def confirm_login_allowed(self, user):
"""
Controls whether the given User may log in. This is a policy setting,
independent of end-user authentication. This default behavior is to
allow login by active users, and reject login by inactive users.
If the given user cannot log in, this method should raise a
``forms.ValidationError``.
If the given user may log in, this method should return None.
"""
if not user.is_active:
UserCreationForm.create_activation_key(user)
UserCreationForm.send_activation_email(user)
raise forms.ValidationError(
self.error_messages['inactive'],
code='inactive',
)
def clean(self):
email = self.cleaned_data.get('email')
activation_key = self.cleaned_data.get('activation_key')
try:
valid_user = User.objects.get(email=email)
except User.DoesNotExist:
raise forms.ValidationError(
self.error_messages['invalid_key'],
code='invalid_key',
)
try:
valid_key = valid_user.activationkey
except ActivationKey.DoesNotExist:
raise forms.ValidationError(
self.error_messages['invalid_key'],
code='invalid_key',
)
if not valid_key.value == activation_key:
raise forms.ValidationError(
self.error_messages['invalid_key'],
code='invalid_key',
)
self.user = valid_user
if valid_key.expiration < timezone.now():
UserCreationForm.create_activation_key(self.user)
UserCreationForm.send_activation_email(self.user)
raise forms.ValidationError(
self.error_messages['expired_key'],
code='expired_key',
)
return activation_key
