def password_reset(request, template): """Password reset form. Based on django.contrib.auth.views. This view sends the email. """ if request.method == "POST": form = PasswordResetForm(request.POST) was_valid = form.is_valid() if was_valid: # TODO: Since we're using Jingo in a way that doesn't # override the Django template loader, the pw_reset.ltxt # email template must be a Django template and not a Jinja # template. # # After we switch all the rendering everywhere, we can # probably change this back. Until then, I'm pretty sure # this won't get translated. try_send_email_with_form( form.save, form, 'email', use_https=request.is_secure(), token_generator=default_token_generator, email_template_name='users/email/pw_reset.ltxt') # Form may now be invalid if email failed to send. # PasswordResetForm is invalid iff there is no user with the entered # email address. # The condition below ensures we don't leak existence of email address # _unless_ sending an email fails. if form.is_valid() or not was_valid: # Don't leak existence of email addresses. return HttpResponseRedirect(reverse('users.pw_reset_sent')) else: form = PasswordResetForm() return jingo.render(request, template, {'form': form})
def password_reset(request): """Password reset form. Based on django.contrib.auth.views. This view sends the email. """ if request.method == "POST": form = PasswordResetForm(request.POST) was_valid = form.is_valid() if was_valid: try_send_email_with_form( form.save, form, 'email', use_https=request.is_secure(), token_generator=default_token_generator, email_template_name='users/email/pw_reset.ltxt') # Form may now be invalid if email failed to send. # PasswordResetForm is invalid iff there is no user with the entered # email address. # The condition below ensures we don't leak existence of email address # _unless_ sending an email fails. if form.is_valid() or not was_valid: # Don't leak existence of email addresses. return HttpResponseRedirect(reverse('users.pw_reset_sent')) else: form = PasswordResetForm() return jingo.render(request, 'users/pw_reset_form.html', {'form': form})
def form_valid(self, form): self.object, new_position = form.save(commit=False) username = form.cleaned_data['username'] password = form.cleaned_data['password'] self.object.set_password(password) url = form.cleaned_data['picture'] if url and not str(url).find('Default'): domain, path = utils.split_url(str(url)) try: extension = utils.valid_url_extension(str.lower(path)) except not extension: error = 'File was not a valid image (jpg, jpeg, png, gif)' form.non_field_errors(error) try: pil_image = Image.open(url) except utils.valid_image_size(pil_image): form.non_field_errors('Image is too large (> 4mb)') # saving this for later # try: # passed = False # passed = utils.make_thumbnail(pil_image, domain, path) # except not passed: # form.non_field_errors("Couldn't make thumbnail image") form.save(commit=True) # automatically login after registering msg = "Thanks for registering. You are now logged in." messages.info(self.request, msg) new_user = authenticate(username=username, password=password) if new_user is not None and new_user.is_active: login(self.request, new_user) reset_form = PasswordResetForm(self.request.POST) reset_form.is_valid() # Must trigger validation # Copied from django/contrib/auth/views.py : password_reset opts = { 'use_https': self.request.is_secure(), 'email_template_name': 'registration/activate.html', 'subject_template_name': 'registration/activation_email_subject.txt', 'request': self.request, # 'html_email_template_name': # provide an HTML content template if you desire. } # This form sends the email on save() reset_form.save(**opts) return redirect(self.success_url)
def form_valid(self, form): # Save form response = super(UserAdd, self).form_valid(form) # Send a password recover email email_form = PasswordResetForm({'email': form.cleaned_data['email']}) email_form.is_valid() email_form.save(email_template_name='accounts/welcome_email.html') # send response return response
def test_unusable_password(self): user = User.objects.create_user('testuser', '*****@*****.**', 'test') data = {"email": "*****@*****.**"} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) user.set_unusable_password() user.save() form = PasswordResetForm(data) self.assertFalse(form.is_valid()) self.assertEqual(form["email"].errors, [_("The user account associated with this e-mail address cannot reset the password.")])
