def register(request): if request.method == "POST": #Usual test cases if User.objects.filter(username=request.POST['user_reg']).exists(): return render(request, 'user/login.html',{'usr':"******"}) elif User.objects.filter(email=request.POST['email']).exists(): return render(request, 'user/login.html',{'usr':"******"}) elif request.POST['password'] != request.POST['password2']: return render(request, 'user/login.html',{'pwd':" <h4 class='text-danger'>Both the passwords don't match.</h4>"}) else: #Validate the password try: validate_password(request.POST['password']) except ValidationError as e: return render(request, 'user/login.html',{'pwd':password_validators_help_text_html()}) #Yay, new user user = User.objects.create_user(request.POST['user_reg'],request.POST['email'],request.POST['password']) #comm = Communities.objects.get(name='users') profile = UserProfile(user=user) profile.save() user = authenticate(username=request.POST['user_reg'], password=request.POST['password']) auth.login(request, user) return render(request,'user/profile.html') else: return render(request,"user/login.html")
def handle(self, *args, **options): self.stdout.write("Creating administrator user") if User.objects.filter(username=USERNAME).exists(): self.stdout.write(self.style.NOTICE( "User '{}' already exists".format(USERNAME))) return try: email = settings.ADMINS[0][1] except: raise CommandError("ADMINS setting not defined properly") try: validate_password(options['password'], User(username=USERNAME, email=email)) except ValidationError as err: raise CommandError(' '.join(err.messages)) call_command('createsuperuser', interactive=False, verbosity=0, username=USERNAME, email=email) admin_user = User.objects.get(username=USERNAME) admin_user.set_password(options['password']) admin_user.save() self.stdout.write(self.style.SUCCESS( "Successfully created administrator user" ))
def change_forgotten_password(request, pk, token): """ POST /auth/change-password/user/token/ with CSRF and new password will change forgotten password """ invalid_message = _("Form link is invalid. Please try again.") expired_message = _("Your link has expired. Please request new one.") try: try: user = User.objects.get(pk=pk, is_active=True) except User.DoesNotExist: raise PasswordChangeFailed(invalid_message) if request.user.is_authenticated and request.user.id != user.id: raise PasswordChangeFailed(invalid_message) if not is_password_change_token_valid(user, token): raise PasswordChangeFailed(invalid_message) if user.requires_activation: raise PasswordChangeFailed(expired_message) if get_user_ban(user, request.cache_versions): raise PasswordChangeFailed(expired_message) except PasswordChangeFailed as e: return Response({"detail": e.args[0]}, status=status.HTTP_400_BAD_REQUEST) try: new_password = request.data.get("password", "") validate_password(new_password, user=user) user.set_password(new_password) user.save() except ValidationError as e: return Response({"detail": e.messages[0]}, status=status.HTTP_400_BAD_REQUEST) return Response({"username": user.username})
def post(self, request, *args, **kwargs): uidb64 = request.data.get("user_id") token = request.data.get("token") password = request.data.get("password") if not (uidb64 and token and password): raise ValidationError( {"detail": "You have to provide user_id, token and password."} ) user = self.get_user(uidb64) if user is None: raise ValidationError({"detail": "User does not exist."}) if not ( has_perm(user, "users.can_change_password") or has_perm(user, "users.can_manage") ): self.permission_denied(request) if not default_token_generator.check_token(user, token): raise ValidationError({"detail": "Invalid token."}) try: validate_password(password, user=user) except DjangoValidationError as errors: raise ValidationError({"detail": " ".join(errors)}) user.set_password(password) user.save() return super().post(request, *args, **kwargs)
def clean_password2(self): password1 = self.cleaned_data['password1'] password2 = self.cleaned_data['password2'] validate_password(password2) if password1 != password2: raise forms.ValidationError('password1 and password2 not equal!') return password2
