def send_activation(request):
"""
POST /auth/send-activation/ with CSRF token and email
will mail account activation link to requester
"""
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account on %(forum_name)s forums") % {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
mail_user(
request,
requesting_user,
mail_subject,
'misago/emails/activation/by_user',
{
'activation_token': make_activation_token(requesting_user),
},
)
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email,
})
else:
return Response(
form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST,
)
def send_password_form(request):
"""
POST /auth/send-password-form/ with CSRF token and email
will mail change password form link to requester
"""
form = ResetPasswordForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Change %(user)s password on %(forum_name)s forums") % {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
confirmation_token = make_password_change_token(requesting_user)
mail_user(
request,
requesting_user,
mail_subject,
'misago/emails/change_password_form_link',
{
'confirmation_token': confirmation_token,
},
)
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email,
})
else:
return Response(
form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST,
)
def send_activation(request):
"""
POST /auth/send-activation/ with CSRF token and email
will mail account activation link to requester
"""
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account on %(forum_name)s forums") % {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
mail_user(
request,
requesting_user,
mail_subject,
'misago/emails/activation/by_user',
{
'activation_token': make_activation_token(requesting_user),
},
)
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email,
})
else:
return Response(
form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST,
)
def change_email_endpoint(request, pk=None):
serializer = ChangeEmailSerializer(
data=request.data,
context={'user': request.user},
)
if serializer.is_valid():
token = store_new_credential(request, 'email',
serializer.validated_data['new_email'])
mail_subject = _("Confirm e-mail change on %(forum_name)s forums")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
# swap address with new one so email is sent to new address
request.user.email = serializer.validated_data['new_email']
mail_user(request.user,
mail_subject,
'misago/emails/change_email',
context={'token': token})
message = _("E-mail change confirmation link was sent to new address.")
return Response({'detail': message})
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def send_password_form(request):
form = ResetPasswordForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Change %(user)s password on %(forum_name)s forums")
subject_formats = {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
mail_subject = mail_subject % subject_formats
confirmation_token = make_password_change_token(requesting_user)
mail_user(request, requesting_user, mail_subject,
'misago/emails/change_password_form_link',
{'confirmation_token': confirmation_token})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def send_password_form(request):
"""
POST /auth/send-password-form/ with CSRF token and email
will mail change password form link to requester
"""
form = ResetPasswordForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Change %(user)s password on %(forum_name)s forums") % {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
confirmation_token = make_password_change_token(requesting_user)
mail_user(
request,
requesting_user,
mail_subject,
'misago/emails/change_password_form_link',
{
'confirmation_token': confirmation_token,
},
)
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email,
})
else:
return Response(
form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST,
)
def handle(self, *args, **options):
working_dir = settings.MISAGO_USER_DATA_DOWNLOADS_WORKING_DIR
if not working_dir:
self.stdout.write(
"MISAGO_USER_DATA_DOWNLOADS_WORKING_DIR has to be set in order for "
"this feature to work.")
