def reset(request, key, next_page,
form_template_name='accounts/reset_password.html',
error_template_name='accounts/recovery_key_error.html'):
session = get_recovery_session(key)
if not session:
return render_to_response(error_template_name, RequestContext(request))
user = get_user(session.get('username'))
if request.POST:
form = ResetPasswordForm(request.POST)
form.full_clean()
validate_test_cookie(form, request)
if not form.errors:
# XXX Compatibility with Django 0.96 and 1.0
formdata = getattr(form, "cleaned_data",
getattr(form, "clean_data", None))
user.set_password(formdata['password1'])
user.save()
# Try to log in using the new password
loginError = internal_login(request, user.username,
formdata['password1'])
if loginError:
# This might happen if the account is deactivated.
form.errors['submit'] = forms.util.ErrorList([loginError])
else:
# We're in successfully. Expire the recovery session.
Session.objects.save(key, None, datetime.datetime.now())
return HttpResponseRedirect(next_page)
else:
form = None
request.session.set_test_cookie()
return render_to_response(form_template_name, RequestContext(request, {
'form_path': request.path,
'username': user.username,
'form': form,
}))
def login(request, next_page, next_query=None, template_name="accounts/login.html"):
"""Simple login form view which doesn't rely on Django's current
inflexible oldforms-based auth view.
"""
error = None
if request.POST:
request.session.set_test_cookie()
loginbox = request.POST.get('loginbox')
error = internal_login(request,
request.POST.get('username'),
request.POST.get('password'))
urlnext = request.REQUEST.get("next_page", next_page)
query = request.REQUEST.get("next_query", next_query)
if query and not query == "None":
try:
urlnext += "?%s" % urllib.unquote_plus(query)
except:
pass
if not error or loginbox:
response = HttpResponseRedirect(urlnext)
if error:
response.set_cookie('loginerror',
value=error,
max_age='%s' % (5), # in seconds
path=settings.SITE_ROOT,
)
else:
response.delete_cookie('loginerror', path=settings.SITE_ROOT)
return response
request.session.set_test_cookie()
context = RequestContext(request, {
'error' : error,
'login_url' : settings.LOGIN_URL,
'full': True,
'next_page' : request.REQUEST.get("next_page", next_page),
'next_query' : request.REQUEST.get("next_query", next_query),
})
return render_to_response(template_name, context)
def login(request,
next_page,
template_name="accounts/login.html",
extra_context={}):
"""Simple login form view which doesn't rely on Django's current
inflexible oldforms-based auth view.
"""
if request.POST:
error = internal_login(request, request.POST.get('username'),
request.POST.get('password'))
if not error:
return HttpResponseRedirect(
request.REQUEST.get("next_page", next_page))
else:
error = None
request.session.set_test_cookie()
context = RequestContext(
request, {
'error': error,
'login_url': settings.LOGIN_URL,
'next_page': request.REQUEST.get("next_page", next_page)
})
if extra_context is not None:
# Copied from Django's generic views.
# The reason we don't simply call context.update(extra_context) is
# that there are times when you may want to pass a function in the
# URL handler that you want called at the time of render, rather than
# being forced to expose it as a template tag or calling it upon
# URL handler creation (which may be too early and only happens once).
for key, value in extra_context.items():
if callable(value):
context[key] = value()
else:
context[key] = value
return render_to_response(template_name, context)
def login(request, next_page, template_name="accounts/login.html",
extra_context={}):
"""Simple login form view which doesn't rely on Django's current
inflexible oldforms-based auth view.
"""
if request.POST:
error = internal_login(request,
request.POST.get('username'),
request.POST.get('password'))
if not error:
return HttpResponseRedirect(request.REQUEST.get("next_page",
next_page))
else:
error = None
request.session.set_test_cookie()
context = RequestContext(request, {
'error' : error,
'login_url' : settings.LOGIN_URL,
'next_page' : request.REQUEST.get("next_page", next_page)
})
if extra_context is not None:
# Copied from Django's generic views.
# The reason we don't simply call context.update(extra_context) is
# that there are times when you may want to pass a function in the
# URL handler that you want called at the time of render, rather than
# being forced to expose it as a template tag or calling it upon
# URL handler creation (which may be too early and only happens once).
for key, value in extra_context.items():
if callable(value):
context[key] = value()
else:
context[key] = value
return render_to_response(template_name, context)