def test_unusable_password(self): user = User.objects.create_user('testuser', '*****@*****.**', 'test') data = {"email": "*****@*****.**"} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) user.set_unusable_password() user.save() form = PasswordResetForm(data) # The form itself is valid, but no email is sent self.assertTrue(form.is_valid()) form.save() self.assertEqual(len(mail.outbox), 0)
def save(self, commit=True): """ Save the model instance with the correct Auth Group based on the user_level question """ instance = super(UserCreationForm, self).save(commit=commit) random_password = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(32)) instance.set_password(random_password) instance.save() email_form = PasswordResetForm({'email': self.cleaned_data['email']}) email_form.is_valid() email_form.save(email_template_name='accounts/welcome_email.html') return instance
def post(self, request, format=None): serializer = self.serializer_class(data=request.DATA) if serializer.is_valid(): # Create PasswordResetForm with the serializer password_reset_form = PasswordResetForm(data=serializer.data) if password_reset_form.is_valid(): # Set some values to be used for the send_email method. opts = { 'use_https': request.is_secure(), 'request': request, 'subject_template_name': self.subject_template_name, 'email_template_name': self.email_template_name, } password_reset_form.save(**opts) # Return the success message with OK HTTP status return Response(serializer.data) else: return Response(password_reset_form.errors, status=status.HTTP_400_BAD_REQUEST) # coming this far means there likely was a problem return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def handle(self, *args, **options): # We first retrieve all users accounts = Account.objects.all().filter(is_active=True) for account in accounts: password = Account.objects.make_random_password() account.set_password(password) account.save() opts = { 'use_https': True, 'from_email': getattr(settings, 'DEFAULT_FROM_EMAIL'), 'request': None, 'subject_template_name': 'email/authentication/welcome_subject.txt', 'html_email_template_name': 'email/authentication/html_welcome.html', 'email_template_name': 'email/authentication/welcome.html', 'domain_override': getattr(settings, 'SITE_URL'), 'extra_email_context': { 'site_url': getattr(settings, 'SITE_URL'), 'email': account.email, 'password': password } } reset_form = PasswordResetForm(dict(email=account.email)) if not reset_form.is_valid(): print reset_form.errors raise CommandError("Email not valid: " + account.email) reset_form.save(**opts)
def post(self, request): # Create a serializer with request.DATA serializer = self.serializer_class(data=request.DATA) result = {'errCode':10000,'errDesc':errMsg[10000]} if serializer.is_valid(): # Create PasswordResetForm with the serializer reset_form = PasswordResetForm(data=serializer.data) if reset_form.is_valid(): # Sett some values to trigger the send_email method. opts = { 'use_https': request.is_secure(), 'from_email': getattr(settings, 'DEFAULT_FROM_EMAIL'), 'request': request, } reset_form.save(**opts) # Return the success message with OK HTTP status return Response(result, status=status.HTTP_200_OK) else: logger.debug(reset_form._errors) logger.debug(serializer.errors) result['errCode']=10009 result['errDesc']=errMsg[10009] return Response(result, status=status.HTTP_200_OK)
def send_user_password_reset_email(user, request, new_user): """ Send a password reset email to the user. The http request object is also required in order to figure out the URL to include in the email. :param user: CtsUser :param request: HttpRequest :param new_user: Whether user is new """ # Code copied and adapted from django.contrib.auth.views.password_reset(). form_data = { 'email': user.email, } reset_form = PasswordResetForm(form_data) if reset_form.is_valid(): opts = { 'use_https': request.is_secure(), 'token_generator': PasswordResetTokenGenerator(), 'from_email': None, 'request': request, } if new_user: opts['email_template_name'] = 'accounts/new_account_email.html' opts['subject_template_name'] = 'accounts/new_account_subject.txt' else: opts['email_template_name'] = 'accounts/password_reset_email.html' opts['subject_template_name'] = 'accounts/password_reset_subject.txt' reset_form.save(**opts)
def user_password_reset(self, request, id, form_url=''): from django.contrib.auth.tokens import default_token_generator from django.contrib.auth.forms import PasswordResetForm if not self.has_change_permission(request): raise PermissionDenied user = get_object_or_404(self.get_queryset(request), pk=id) post_reset_redirect = urlresolvers.reverse('admin:%s_%s_change' % (self.model._meta.app_label, self.model._meta.model_name), args=(id,)) form = PasswordResetForm({'email': user.email}) if form.is_valid(): opts = { 'use_https': request.is_secure(), 'token_generator': default_token_generator, 'from_email': None, 'email_template_name': 'registration/password_reset_email.html', 'subject_template_name': 'registration/password_reset_subject.txt', 'request': request, } opts = dict(opts, domain_override=request.get_host()) form.save(**opts) msg = ugettext('Password reset link sent.') messages.success(request, msg) else: msg = ugettext('Error ocurred while sending password reset link.') messages.error(request, msg) return HttpResponseRedirect(post_reset_redirect)