return
downloads_prepared = 0
queryset = DataDownload.objects.select_related('user')
queryset = queryset.filter(status=DataDownload.STATUS_PENDING)
for data_download in chunk_queryset(queryset):
if prepare_user_data_download(data_download, logger):
user = data_download.user
subject = gettext("%(user)s, your data download is ready") % {
'user': user
}
mail_user(
user,
subject,
'misago/emails/data_download',
context={
'data_download':
data_download,
'expires_in':
settings.MISAGO_USER_DATA_DOWNLOADS_EXPIRE_IN_HOURS,
})
downloads_prepared += 1
self.stdout.write("Data downloads prepared: %s" % downloads_prepared)
def send_password_form(request):
"""
POST /auth/send-password-form/ with CSRF token and email
will mail change password form link to requester
"""
serializer = SendPasswordFormSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
serializer.raise_if_banned()
user = serializer.validated_data['user']
mail_subject = _("Change %(user)s password on %(forum_name)s forums") % {
'user': user.username,
'forum_name': settings.forum_name,
}
confirmation_token = make_password_change_token(user)
mail_user(
request,
user,
mail_subject,
'misago/emails/change_password_form_link',
{
'confirmation_token': confirmation_token,
},
)
return Response({
'username': user.username,
'email': user.email,
})
def request_activation(request):
form = ResendActivationForm()
if request.method == "POST":
form = ResendActivationForm(request.POST)
if form.is_valid():
requesting_user = form.user_cache
request.session["activation_sent_to"] = requesting_user.pk
mail_subject = _("Account activation on %(forum_title)s forums")
mail_subject = mail_subject % {"forum_title": settings.forum_name}
activation_token = make_activation_token(requesting_user)
mail_user(
request,
requesting_user,
mail_subject,
"misago/emails/activation/by_user",
{"activation_token": activation_token},
)
return redirect("misago:activation_sent")
return render(request, "misago/activation/request.html", {"form": form})
def request_reset(request):
form = ResetPasswordForm()
if request.method == 'POST':
form = ResetPasswordForm(request.POST)
if form.is_valid():
requesting_user = form.user_cache
request.session['reset_password_link_sent_to'] = requesting_user.pk
mail_subject = _("Change %(user)s password "
"on %(forum_title)s forums")
subject_formats = {
'user': requesting_user.username,
'forum_title': settings.forum_name
}
mail_subject = mail_subject % subject_formats
confirmation_token = make_password_reset_token(requesting_user)
mail_user(request, requesting_user, mail_subject,
'misago/emails/change_password_form_link',
{'confirmation_token': confirmation_token})
return redirect('misago:reset_password_link_sent')
return render(request, 'misago/forgottenpassword/request.html',
{'form': form})
def send_activation(request):
"""
POST /auth/send-activation/ with CSRF token and email
will mail account activation link to requester
"""
serializer = ResendActivationSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
serializer.raise_if_banned()
user = serializer.validated_data['user']
mail_subject = _("Activate %(user)s account on %(forum_name)s forums") % {
'user': user.username,
'forum_name': settings.forum_name,
}
mail_user(
request,
user,
mail_subject,
'misago/emails/activation/by_user',
{
'activation_token': make_activation_token(user),
},
)
return Response({
'username': user.username,
'email': user.email,
})
def request_reset(request):
form = ResetPasswordForm()
if request.method == "POST":
form = ResetPasswordForm(request.POST)
if form.is_valid():
requesting_user = form.user_cache
request.session["reset_password_link_sent_to"] = requesting_user.pk
mail_subject = _("Change %(user)s password " "on %(forum_title)s forums")
subject_formats = {"user": requesting_user.username, "forum_title": settings.forum_name}
mail_subject = mail_subject % subject_formats
confirmation_token = make_password_reset_token(requesting_user)
mail_user(
request,
requesting_user,
mail_subject,
"misago/emails/change_password_form_link",
{"confirmation_token": confirmation_token},
)
return redirect("misago:reset_password_link_sent")
return render(request, "misago/forgottenpassword/request.html", {"form": form})
def send_password_form(request):
form = ResetPasswordForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Change %(user)s password on %(forum_name)s forums")
subject_formats = {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
mail_subject = mail_subject % subject_formats
confirmation_token = make_password_change_token(requesting_user)
mail_user(request, requesting_user, mail_subject,
'misago/emails/change_password_form_link',
{'confirmation_token': confirmation_token})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def test_mail_user(request):
User = get_user_model()
test_user = User.objects.all().first()
mail.mail_user(request, test_user, "Misago Test Mail",
"misago/emails/base")
return HttpResponse("Mailed user!")
def test_mail_user(request):
User = get_user_model()
test_user = User.objects.all().first()
mail.mail_user(request,
test_user,
"Misago Test Mail",
"misago/emails/base")
return HttpResponse("Mailed user!")
