def clean_preview_email(self):
email = normalise_email(self.cleaned_data['preview_email'])
if not self.send_preview:
return email
if not email:
raise forms.ValidationError(_("Please enter an email address"))
return email
def clean_email(self):
email = normalise_email(self.cleaned_data['email'])
users_with_email = User._default_manager.filter(
email__iexact=email).exclude(id=self.instance.user.id)
if users_with_email.exists():
raise ValidationError(
_("A user with this email address already exists"))
return email
def clean_email(self):
"""
Checks for existing users with the supplied email address.
"""
email = normalise_email(self.cleaned_data['email'])
if User._default_manager.filter(email__iexact=email).exists():
raise forms.ValidationError(
_("A user with that email address already exists"))
return email
def clean(self):
if self.is_guest_checkout() or self.is_new_account_checkout():
if 'password' in self.errors:
del self.errors['password']
if 'username' in self.cleaned_data:
email = normalise_email(self.cleaned_data['username'])
if User._default_manager.filter(email__iexact=email).exists():
msg = _("A user with that email address already exists")
self._errors["username"] = self.error_class([msg])
return self.cleaned_data
return super(GatewayForm, self).clean()
def _authenticate(self,
request,
email=None,
password=None,
*args,
**kwargs):
if email is None:
if 'username' not in kwargs or kwargs['username'] is None:
return None
clean_email = normalise_email(kwargs['username'])
else:
clean_email = normalise_email(email)
# Check if we're dealing with an email address
if '@' not in clean_email:
return None
# Since Django doesn't enforce emails to be unique, we look for all
# matching users and try to authenticate them all. Note that we
# intentionally allow multiple users with the same email address
# (has been a requirement in larger system deployments),
# we just enforce that they don't share the same password.
# We make a case-insensitive match when looking for emails.
matching_users = User.objects.filter(email__iexact=clean_email)
authenticated_users = [
user for user in matching_users
if (user.check_password(password)
and self.user_can_authenticate(user))
]
if len(authenticated_users) == 1:
# Happy path
return authenticated_users[0]
elif len(authenticated_users) > 1:
# This is the problem scenario where we have multiple users with
# the same email address AND password. We can't safely authenticate
# either.
raise User.MultipleObjectsReturned(
"There are multiple users with the given email address and "
"password")
return None
def clean_email(self):
"""
Make sure that the email address is aways unique as it is
used instead of the username. This is necessary because the
unique-ness of email addresses is *not* enforced on the model
level in ``django.contrib.auth.models.User``.
"""
email = normalise_email(self.cleaned_data['email'])
if User._default_manager.filter(
email__iexact=email).exclude(id=self.user.id).exists():
raise ValidationError(
_("A user with this email address already exists"))
# Save the email unaltered
return email
def apply_search_filters(self, queryset, data):
"""
Function is split out to allow customisation with little boilerplate.
"""
if data['email']:
email = normalise_email(data['email'])
queryset = queryset.filter(email__istartswith=email)
self.desc_ctx['email_filter'] \
= _(" with email matching '%s'") % email
if data['name']:
# If the value is two words, then assume they are first name and
# last name
parts = data['name'].split()
# always true filter
condition = Q()
for part in parts:
condition &= Q(first_name__icontains=part) \
| Q(last_name__icontains=part)
queryset = queryset.filter(condition).distinct()
self.desc_ctx['name_filter'] \
= _(" with name matching '%s'") % data['name']
return queryset
def clean_email(self):
email = normalise_email(self.cleaned_data['email'])
if User.objects.filter(email__iexact=email).exists():
raise forms.ValidationError("A user already exists with email %s" %
email)
return email
def clean_username(self):
return normalise_email(self.cleaned_data['username'])
