery.html',
locals(),
context_instance=RequestContext(request)
)
# You're signed in, no recovery for you.
else:
return HttpResponseRedirect('/')
return response
def recover_attempt(request):
global base_title
global global_nav, user_nav
title = base_title + "Recovery"
global_navigation = global_nav()
# If user is not logged on
if request.method == 'GET' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.GET["key"])
u_name = v.clean_usernameRE(request.GET["user"])
# If valid data
if request.GET["key"] == key and u_name:
# return new password form
the_user = u_name
the_key = key
response = render_to_response(
'auth/recoveryattempt.html',
locals(),
context_instance=RequestContext(request))
else:
error = "User does not exist."
response = render_to_response('error.html', locals())
# If user isn't online and is sending post data
elif request.method == 'POST' and not request.user.is_authenticated():
# Check if data could be valid through regex
key = v.clean_key(request.POST["key"])
u_name = v.clean_usernameRE(request.POST["user"])
# If key/username is validated by regex
if request.POST["key"] == key and u_name:
try:
# Check profile for key and compare.
user = User.objects.get(username=u_name)
user_profile = get_or_create_profile(user)
# Get database key and key time limit
key_db = user_profile.recovery_key
keylimit_db = user_profile.recovery_time
# Current time
time_now = now()
# If the key hasn't expired and is correct
if now() < keylimit_db and key_db == key:
password = v.clean_password(request.POST["p1"])
recover_error = ""
if not request.POST["p1"] == request.POST["p2"]:
recover_error = "Passwords don't match."
elif password == None:
recover_error = "No password entered."
elif password == -1:
recover_error = "Passwords have to be at least 5 characters."
# If there is an error
if recover_error != '':
# Set error variable for template
error = recover_error
response = render_to_response('error.html', locals())
else:
# No errors, change password
user.set_password(password)
user.save()
# Expire recovery time.
user_profile.recovery_time = now()
user_profile.save()
response = render_to_response(
'auth/recoverysuccess.html', locals())
else:
error = "Invalid key and/or username."
response = render_to_response('error.html', locals())
except User.DoesNotExist:
error = "User doesn't exist."
response = render_to_response('error.html', locals())
else:
error = "Invalid key and/or username."
response = render_to_response('error.html', locals())
else:
# logged on, no recovery.
return HttpResponseRedirect('/')
return response
def recover_user(request):
global base_title
global global_nav, user_nav
title = base_title + "Recovery"
global_navigation = global_nav()
# If user is not logged on
if not request.user.is_authenticated():
# Return user navigation for an anonymous session
user_navigation = user_nav(False)
# Set up captcha html.
captcha_test = captcha.displayhtml(captcha_publickey)
# If user has sent POST data (not logged in)
if request.method == 'POST':
# Check info via regex
u_name = v.clean_usernameRE(request.POST["usern"])
email = v.clean_emailRE(request.POST["email"])
if email == request.POST["email"] and u_name:
try:
user = User.objects.get(username__iexact=u_name)
user_profile = get_or_create_profile(user)
# Current time
time_now = now()
# Recovery time
recovery_time = user_profile.recovery_time
if time_now > recovery_time:
# Key has been requested too many times in 2 hours.
error = "Recovery keys can only be requested once every 2 hours."
response = render_to_response('error.html', locals())
else:
# Connect to SMTP server
connection = mail.get_connection()
connection.open()
# Create a recovery key
user_profile.recovery_key = KeyGen()
user_profile.save()
# Create account recovery link
message_recoveryurl = baseurl + "/recover/?key=" + str(
user_profile.recovery_key)
message_recoveryurl = message_recoveryurl + "&user="******"<$user>",
str(user.username))
message = message.replace("<$recoverylink>",
message_recoveryurl)
message = message.replace(
"<$time>", str(user_profile.recovery_time))
# Send email
email = EmailMessage("Account Recovery", message,
EMAIL_HOST_USER, [user.email])
email.send()
connection.close()
# Tell user to check their email.
error = "Check your email for a recovery link."
response = render_to_response('error.html', locals())
except User.DoesNotExist:
error = "No user with that email exists."
response = render_to_response('error.html', locals())
else:
error = "No user with that email exists."
response = render_to_response('error.html', locals())
else:
# Didn't submit, give recovery form.
response = render_to_response(
'auth/recovery.html',
locals(),
context_instance=RequestContext(request))
# You're signed in, no recovery for you.
else:
return HttpResponseRedirect('/')
return response