def send_email(self, request): try: reset_form = PasswordResetForm({"email": self.cleaned_data["email"]}) assert reset_form.is_valid() reset_form.save( request=request, from_email="*****@*****.**", use_https=request.is_secure(), subject_template_name="bdiadmin/account_creation_subject.txt", email_template_name="bdiadmin/account_creation_email.html", ) messages.success( request, _("Profile created and mail sent to {0}.").format( self.cleaned_data["email"] ), ) except: messages.warning( request, _("Profil created, but unable to send mail to {0}.").format( self.cleaned_data["email"] ), ) pass
def password_reset(self, request, queryset): count = 0 for user in queryset: # Do the password reset stuff. form = PasswordResetForm({'email': user.email}) if form.is_valid(): opts = { 'use_https': request.is_secure(), 'token_generator': default_token_generator, 'from_email': 'OpenData Cincy<*****@*****.**>', 'email_template_name': 'registration/password_reset_email.html', 'subject_template_name': 'registration/password_reset_subject.txt', 'request': request, } opts = dict(opts, domain_override=request.get_host()) form.save(**opts) count += 1 if count == 1: message_bit = '1 user was' else: message_bit = '%s users were' % count self.message_user(request, '%s emailed password reset instructions' % message_bit)
def test_cleaned_data(self): # Regression test (user, username, email) = self.create_dummy_user() data = {"email": email} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) self.assertEqual(form.cleaned_data["email"], email)
def post(self, request): # Create a serializer with request.DATA serializer = self.serializer_class(data=request.DATA) if serializer.is_valid(): # Create PasswordResetForm with the serializer reset_form = PasswordResetForm(data=serializer.data) if reset_form.is_valid(): # Sett some values to trigger the send_email method. opts = { 'use_https': request.is_secure(), 'from_email': getattr(settings, 'DEFAULT_FROM_EMAIL'), 'request': request, } reset_form.save(**opts) # Return the success message with OK HTTP status return Response( {"success": "Password reset e-mail has been sent."}, status=status.HTTP_200_OK) else: return Response(reset_form._errors, status=status.HTTP_400_BAD_REQUEST) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def password_reset(request): """ View for entering email of registered player to change password :param request: """ if request.user.is_authenticated(): return HttpResponseRedirect(reverse("index")) context = {} if request.method == "POST": form = PasswordResetForm(request.POST) if form.is_valid(): opts = { "use_https": request.is_secure(), "token_generator": default_token_generator, "from_email": settings.KASKA_EMAIL, "email_template_name": "players/email/email_template.html", "subject_template_name": "players/email/email_subject.txt", "request": request, } try: Player.objects.get(email__iexact=form.cleaned_data["email"]) except Player.DoesNotExist: return HttpResponseRedirect(reverse("players:password_reset_no_email")) else: form.save(**opts) return HttpResponseRedirect(reverse("players:password_reset_check_email")) else: form = PasswordResetForm() context.update({"form": form}) return render(request, "players/password_reset/password_reset.html", context)
def forget_password(request,*args,**kwargs): if request.method == "POST": form = PasswordResetForm(request.POST) if form.is_valid(): user=form.get_users(form.cleaned_data['email']) if user is not None: user.reset_password_code=make_password(user.username,'reset_password',hasher='pbkdf2_sha256') subject='password reset' message='please open the link below to activate your account\n'\ +SITE_URL+'people/'+user.username+'/reset_password_code/'+tokens user.email_user(subject,message,EMAIL_SENDER) user.save() return redirect('/people/reset_password_done/') else: username=None context={'title':'activation','message':'your account has been activated or activation code is out of date'} redirect('/people/%s/' %username,context) # return HttpResponseRedirect(post_reset_redirect) else: form = PasswordResetForm() context = { 'form': form, 'title':'Password reset', } return render(request, 'people/reset_password.html',context)
def test_save_html_email_template_name(self): """ Test the PasswordResetFOrm.save() method with html_email_template_name parameter specified. Test to ensure that a multipart email is sent with both text/plain and text/html parts. """ (user, username, email) = self.create_dummy_user() form = PasswordResetForm({"email": email}) self.assertTrue(form.is_valid()) form.save(html_email_template_name='registration/html_password_reset_email.html') self.assertEqual(len(mail.outbox), 1) self.assertEqual(len(mail.outbox[0].alternatives), 1) message = mail.outbox[0].message() self.assertEqual(message.get('subject'), 'Custom password reset on example.com') self.assertEqual(len(message.get_payload()), 2) self.assertTrue(message.is_multipart()) self.assertEqual(message.get_payload(0).get_content_type(), 'text/plain') self.assertEqual(message.get_payload(1).get_content_type(), 'text/html') self.assertEqual(message.get_all('to'), [email]) self.assertTrue(re.match(r'^http://example.com/reset/[\w/-]+', message.get_payload(0).get_payload())) self.assertTrue( re.match(r'^<html><a href="http://example.com/reset/[\w/-]+/">Link</a></html>$', message.get_payload(1).get_payload()) )