def clean(self): if ("password" in self.cleaned_data and "password_again" in self.cleaned_data): if self.cleaned_data["password"] != self.cleaned_data["password_again"]: self.add_error("password", forms.ValidationError(_("Passwords don't match"))) self.add_error("password_again", forms.ValidationError(_("Passwords don't match"))) if "email" in self.cleaned_data: self.cleaned_data["username"] = self.get_username() if "username" in self.cleaned_data: username_exists = User.objects.filter( username=self.cleaned_data["username"]).count() if username_exists: self.add_error("username", forms.ValidationError( _("Please choose another display name"))) if "email" in self.cleaned_data: email_exists = User.objects.filter( email=self.cleaned_data["email"]).count() if email_exists: self.add_error("email", forms.ValidationError( _("Please choose another email address"))) if "password" in self.cleaned_data: validate_password(self.cleaned_data["password"]) return self.cleaned_data
def reset_password(self, request, pk=None): """ View to reset the password using the requested password. If update_defualt_password=True is given, the new password will also be set as the default_password. """ user = self.get_object() password = request.data.get("password") if not isinstance(password, str): raise ValidationError({"detail": "Password has to be a string."}) update_default_password = request.data.get("update_default_password", False) if not isinstance(update_default_password, bool): raise ValidationError( {"detail": "update_default_password has to be a boolean."} ) try: validate_password(password, user=request.user) except DjangoValidationError as errors: raise ValidationError({"detail": " ".join(errors)}) user.set_password(password) if update_default_password: user.default_password = password user.save() return Response({"detail": "Password successfully reset."})
def clean(self): if ('password' not in self.cleaned_data or 'password_confirm' not in self.cleaned_data): raise ValidationError(_('Favor informar senhas atuais ou novas')) msg = _('As senhas não conferem.') self.valida_igualdade( self.cleaned_data['password'], self.cleaned_data['password_confirm'], msg) if ('email' not in self.cleaned_data or 'email_confirm' not in self.cleaned_data): raise ValidationError(_('Favor informar endereços de email')) msg = _('Os emails não conferem.') self.valida_igualdade( self.cleaned_data['email'], self.cleaned_data['email_confirm'], msg) email_existente = self.valida_email_existente() if email_existente: msg = _('Esse email já foi cadastrado.') raise ValidationError(msg) try: validate_password(self.cleaned_data['password']) except ValidationError as error: raise ValidationError(error) return self.cleaned_data
def post(self, request): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): old_password = serializer.validated_data['old_password'] new_password = serializer.validated_data['new_password'] try: if not FailedLoginAttempt.objects.is_locked_out( request.user, request.auth.application): if request.user.check_password(old_password): FailedLoginAttempt.objects.delete_failed_attempts( request.user, request.auth.application) password_validation.validate_password(new_password, request.user) request.user.set_password(new_password) request.user.save() return Response(status=status.HTTP_204_NO_CONTENT) else: FailedLoginAttempt.objects.add_failed_attempt( request.user, request.auth.application) errors = {'old_password': [_('You’ve entered an incorrect password')]} except ValidationError as e: errors = {'new_password': e.error_list} else: errors = serializer.errors return Response( data={'errors': errors}, status=status.HTTP_400_BAD_REQUEST, )
def post(self, request): user = request.user # Check request data. old_password = request.data.get('old_password') new_password = request.data.get('new_password') if not old_password or not new_password: raise APIException(detail='You must provide both the old password and the new password.') if not user.check_password(old_password): raise APIException(detail='The old password is not correct.') try: password_validation.validate_password(new_password) except ValidationError: raise APIException(detail='The new password is not valid.') # Update the user's password. user.set_password(new_password) user.save() # Log in user with new password. user = authenticate(username=user.username, password=new_password) if user is not None and user.is_active: login(request, user) return Response()
def clean(self): super(userRegisterForm, self).clean username = self.cleaned_data.get('username') firstname = self.cleaned_data.get('firstname') middlename = self.cleaned_data.get('middlename') lastname = self.cleaned_data.get('lastname') password = self.cleaned_data.get('password') email_address = self.cleaned_data.get('email_address') if len(username) < 5: self._errors['username'] = self.error_class(['UserName should be atleast five characters long']) try: validate_username(username) except ValidationError as e: self._errors['username'] = self.error_class([e]) if len(firstname) < 4: self._errors['firstname'] = self.error_class(['First Name should be atleast four characters long']) try: validate_email(email_address) except ValidationError as e: self._errors['email_address'] = self.error_class([e]) try: validate_password(password, self.data,None) except ValidationError as e: self._errors['password'] = self.error_class([e]) #validate_password(password,None,None ) return self.cleaned_data