def add_participant(request, thread, user):
"""
Add participant to thread, set "recound private threads" flag on user,
notify user about being added to thread and mail him about it
"""
ThreadParticipant.objects.add_participant(thread, user)
set_user_unread_private_threads_sync(user)
mail_subject = _("%(thread)s - %(user)s added you to private thread")
subject_formats = {'thread': thread.title, 'user': request.user.username}
mail_user(request, user, mail_subject % subject_formats,
'misago/emails/privatethread/added', {'thread': thread})
def change_email_password(request):
form = ChangeEmailPasswordForm()
if request.method == 'POST':
form = ChangeEmailPasswordForm(request.POST, user=request.user)
if form.is_valid():
new_email = ''
new_password = ''
# Store original data
old_email = request.user.email
old_password = request.user.password
# Assign new creds to user temporarily
if form.cleaned_data['new_email']:
request.user.set_email(form.cleaned_data['new_email'])
new_email = request.user.email
if form.cleaned_data['new_password']:
request.user.set_password(form.cleaned_data['new_password'])
new_password = request.user.password
request.user.email = old_email
request.user.password = old_password
credentials_token = cache_new_credentials(request.user, new_email,
new_password)
mail_subject = _("Confirm changes to %(user)s account "
"on %(forum_title)s forums")
subject_formats = {
'user': request.user.username,
'forum_title': settings.forum_name
}
mail_subject = mail_subject % subject_formats
if new_email:
# finally override email before sending message
request.user.email = new_email
mail_user(request, request.user, mail_subject,
'misago/emails/change_email_password',
{'credentials_token': credentials_token})
message = _("E-mail was sent to %(email)s with a link that "
"you have to click to confirm changes.")
messages.info(request, message % {'email': request.user.email})
return redirect('misago:usercp_change_email_password')
return render(request, 'misago/usercp/change_email_password.html',
{'form': form})
def add_participant(request, thread, user):
"""
Add participant to thread, set "recound private threads" flag on user,
notify user about being added to thread and mail him about it
"""
ThreadParticipant.objects.add_participant(thread, user)
set_user_unread_private_threads_sync(user)
mail_subject = _("%(thread)s - %(user)s added you to private thread")
subject_formats = {'thread': thread.title, 'user': request.user.username}
mail_user(request, user, mail_subject % subject_formats,
'misago/emails/privatethread/added',
{'thread': thread})
def change_email_password(request):
form = ChangeEmailPasswordForm()
if request.method == 'POST':
form = ChangeEmailPasswordForm(request.POST, user=request.user)
if form.is_valid():
new_email = ''
new_password = ''
# Store original data
old_email = request.user.email
old_password = request.user.password
# Assign new creds to user temporarily
if form.cleaned_data['new_email']:
request.user.set_email(form.cleaned_data['new_email'])
new_email = request.user.email
if form.cleaned_data['new_password']:
request.user.set_password(form.cleaned_data['new_password'])
new_password = request.user.password
request.user.email = old_email
request.user.password = old_password
credentials_token = cache_new_credentials(
request.user, new_email, new_password)
mail_subject = _("Confirm changes to %(user)s account "
"on %(forum_title)s forums")
subject_formats = {'user': request.user.username,
'forum_title': settings.forum_name}
mail_subject = mail_subject % subject_formats
if new_email:
# finally override email before sending message
request.user.email = new_email
mail_user(request, request.user, mail_subject,
'misago/emails/change_email_password',
{'credentials_token': credentials_token})
message = _("E-mail was sent to %(email)s with a link that "
"you have to click to confirm changes.")