def password_reset(request): post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done') if request.method == "POST": form = PasswordResetForm(request.POST) if form.is_valid(): opts = { 'use_https': request.is_secure(), 'token_generator': default_token_generator, 'from_email': None, 'email_template_name': 'mail/password_reset_body.html', 'subject_template_name': 'mail/password_reset_subject.txt', 'request': request, } form.save(**opts) return JsonResponse({'status': True, 'redirect': post_reset_redirect}) else: status = False else: form = PasswordResetForm() status = True context = { 'form': form, } if request.is_ajax(): return JsonResponse({'status': status, 'template': render_to_string( 'account/password_reset/reset_form.html', context, context_instance=RequestContext(request))}) return TemplateResponse(request, 'account/password_reset/reset_container.html', context)
def password_reset(request): ''' Attempts to send a password reset e-mail. ''' if request.method != "POST": raise Http404 # By default, Django doesn't allow Users with is_active = False to reset their passwords, # but this bites people who signed up a long time ago, never activated, and forgot their # password. So for their sake, we'll auto-activate a user for whom password_reset is called. try: user = User.objects.get(email=request.POST['email']) user.is_active = True user.save() except: log.exception("Tried to auto-activate user to enable password reset, but failed.") form = PasswordResetForm(request.POST) if form.is_valid(): form.save(use_https=request.is_secure(), from_email=settings.DEFAULT_FROM_EMAIL, request=request, domain_override=request.get_host()) return HttpResponse(json.dumps({'success': True, 'value': render_to_string('registration/password_reset_done.html', {})})) else: return HttpResponse(json.dumps({'success': False, 'error': 'Invalid e-mail'}))
def test_cleaned_data(self): # Regression test user = User.objects.create_user("jsmith3", "*****@*****.**", "test123") data = {'email':'*****@*****.**'} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) self.assertEqual(form.cleaned_data['email'], u'*****@*****.**')
def test_nonexistant_email(self): # Test nonexistant email address. This should not fail because it would # expose information about registered users. data = {'email': '*****@*****.**'} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) self.assertEqual(len(mail.outbox), 0)
def test_nonexistant_email(self): # Test nonexistant email address data = {'email':'*****@*****.**'} form = PasswordResetForm(data) self.assertFalse(form.is_valid()) self.assertEqual(form.errors, {'email': [u"That e-mail address doesn't have an associated user account. Are you sure you've registered?"]})
def test_nonexistant_email(self): # Test nonexistant email address data = {'email': '*****@*****.**'} form = PasswordResetForm(data) self.assertFalse(form.is_valid()) self.assertEqual(form.errors, {'email': [force_text(form.error_messages['unknown'])]})
def add_profile(request): if request.method == 'POST': profile_formset = ProfileFormset(request.POST) if profile_formset.is_valid(): user_added = False for form in profile_formset: if form.cleaned_data: username = form.cleaned_data['username'] first_name = form.cleaned_data['first_name'] last_name = form.cleaned_data['last_name'] email = form.cleaned_data['email'] password = generate_random_id() new_user = create_profile(username, email, password, first_name, last_name) activate_profile(new_user.profile) new_user.profile.send_welcome_email(request) user_added = True reset_form = PasswordResetForm({'email': email}) assert reset_form.is_valid() reset_form.save( request=request, use_https=request.is_secure(), email_template_name='profiles/reset_password.txt', ) if user_added: messages.success(request, _('The profiles have been created')) profile_formset = ProfileFormset() else: messages.warning(request, _('Please check the fields below for error')) else: profile_formset = ProfileFormset() return render(request, 'profiles/add_profile.html', {'profile_formset': profile_formset,})
def passwordReset(self, request, **kwargs): self.method_check(request, allowed=['post']) postData = simplejson.loads(request.raw_post_data) key = postData['token'] user = getUserByKey(key) if user is not None: if user.is_active: data = {'email': user.email} resetForm = PasswordResetForm(data) if resetForm.is_valid(): resetForm.save() return self.create_response(request,{'status':OK, 'message': 'check your email for instructions'}) else: return self.create_response(request, {'status': SYSTEM_ERROR, 'message': 'form not valid'}) else: return self.create_response(request, {'status':FORBIDDEN, 'message':'Account disabled'}) else: return self.create_response(request, {'status': UNAUTHORIZED, 'error': 'User does not exists'})
def testValidUser(self): data = { 'email': '*****@*****.**', } form = PasswordResetForm(data) self.assertEqual(form.is_valid(), False) self.assertEqual(form["email"].errors, [u"That e-mail address doesn't have an associated user account. Are you sure you've registered?"])
