def register(request, template_name="account/register.html"): ''' This allows the anonymous user to become a registered user. This is the form used to register a new user and sends email with the action link with a time out. ''' if request.user.is_authenticated(): # They already have an account; don't let them register again return HttpResponseRedirect(reverse('YAAS.views.my_account')) if request.method == 'POST': postdata = request.POST.copy() page_title='Registration form' form = RegistrationForm(postdata) if form.is_valid(): # Build the activation key for their account human = True un = postdata.get('user_name','') pw = postdata.get('pass_word','') em = postdata.get('email','') fn = postdata.get('first_name','') ln = postdata.get('last_name','') pn = postdata.get('phone_number','') sx = postdata.get('sex','') salt = sha_constructor(str(random.random())).hexdigest()[:5] activation_key = sha_constructor(salt+un).hexdigest() key_expires = datetime.datetime.today() + datetime.timedelta(2) # Create and save their profile hashpw = extra.hashPassword(pw) new_profile = CustomUser.objects.create_user(username=un, email=em, password=hashpw) new_profile.is_active = False new_profile.first_name = fn new_profile.last_name = ln new_profile.activation_key = activation_key new_profile.keyexpiry_date = key_expires new_profile.phone_number = pn new_profile.sex = sx new_profile.save() t = loader.get_template('registration/email.txt') c = Context({ 'firstname': new_profile.first_name, 'lastname': new_profile.last_name, 'site_name': 'YAAS Auction Site', 'username': new_profile.username, 'activationkey': new_profile.activation_key, 'admin': 'Kenneth Odoh', }) email_subject = 'Your new YAAS account' send_mail(email_subject, t.render(c), '*****@*****.**', [new_profile.email], fail_silently=False) return HttpResponseRedirect(reverse('my_account')) else: #errors form = RegistrationForm() return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def login(request, template_name="account/login.html"): ''' This is form is used to make a user login. ''' if request.method == 'POST': postdata = request.POST.copy() page_title='Login form' form = LoginForm(request, postdata) if form.is_valid(): un = postdata.get('username','') pw = postdata.get('password','') hashpw = extra.hashPassword(pw) from django.contrib.auth import login, authenticate new_user = authenticate(username=un, password=hashpw) if new_user and new_user.is_active: login(request, new_user) request.session['session_id'] = extra.generate_session_id() return HttpResponseRedirect(reverse('my_account')) else: return render_to_response('errors/login.html', context_instance=RequestContext(request)) else: form = LoginForm(request=request, label_suffix=':') # set the test cookie on our first GET request request.session.set_test_cookie() return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def password_change(request, template_name="account/password_change.html"): ''' This allows the registered user to change their password ''' if request.method == 'POST' and request.user.is_authenticated(): page_title='Password Change form' postdata = request.POST.copy() form = PasswordForm(CustomUser,postdata) if form.is_valid(): human = True pw = postdata.get('new_password','') user_profile = get_object_or_404(CustomUser, pk=request.user.id) hashpw = extra.hashPassword(pw) user_profile.set_password(hashpw) user_profile.save() #force user log out return HttpResponseRedirect(reverse('login')) else: form = PasswordForm(CustomUser) return render_to_response(template_name, locals(), context_instance=RequestContext(request))
def clean_password(self): oldpass = self.cleaned_data['old_password'] hashpw = extra.hashPassword(oldpass) valid = self.user.check_password(hashpw) if not valid: raise forms.ValidationError("Password Incorrect")