def post(self, request): messages = {'invalid_password': None, 'password_validations': None, 'success': None, 'other': None, 'mismatched':None} try: user = request.user old_password = request.POST.get('old_password') new_password = request.POST.get('new_password') new_password2 = request.POST.get('new_password2') if user.check_password(old_password) == False: messages['invalid_password'] = _("Invalid password") if new_password != new_password2: messages['mismatched'] = _("New password and confirmation must match") try: validation.validate_password(new_password, user) except ValidationError as val_err: messages['password_validations'] = val_err.messages if messages["invalid_password"] == None and messages["password_validations"] == None and messages["mismatched"] == None: user.set_password(new_password) user.save() authenticated_user = authenticate(username=user.username, password=new_password) login(request, authenticated_user) messages['success'] = _('Password successfully updated') except Exception as err: messages['other'] = err return JSONResponse(messages)
def create(self, request, *args, **kwargs): try: validate_password(request.data.get('password')) except ValidationError as e: logger.error('User creation failed: password did not validate.') return Response({ 'message': '\n'.join(e.messages) }, 400) try: User.objects.get(username=request.data.get('username')) logger.error('User creation failed: user already exists.') return Response({ 'message': 'User already exists' }, 400) except ObjectDoesNotExist: pass response = super().create(request, *args, **kwargs) # Prep to send email. user = User.objects.get(username=response.data['username']) url = reverse('api:user-register', kwargs={'pk': user.id}) registration_url = request.build_absolute_uri(url) try: send_registration_email_to_user.delay(registration_url, user.registration_code, user.email) except Exception as e: logger.error('An exception occurred while creating user. %s' % e) return Response({ 'description': 'User created. Registration Needed' }, 201)
def post(self, request, *args, **kwargs): form = self.form_class(request.POST) if form.is_valid(): new_username = form.cleaned_data['username'] new_password = form.cleaned_data['password'] new_email = form.cleaned_data['email'] if get_user_model().objects.filter(username=new_username).exists(): messages.error(request, "Username not available, choose a different one") return render(request, self.template_name, {'form' : form}) if new_email != '' and get_user_model().objects.filter(email=new_email).exists(): messages.error(request, "Email not available, choose a different one") return render(request, self.template_name, {'form' : form}) #validate password try: validate_password(new_password) except exceptions.ValidationError as e: form.errors['password'] = list(e.messages) return render(request, self.template_name, {'form' : form}) user = get_user_model().objects.create_user(username=new_username, password=new_password, email=new_email) user = authenticate(username=new_username, password=new_password) if user is not None: login(request, user) return redirect(reverse('chatdemo:profile')) else: return render(request, self.template_name, {'form' : form})
def clean(self): new_password = self.cleaned_data['new_password'] new_password_again = self.cleaned_data['new_password_again'] old_password = self.cleaned_data['old_password'] if (new_password_again or new_password) and not old_password: raise forms.ValidationError( self.error_messages['old_password_required'], code='old_password_required',) if old_password: if not self.instance.check_password(old_password): raise forms.ValidationError( self.error_messages['password_incorrect'], code='password_incorrect', ) if new_password and new_password_again: if new_password != new_password_again: raise forms.ValidationError( self.error_messages['password_mismatch'], code='password_mismatch',) password_validation.validate_password( new_password_again, self.instance ) else: raise forms.ValidationError( self.error_messages['new_password_repeat'], code='new_password_repeat', )
def clean_password(self, password): """ Validates a password. You can hook into this if you want to restric the allowed password choices. """ validate_password(password) return password