def request_password_change(email, orig_host, is_secure): """Email a single-use link for performing a password reset. Users must confirm the password change before we update their information. Args: email (string): An email address orig_host (string): An originating host, extracted from a request with get_host is_secure (Boolean): Whether the request was made with HTTPS Returns: None Raises: AccountUserNotFound AccountRequestError """ # Binding data to a form requires that the data be passed as a dictionary # to the Form class constructor. form = PasswordResetForm({'email': email}) # Validate that an active user exists with the given email address. if form.is_valid(): # Generate a single-use link for performing a password reset # and email it to the user. form.save( from_email=settings.DEFAULT_FROM_EMAIL, domain_override=orig_host, use_https=is_secure ) else: # No active user with the provided email address exists. raise AccountUserNotFound
def passwordReset(request): if request.method == "POST": password_reset = PasswordResetForm(request.POST) if password_reset.is_valid(): email_ID = password_reset.cleaned_data['email'] existing_user = User.objects.filter(Q(email=email_ID)) if existing_user.exists(): print("HI")
def test_cleaned_data(self): (user, username, email) = self.create_dummy_user() data = {'email': email} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) form.save(domain_override='example.com') self.assertEqual(form.cleaned_data['email'], email) self.assertEqual(len(mail.outbox), 1)
def test_cleaned_data(self): # Regression test user = User.objects.create_user("jsmith3", "*****@*****.**", "test123") data = {'email': '*****@*****.**'} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) self.assertEqual(form.cleaned_data['email'], u'*****@*****.**')
def test_inactive_user(self): #tests that inactive user cannot #receive password reset email (user, username, email) = self.create_dummy_user() user.is_active = False user.save() form = PasswordResetForm({'email': email}) self.assertFalse(form.is_valid())
def test_nonexistant_email(self): # Test nonexistant email address data = {'email': '*****@*****.**'} form = PasswordResetForm(data) self.assertFalse(form.is_valid()) self.assertEqual( form.errors, {'email': [force_text(form.error_messages['unknown'])]})
def esqueci_senha(request): if request.method == "POST": form_esqueci = PasswordResetForm(request.POST) if form_esqueci.is_valid(): form_esqueci.save(subject_template_name="", email_template_name="usuario/email-esqueci.html", from_email="") messages.add_message(request, messages.INFO, 'Um e-mail com instruções para alteração de senha foi enviado.') form_esqueci = PasswordResetForm() return render(request, 'usuario/esqueci-senha.html', {'form_esqueci': form_esqueci})
def view_register(request): if request.method == 'POST': user_form = UserBootstrapForm(data=request.POST) if user_form.is_valid(): # check to see if this email address is unique if User.objects.filter(email=request.POST['email']): user_form.add_error( 'email', 'A user with that email address ' 'already exists.') return render(request, 'pdata_app/generic_form.html', { 'form': user_form, 'page_title': 'Create Account' }) # Create a database object from the user's form data user = user_form.save(commit=False) # Set a random password so that the email address can be verified user.set_password(User.objects.make_random_password()) user.save() # This form only requires the "email" field, so will validate. reset_form = PasswordResetForm(request.POST) reset_form.is_valid() # Must trigger validation # Copied from django/contrib/auth/views.py : password_reset opts = { 'use_https': True, 'email_template_name': 'pdata_app/register_user_email_message.html', 'subject_template_name': 'pdata_app/register_user_email_subject.html', 'request': request, 'from_email': '*****@*****.**' } # This form sends the email on save() reset_form.save(**opts) return redirect('register_success') else: user_form = UserBootstrapForm() # Render the template depending on the context. return render(request, 'pdata_app/generic_form.html', { 'form': user_form, 'page_title': 'Create Account' })
def send_password_reset_email(request): pw_form = PasswordResetForm(request.POST) if pw_form.is_valid(): pw_form.save(subject_template_name='email-reset-password-subject.txt', email_template_name='empty.html', html_email_template_name='email-reset-password.djhtml', request=request) return HttpResponse('email sent') return HttpResponseBadRequest('Email Inválido')
