Exemplo n.º 1
0
    def testValidPassword(self):
        """ Test valid_password(). """

        # everything is okay
        self.assert_(valid_password('@#$!@#$%^'))
        self.assert_(valid_password('....'))
        self.assert_(valid_password('a;3irjq;3 jra;ijaij a;a'))
        self.assert_(valid_password('thisis a pass'))
        self.assert_(valid_password('a' * NEWS_MAX_PASSWORD_LENGTH))

        # unless it is too long or blank
        self.assertFalse(valid_password('a' * (NEWS_MAX_PASSWORD_LENGTH + 1)))
        self.assertFalse(valid_password(''))
Exemplo n.º 2
0
def create_account(request):
    """
    Respond to posts for creating an account.

    Only takes POSTs.
    """
    # if next is passed, get it
    next = request.GET.get('next', reverse('news.views.news_items.index'))
    next = request.POST.get('next', next)
    assert_or_404(valid_next_redirect(next))

    assert_or_404(request.method == 'POST')

    username = get_from_POST_or_404(request, 'username')
    password = get_from_POST_or_404(request, 'password')

    # make sure it's a valid username
    if not valid_username(username):
        request.session['create_account_error'] = 'Username can only ' + \
            'consist of letters, numbers, and underscores, and must be ' + \
            'less than 30 characters'
        request.session['create_account_username'] = username
        return HttpResponseRedirect(reverse('news.views.login.login_view') +
                "?next=" + next)

    # make sure no other users have this username
    if User.objects.filter(username=username):
        request.session['create_account_error'] = \
                'Username ' + username + ' taken'
        request.session['create_account_username'] = username
        return HttpResponseRedirect(reverse('news.views.login.login_view') +
                "?next=" + next)

    # make sure it's a valid password
    if not valid_password(password):
        request.session['create_account_error'] = \
                 'Password cannot be blank and must be less than 30 characters'
        request.session['create_account_username'] = username
        return HttpResponseRedirect(reverse('news.views.login.login_view') +
                "?next=" + next)

    # create the user and userprofile
    user = User.objects.create_user(username, '', password)
    UserProfile.objects.create(user=user)

    return login_view(request)
Exemplo n.º 3
0
def change_password(request):
    """
    Change password.

    On GETs it shows the change password page.
    On POSTs it tries to change the user's password.
    """
    next = reverse('news.views.login.change_password')

    if not request.user.is_authenticated():
        return HttpResponseRedirect(
                reverse('news.views.login.login_view') +
                '?next=' + next)

    if request.method != 'POST':
        change_password_error = get_from_session(request, 
                'change_password_error')
        return render_to_response('news/change_password.html',
                {'change_password_error': change_password_error,
                 'next': next},
                context_instance=RequestContext(request))

    password1 = get_from_POST_or_404(request, 'password1')
    password2 = get_from_POST_or_404(request, 'password2')

    if password1 != password2:
        request.session['change_password_error'] = "Passwords do not match"
        return HttpResponseRedirect(reverse('news.views.login.change_password'))

    if not valid_password(password1):
        request.session['change_password_error'] = "Password too long or blank"
        return HttpResponseRedirect(reverse('news.views.login.change_password'))
    

    request.user.set_password(password1)
    request.user.save()

    username = request.user.username

    return HttpResponseRedirect(reverse('news.views.users.user', args=(username,)))