def register(self, request, **kwargs):
'''Given a username, email address and password, register a new
user account, which will initially be inactive.
Along with the new ``User`` object, a new
``registration.models.RegistrationProfile`` will be created,
tied to that ``User``, containing the activation key which
will be used for this account.
An email will be sent to the supplied email address; this
email should contain an activation link. The email will be
rendered using two templates. See the documentation for
``RegistrationProfile.send_activation_email()`` for
information about these templates and the contexts provided to
them.
After the ``User`` and ``RegistrationProfile`` are created and
the activation email is sent, the signal
``registration.signals.user_registered`` will be sent, with
the new ``User`` as the keyword argument ``user`` and the
class of this backend as the sender.
'''
username, email, password = (kwargs['username'], kwargs['email'],
kwargs['password1'])
site = get_current_site(request)
new_user = RegistrationProfile.create_inactive_user(username, email,
password, site)
signals.user_registered.send(sender=self.__class__,
user=new_user,
request=request)
return new_user
def register(self, request, **kwargs):
"""Given a username, email address and password, register a new
user account, which will initially be inactive.
Along with the new ``User`` object, a new
``registration.models.RegistrationProfile`` will be created,
tied to that ``User``, containing the activation key which
will be used for this account.
An email will be sent to the supplied email address; this
email should contain an activation link. The email will be
rendered using two templates. See the documentation for
``RegistrationProfile.send_activation_email()`` for
information about these templates and the contexts provided to
them.
After the ``User`` and ``RegistrationProfile`` are created and
the activation email is sent, the signal
``registration.signals.user_registered`` will be sent, with
the new ``User`` as the keyword argument ``user`` and the
class of this backend as the sender.
"""
username, email, password = (kwargs["username"], kwargs["email"], kwargs["password1"])
site = get_current_site(request)
new_user = RegistrationProfile.create_inactive_user(username, email, password, site)
signals.user_registered.send(sender=self.__class__, user=new_user, request=request)
return new_user
def save(self,
domain_override=None,
email_template_name='registration/password_reset_email.html',
use_https=False,
token_generator=default_token_generator,
request=None):
'''Generates a one-use only link for resetting password and sends to
the user.
'''
from django.core.mail import send_mail
for user in self.users_cache:
if not domain_override:
current_site = get_current_site(request)
site_name = current_site.name
domain = current_site.domain
else:
site_name = domain = domain_override
c = {
'email': user.email,
'domain': domain,
'site_name': site_name,
'uid': int_to_base36(user.id.int),
'user': user,
'token': token_generator.make_token(user),
'protocol': use_https and 'https' or 'http',
}
body = render_to_string(email_template_name, c)
send_mail(
_("Password reset on %s") % site_name, body, None,
[user.email])
def test_get_current_site(self):
'''Test that the correct Site object is returned.'''
request = HttpRequest()
request.META = {
'SERVER_NAME': 'example.com',
'SERVER_PORT': '80',
}
site = get_current_site(request)
self.assertIsInstance(site, Site)
self.assertEqual(site.id, settings.SITE_ID)
# Test that an exception is raised if the sites framework is installed
# but there is no matching Site
site.delete(session=self.session)
self.assertIsNone(get_current_site(request))
# A RequestSite is returned if the sites framework is not installed
Site.__table__.drop()
site = get_current_site(request)
self.assertIsInstance(site, RequestSite)
self.assertEqual(site.name, u'example.com')
def test_get_current_site(self):
'''Test that the correct Site object is returned.'''
request = HttpRequest()
request.META = {
'SERVER_NAME': 'example.com',
'SERVER_PORT': '80',
}
site = get_current_site(request)
self.assertIsInstance(site, Site)
self.assertEqual(site.id, settings.SITE_ID)
# Test that an exception is raised if the sites framework is installed
# but there is no matching Site
site.delete(session=self.session)
self.assertIsNone(get_current_site(request))
# A RequestSite is returned if the sites framework is not installed
Site.__table__.drop()
site = get_current_site(request)
self.assertIsInstance(site, RequestSite)
self.assertEqual(site.name, u'example.com')
def logout(request, next_page=None,
template_name='registration/logged_out.html',
redirect_field_name=REDIRECT_FIELD_NAME):
'''Logs out the user and displays 'You are logged out' message.'''
auth_logout(request)
if next_page is None:
redirect_to = request.REQUEST.get(redirect_field_name, '')
if redirect_to:
return HttpResponseRedirect(redirect_to)
else:
current_site = get_current_site(request)
return render_to_response(template_name, {
'site': current_site,
'site_name': current_site.name,
'title': _('Logged out'),
}, context_instance=RequestContext(request))
else:
# Redirect to this page until the session has been cleared.
return HttpResponseRedirect(next_page or request.path)
def login(request, template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
'''Displays the login form and handles the login action.'''
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
form = authentication_form(data=request.POST)
if form.is_valid():
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or ' ' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Heavier security check -- redirects to http://example.com should
# not be allowed, but things like /view/?param=http://example.com
# should be allowed. This regex checks if there is a '//' *before*
# a question mark.
elif '//' in redirect_to and re.match(r'[^\?]*//', redirect_to):
redirect_to = settings.LOGIN_REDIRECT_URL
# Okay, security checks complete. Log the user in.
auth_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
form = authentication_form(request)
request.session.set_test_cookie()
current_site = get_current_site(request)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
}, context_instance=RequestContext(request))