def password_reset(request): """Automatically sends a password-reset email to the currently logged in user""" form = PasswordResetForm(data={"email": request.user.email}) if form.is_valid(): form.save(request=request) return redirect("password_reset_done") else: messages.error(request, form.errors) return redirect("userprofile")
def test_custom_email_subject(self): template_path = os.path.join(os.path.dirname(__file__), 'templates') with self.settings(TEMPLATE_DIRS=(template_path,)): data = {'email': '*****@*****.**'} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) form.save() self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].subject, u'Custom password reset on example.com')
def send_password_reset(self, request, queryset): for user in queryset: try: validate_email(user.email) form = PasswordResetForm(data={"email": user.email}) form.is_valid() form.save( email_template_name="accounts/password_forced_reset_email.html", extra_email_context={"full_name": user.full_name}, ) self.message_user(request, _("Succesfully sent password reset email.")) except ValidationError: self.message_user( request, _("User does not have a valid email address"), level="error", )
def form_valid(self, form): form.register_user() email = form.cleaned_data['email'] password_reset = PasswordResetForm({'email': email}) if password_reset.is_valid(): password_reset.save(request=self.request) return super(RegisterAccount, self).form_valid(form)
def PassReset(request): if request.method == 'POST': email = request.POST.get('email') form = PasswordResetForm(request.POST) if form.is_valid(): form.save(request=request) return render(request, 'pages/emailSent.html', {'email': email}) return render(request, 'pages/forgotPassword.html')
def test_user_email_domain_unicode_collision(self): User.objects.create_user("mike123", "*****@*****.**", "test123") User.objects.create_user("mike456", "mike@ıxample.org", "test123") data = {"email": "mike@ıxample.org"} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) form.save() self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to, ["mike@ıxample.org"])
def send_password_reset(request, user_id): user = get_object_or_404(User, id=user_id) form = PasswordResetForm({'email': user.email}) if form.is_valid(): form.save(email_template_name="auto_password_reset_email.html") messages.success(request, "Password reset email sent.") return HttpResponseRedirect( reverse('participant_overview', args=(user.id, )))
def test_nonexistent_email(self): """ Test nonexistent email address. This should not fail because it would expose information about registered users. """ data = {'email': '*****@*****.**'} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) self.assertEqual(len(mail.outbox), 0)
def test_user_email_domain_unicode_collision(self): User.objects.create_user('mike123', '*****@*****.**', 'test123') User.objects.create_user('mike456', 'mike@ıxample.org', 'test123') data = {'email': 'mike@ıxample.org'} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) form.save() self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to, ['mike@ıxample.org'])
def test_custom_email_field(self): email = '*****@*****.**' CustomEmailField.objects.create_user('test name', 'test password', email) form = PasswordResetForm({'email': email}) self.assertTrue(form.is_valid()) form.save() self.assertEqual(form.cleaned_data['email'], email) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to, [email])
def new_user(request): add_user_success = False if request.method == 'GET': profile_form = UserProfileForm() return render_to_response("accountmanagement/account/add_user.html", {'profile_form': profile_form}, context_instance=RequestContext(request)) if request.method == 'POST': manager = get_database_manager(request.user) org = get_organization(request) form = UserProfileForm(organization=org, data=request.POST) if form.is_valid(): username = form.cleaned_data.get('username') if not form.errors: user = User.objects.create_user(username, username, 'test123') user.first_name = form.cleaned_data['full_name'] group = Group.objects.filter(name="Project Managers") user.groups.add(group[0]) user.save() mobile_number = form.cleaned_data['mobile_phone'] ngo_user_profile = NGOUserProfile( user=user, title=form.cleaned_data['title'], mobile_phone=mobile_number, org_id=org.org_id) ngo_user_profile.reporter_id = make_user_as_a_datasender( manager=manager, organization=org, current_user_name=user.get_full_name(), mobile_number=mobile_number, email=username) ngo_user_profile.save() associate_user_with_existing_project( manager, ngo_user_profile.reporter_id) reset_form = PasswordResetForm({"email": username}) if reset_form.is_valid(): send_email_to_data_sender(reset_form.users_cache[0], request.LANGUAGE_CODE, request=request, type="created_user", organization=org) name = form.cleaned_data.get("full_name") form = UserProfileForm() add_user_success = True detail_dict = dict({"Name": name}) UserActivityLog().log(request, action=ADDED_USER, detail=json.dumps(detail_dict)) return render_to_response("accountmanagement/account/add_user.html", { 'profile_form': form, 'add_user_success': add_user_success }, context_instance=RequestContext(request))