messages.info(request, message % {'email': request.user.email})
return redirect('misago:usercp_change_email_password')
return render(request, 'misago/usercp/change_email_password.html',
{'form': form})
def test_mail_user(self):
"""mail_user sets message in backend"""
user = UserModel.objects.create_user('Bob', '*****@*****.**', 'pass123')
mail_user(user, "Misago Test Mail", "misago/emails/base")
self.assertEqual(mail.outbox[0].subject, "Misago Test Mail")
# assert that url to user's avatar is valid
html_body = mail.outbox[0].alternatives[0][0]
user_avatar_url = reverse('misago:user-avatar',
kwargs={
'pk': user.pk,
'size': 32
})
self.assertIn(user_avatar_url, html_body)
def change_password_endpoint(request, pk=None):
form = ChangePasswordForm(request.data, user=request.user)
if form.is_valid():
token = store_new_credential(
request, 'password', form.cleaned_data['new_password'])
mail_subject = _("Confirm password change on %(forum_name)s forums")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
mail_user(request, request.user, mail_subject,
'misago/emails/change_password',
{'token': token})
return Response({'detail': _("Password change confirmation link "
"was sent to your address.")})
else:
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
def change_password_endpoint(request, pk=None):
form = ChangePasswordForm(request.data, user=request.user)
if form.is_valid():
token = store_new_credential(
request, 'password', form.cleaned_data['new_password'])
mail_subject = _("Confirm password change on %(forum_title)s forums")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
mail_user(request, request.user, mail_subject,
'misago/emails/change_password',
{'token': token})
return Response({'detail': _("Password change confirmation link "
"was sent to your address.")})
else:
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
def change_password_endpoint(request, pk=None):
serializer = ChangePasswordSerializer(
data=request.data,
context={'user': request.user},
)
serializer.is_valid(raise_exception=True)
token = store_new_credential(request, 'password',
serializer.validated_data['new_password'])
mail_subject = _("Confirm password change on %(forum_name)s forums")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
mail_user(request, request.user, mail_subject,
'misago/emails/change_password', {'token': token})
return Response(status=204)
def handle_form_submission(request):
form = ChangeEmailForm(request.data, user=request.user)
if form.is_valid():
token = store_new_credential(request, 'email',
form.cleaned_data['new_email'])
mail_subject = _("Confirm e-mail change on %(forum_title)s forums")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
# swap address with new one so email is sent to new address
request.user.email = form.cleaned_data['new_email']
mail_user(request, request.user, mail_subject,
'misago/emails/change_email', {'token': token})
message = _("E-mail change confirmation link was sent to new address.")
return Response({'detail': message})
else:
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
def send_welcome_email(request, user):
mail_subject = _("Welcome on %(forum_name)s forums!")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
if user.requires_activation:
activation_token = make_activation_token(user)
activation_by_admin = user.requires_activation_by_admin
activation_by_user = user.requires_activation_by_user
mail_user(
request, user, mail_subject, 'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
else:
mail_user(request, user, mail_subject,
'misago/emails/register/complete')
def change_email_endpoint(request, pk=None):
form = ChangeEmailForm(request.data, user=request.user)
if form.is_valid():
token = store_new_credential(
request, 'email', form.cleaned_data['new_email'])
mail_subject = _("Confirm e-mail change on %(forum_title)s forums")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
# swap address with new one so email is sent to new address
request.user.email = form.cleaned_data['new_email']
mail_user(request, request.user, mail_subject,
'misago/emails/change_email',
{'token': token})
message = _("E-mail change confirmation link was sent to new address.")
return Response({'detail': message})
else:
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
def change_password_endpoint(request, pk=None):
serializer = ChangePasswordSerializer(data=request.data,
context={'user': request.user})
if serializer.is_valid():
token = store_new_credential(request, 'password',
serializer.validated_data['new_password'])
mail_subject = _("Confirm password change on %(forum_name)s forums")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
mail_user(request, request.user, mail_subject,
'misago/emails/change_password', {'token': token})
return Response({
'detail':
_("Password change confirmation link was sent to your address.")
