def reset_password(request): """ Generate new password and send it to user by sms """ ensure_session(request) phone = request.GET.get('phone', None) if phone: phone = ShopUserManager.normalize_phone(phone) else: basket = get_object_or_404(Basket, session_id=request.session.session_key) if basket.phone: phone = basket.phone if phone: password = str(randint(1000, 9999)) try: user = ShopUser.objects.get(phone=phone) except ShopUser.DoesNotExist: return HttpResponseNotFound() user.set_password(password) user.permanent_password = False user.save() try: send_password.delay(phone, password) except Exception as e: mail_admins('Task error', 'Failed to send password: %s' % e, fail_silently=True) else: """ we can not reset password if phone is not known yet """ return HttpResponseForbidden() if request.GET.get('ajax'): return JsonResponse(None, safe=False) else: return HttpResponseRedirect(reverse('shop:basket'))
def reset_password(request): """ Generate new password and send it to user by sms """ ensure_session(request) phone = request.GET.get('phone', None) if phone: phone = ShopUserManager.normalize_phone(phone) else: basket = get_object_or_404(Basket, session_id=request.session.session_key) if basket.phone: phone = basket.phone if phone: password = randint(1000, 9999) try: user = ShopUser.objects.get(phone=phone) except ShopUser.DoesNotExist: return HttpResponseNotFound() user.set_password(password) user.save() send_password.delay(phone, password) else: """ we can not reset password if phone is not known yet """ return HttpResponseForbidden() if request.GET.get('ajax'): return JsonResponse(None, safe=False) else: return HttpResponseRedirect(reverse('shop:basket'))
def authorize(request): ensure_session(request) basket = get_object_or_404(Basket, session_id=request.session.session_key) phone = request.POST.get('phone') password = request.POST.get('password') data = None if password: norm_phone = ShopUserManager.normalize_phone(basket.phone) user = authenticate(username=norm_phone, password=password) if user and user.is_active: login(request, user) basket.update_session(request.session.session_key) data = { 'user': user, } else: """ Bad password """ data = { 'shop_user': ShopUser.objects.get(phone=norm_phone), 'wrong_password': True } if phone: norm_phone = ShopUserManager.normalize_phone(phone) basket.phone = norm_phone basket.save() user, created = ShopUser.objects.get_or_create(phone=norm_phone) if not created: """ Such user exists, request password """ data = { 'shop_user': user, } else: """ Generate simple password for new user """ password = randint(1000, 9999) request.session['password'] = password user.set_password(password) user.save() send_password.delay(norm_phone, password) """ Login new user """ user = authenticate(username=norm_phone, password=password) login(request, user) basket.update_session(request.session.session_key) if request.user.is_authenticated and not data: if request.POST.get('ajax'): return JsonResponse({'location': reverse('shop:confirm')}) else: return HttpResponseRedirect(reverse('shop:confirm')) else: if request.POST.get('ajax'): data = { 'html': render_to_string('shop/_send_order.html', RequestContext(request, data)), } return JsonResponse(data) elif data and 'wrong_password' in data: return HttpResponseRedirect(reverse('shop:basket') + '?wrong_password=1') else: return HttpResponseRedirect(reverse('shop:basket'))
def login_user(request): """ Login user preserving his basket """ norm_phone = None password = None reg = None if request.method == 'POST': phone = request.POST.get('phone') password = request.POST.get('password') next_url = request.POST.get('next') reg = request.POST.get('reg') else: phone = request.GET.get('phone') next_url = request.GET.get('next') reg = request.GET.get('reg') if phone: norm_phone = ShopUserManager.normalize_phone(phone) if norm_phone and password: try: basket = Basket.objects.get(session_id=request.session.session_key) except MultipleObjectsReturned: basket = None except Basket.DoesNotExist: basket = None user = authenticate(username=norm_phone, password=password) if user and user.is_active: permanent_password = request.POST.get('permanent_password') if permanent_password: user.set_password(permanent_password) user.permanent_password = True user.save() login(request, user) if basket: basket.update_session(request.session.session_key) basket.phone = user.phone basket.save() if next_url: return HttpResponseRedirect(next_url) else: return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) try: user = ShopUser.objects.get(phone=norm_phone) except ShopUser.DoesNotExist: user = None context = { 'phone': phone, 'shop_user': user, 'next': next_url, 'reg': reg, 'wrong_password': True } elif norm_phone: try: user = ShopUser.objects.get(phone=norm_phone) if not user.permanent_password: """ Generate new password for user """ password = str(randint(1000, 9999)) user.set_password(password) user.save() try: if reg != '1': send_password.delay(norm_phone, password) except Exception as e: mail_admins('Task error', 'Failed to send password: %s' % e, fail_silently=True) context = { 'phone': phone, 'shop_user': user, 'reg': reg, 'next': next_url } except ShopUser.DoesNotExist: context = { 'phone': phone, 'next': next_url, 'reg': reg, 'error': 'Пользователь с таким телефоном не зарегистрирован' } else: context = {'reg': reg, 'next': request.GET.get('next')} return render(request, 'shop/login.html', context)
def authorize(request): ensure_session(request) basket = get_object_or_404(Basket, session_id=request.session.session_key) phone = request.POST.get('phone') password = request.POST.get('password') data = None if password: norm_phone = ShopUserManager.normalize_phone(basket.phone) user = authenticate(username=norm_phone, password=password) if user and user.is_active: login(request, user) basket.update_session(request.session.session_key) """ We disabled this because Nikolay wants order to be registered as soon as user authenticates data = { 'user': user, } """ else: """ Bad password """ data = { 'shop_user': ShopUser.objects.get(phone=norm_phone), 'wrong_password': True } if phone: norm_phone = ShopUserManager.normalize_phone(phone) basket.phone = norm_phone basket.save() user, created = ShopUser.objects.get_or_create(phone=norm_phone) if not user.permanent_password: """ Generate new password for user """ password = str(randint(1000, 9999)) user.set_password(password) user.save() if created: """ Login new user """ user = authenticate(username=norm_phone, password=password) login(request, user) basket.update_session(request.session.session_key) request.session['password'] = password else: """ User exists, request password """ if not user.permanent_password: try: send_password.delay(norm_phone, password) except Exception as e: mail_admins('Task error', 'Failed to send password: %s' % e, fail_silently=True) data = { 'shop_user': user, } if request.user.is_authenticated and not data: if request.POST.get('ajax'): return JsonResponse({'location': reverse('shop:confirm')}) else: return HttpResponseRedirect(reverse('shop:confirm')) else: if request.POST.get('ajax'): data = { 'html': render_to_string('shop/_send_order.html', data, request), } return JsonResponse(data) elif data and 'wrong_password' in data: return HttpResponseRedirect( reverse('shop:basket') + '?wrong_password=1') else: return HttpResponseRedirect(reverse('shop:basket'))