def forgotpassword_view(request, form=None): if request.method == 'POST': form = PasswordResetForm(request.POST) if form.is_valid(): # user = form.save() # update_session_auth_hash(request, user) # Important! # messages.success(request, 'Your password was successfully updated!') return redirect('forgotpassword_view') form = PasswordResetForm() return render(request, 'forgotpassword.html', {'form': form})
def ipasswordreset(request): if request.method == "POST": fm = PasswordResetForm(request.POST) if fm.is_valid(): fm.save(from_email=mediclick1 @ gmail.com) else: fm = PasswordResetForm() return render(request, "ipasswordreset.html", {'form': fm})
def perform_create(self, serializer): instance = serializer.save() form = PasswordResetForm({"email": instance.email}) assert form.is_valid() form.save( request=self.request, use_https=True, from_email=settings.DEFAULT_FROM_EMAIL, email_template_name="accounts/password_setup_email.html", )
def send_email_invitation(self, request, queryset): for user in queryset: reset_form = PasswordResetForm({'email': user.email}, request.POST) assert reset_form.is_valid() reset_form.save( #subject_template_name='templates/emails/account_creation_subject.txt', #email_template_name='templates/emails/invitation_email.html', request=request) self.message_user(request, 'Email invitation successfully sent')
def send_password_email_to_user(self, request): user = CustomUser.objects.get(username=request.POST['username']) form = PasswordResetForm({'email': user.email}) if form.is_valid(): form.save(request=request, use_https=False, from_email="*****@*****.**", email_template_name= 'registration/password_reset_email_admin.html')
def test_custom_email_field(self): email = "*****@*****.**" CustomEmailField.objects.create_user("test name", "test password", email) form = PasswordResetForm({"email": email}) self.assertTrue(form.is_valid()) form.save() self.assertEqual(form.cleaned_data["email"], email) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to, [email])
def send_password_reset(self, user_email, request): form = PasswordResetForm({'email': user_email}) if form.is_valid(): form.save(request=request, from_email=settings.DEFAULT_FROM_EMAIL, use_https=True) return True else: return False
def password_reset(request): if request.method == 'POST': form = PasswordResetForm(request.user, request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('morepractice:thanks')) else: form = PasswordResetForm(request.user) return render(request, 'morepractice/password_reset.html', {'form': form})
def signup(request): if request.method == "POST": form = SignUpForm(request.POST) if form.is_valid(): new_user = User.objects.create_user(**form.cleaned_data) password = PasswordResetForm(request.POST) password.is_valid() opts = { 'use_https': request.is_secure(), 'email_template_name': 'registration/password_reset_email.html', 'token_generator': default_token_generator, 'request': request, } password.save(**opts) return redirect("signup-mail-sent") else: form = SignUpForm() return render(request, "registration/signup.html", {"form": form})
def test_custom_email_subject(self): data = {'email': '*****@*****.**'} form = PasswordResetForm(data) self.assertTrue(form.is_valid()) # Since we're not providing a request object, we must provide a # domain_override to prevent the save operation from failing in the # potential case where contrib.sites is not installed. Refs #16412. form.save(domain_override='example.com') self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].subject, 'Custom password reset on example.com')
def save(self, request): user = super(AddUserForm, self).save(commit=False) user.set_password(get_random_string(1024)) user.save() prf = PasswordResetForm({"email": user.email}) if prf.is_valid(): prf.save(request=request, use_https=True, email_template_name='registration/invitation_email.html', subject_template_name='registration/invitation_subject.txt') return user