})
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def change_email_endpoint(request, pk=None):
serializer = ChangeEmailSerializer(
data=request.data,
context={'user': request.user},
)
serializer.is_valid(raise_exception=True)
token = store_new_credential(request, 'email',
serializer.validated_data['new_email'])
mail_subject = _("Confirm e-mail change on %(forum_name)s forums")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
# swap address with new one so email is sent to new address
request.user.email = serializer.validated_data['new_email']
mail_user(request, request.user, mail_subject,
'misago/emails/change_email', {'token': token})
return Response(status=204)
def send_activation(request):
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account "
"on %(forum_title)s forums")
subject_formats = {'user': requesting_user.username,
'forum_title': settings.forum_name}
mail_subject = mail_subject % subject_formats
mail_user(request, requesting_user, mail_subject,
'misago/emails/activation/by_user',
{'activation_token': make_activation_token(requesting_user)})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def send_activation(request):
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account "
"on %(forum_title)s forums")
subject_formats = {'user': requesting_user.username,
'forum_title': settings.forum_name}
mail_subject = mail_subject % subject_formats
mail_user(request, requesting_user, mail_subject,
'misago/emails/activation/by_user',
{'activation_token': make_activation_token(requesting_user)})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def request_activation(request):
form = ResendActivationForm()
if request.method == 'POST':
form = ResendActivationForm(request.POST)
if form.is_valid():
requesting_user = form.user_cache
request.session['activation_sent_to'] = requesting_user.pk
mail_subject = _("Account activation on %(forum_title)s forums")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
activation_token = make_activation_token(requesting_user)
mail_user(
request, requesting_user, mail_subject,
'misago/emails/activation/by_user',
{'activation_token': activation_token})
return redirect('misago:activation_sent')
return render(request, 'misago/activation/request.html',
{'form': form})
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
try:
validate_new_registration(
request.user.ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied as e:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user.ip, staff_message=staff_message, length=1)
raise e
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(_("New users registrations are currently closed."))
form = RegisterForm(request.data, request=request)
try:
if form.is_valid():
captcha.test_request(request)
except ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_USER}
elif settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_ADMIN}
try:
new_user = UserModel.objects.create_user(
form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs
)
except IntegrityError:
return Response(
{
'__all__': _("Please try resubmitting the form.")
},
status=status.HTTP_400_BAD_REQUEST,
)
mail_subject = _("Welcome on %(forum_name)s forums!")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email, password=form.cleaned_data['password']
)
login(request, authenticated_user)
mail_user(request, new_user, mail_subject, 'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject, 'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
}
)
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
try:
validate_new_registration(request.user.ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied as e:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user.ip,
staff_message=staff_message,
length={'days': 1})
raise e
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(_("New users registrations are currently closed."))
ban = get_ip_ban(request.user_ip, registration_only=True)
if ban:
raise Banned(ban)
serializer = RegisterUserSerializer(
data=request.data,
context={'request': request},
)
serializer.is_valid(raise_exception=True)
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_USER}
elif settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_ADMIN}
try:
new_user = UserModel.objects.create_user(
serializer.validated_data['username'],
serializer.validated_data['email'],
serializer.validated_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs
)
except IntegrityError:
return Response(
{
'detail': _("Please try resubmitting the form."),
},
status=400,
)
mail_subject = _("Welcome on %(forum_name)s forums!")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=serializer.validated_data['password'],
)
login(request, authenticated_user)
mail_user(request, new_user, mail_subject, 'misago/emails/register/complete')
return Response({
'activation': None,
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject, 'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
}
)
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(
_("New users registrations are currently closed."))
form = RegisterForm(request.data)
try:
captcha.test_request(request)
except forms.ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
try:
validate_new_registration(request.user_ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied registration attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user_ip,
staff_message=staff_message,
length={'days': 14})
raise PermissionDenied(
_("Your IP address is banned from registering on this site."))
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {'requires_activation': ACTIVATION_REQUIRED_USER}
elif settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': ACTIVATION_REQUIRED_ADMIN}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email, password=form.cleaned_data['password'])
login(request, authenticated_user)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject, 'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(
_("New users registrations are currently closed."))
form = RegisterForm(request.data)
try:
captcha.test_request(request)
except forms.ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
try:
validate_new_registration(
request.user_ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied registration attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(
request.user_ip,
staff_message=staff_message,
length={'days': 14}
)
raise PermissionDenied(
_("Your IP address is banned from registering on this site."))
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_name)s forums!")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