def clean_password2(self): password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2 and password1 != password2: raise forms.ValidationError("Los Passwords no son iguales") password_validation.validate_password(self.cleaned_data.get("password2"), self.instance) return password2
def put(self, request, **kwargs): token = request.data.get('token') password = request.data.get('password') matches = re.search(r'([0-9A-Za-z]+)-(.*)', token) if not matches: return Response(status=HTTP_404_NOT_FOUND) uidb36 = matches.group(1) key = matches.group(2) if not (uidb36 and key): return Response(status=HTTP_404_NOT_FOUND) user = self._get_user(uidb36) if user is None: return Response(status=HTTP_404_NOT_FOUND) if not default_token_generator.check_token(user, key): return Response(status=HTTP_404_NOT_FOUND) try: validate_password(password) except DjangoValidationError as e: return Response(dict(password=e.messages), status=HTTP_400_BAD_REQUEST) cache.set(backoff_cache_key(user.email, None), None) user.set_password(password) user.save() return self.get_response()
def clean(self): data = super().clean() if self.errors: return data old_password = data.get('old_password', '') new_password1 = data.get('new_password1', '') new_password2 = data.get('new_password2', '') if old_password and self.instance.pwd_created: if not self.instance.check_password(old_password): raise ValidationError("Senha atual informada não confere " "com a senha armazenada") if self.instance.check_password(new_password1): raise ValidationError( "Nova senha não pode ser igual à senha anterior") if new_password1 != new_password2: raise forms.ValidationError( self.error_messages['password_mismatch'], code='password_mismatch', ) else: if new_password1 and new_password2: password_validation.validate_password( new_password2, self.instance)
def validate_new_password(self, value): """Check new password.""" try: password_validation.validate_password(value, self.instance) except ValidationError as exc: raise serializers.ValidationError(exc.messages[0]) return value
def create(self, validated_data): user_data = validated_data.pop('user') errors = {} if 'username' not in user_data: errors['username'] = ['This field is required.'] if 'password' not in user_data: errors['password'] = ['This field is required.'] if len(errors) > 0: raise serializers.ValidationError(errors) if 'timezone' not in validated_data: validated_data['timezone'] = 'UTC' if validated_data['timezone'] not in pytz.all_timezones: raise serializers.ValidationError({'timezone': ['Not a valid choice.']}) password = user_data.pop('password') try: password_validation.validate_password(password=password, user=User) except exceptions.ValidationError as e: raise serializers.ValidationError({'password': [e.message]}) user = User.objects.create(**user_data) user.set_password(password) user.save() return SciriusUser.objects.create(user=user, **validated_data)
def validate_password(password): """ Validate password """ validate_password(password) return password
def clean(self): #rewriting clean method to check whether passwords match or not cleaned_data=super(SignupForm,self).clean() username=cleaned_data.get('username') email=cleaned_data.get('email') ps1=cleaned_data.get('password') ps2=cleaned_data.get('verify_password') if email=="": self.add_error('email',"Please input your email!") if ps1!=ps2: msg="Password does not match!" self.add_error('verify_password',msg) # Save hashed password instead of password directly encoded_password=make_password(ps1,make_salt()) cleaned_data['password']=encoded_password # Make sure email is unique if email and User.objects.filter(email=email).exclude(username=username).count(): msg="Email has been used!" self.add_error('email',msg) # Validate password if ps1: try: validate_password(ps1,user=self) cleaned_data['help_text']=None except ValidationError: cleaned_data['help_text']=password_validators_help_text_html() self.add_error('password','Your password it too weak. Please choose another password') return cleaned_data
def clean_password2(self): password1 = self.cleaned_data.get('password1', '') password2 = self.cleaned_data.get('password2', '') if password1 != password2: raise forms.ValidationError( _("The two password fields didn't match.")) validate_password(password2, self.instance) return password2
def clean_new_password2(self): password1 = self.cleaned_data.get('new_password1') password2 = self.cleaned_data.get('new_password2') if password1 and password2: if password1 != password2: raise forms.ValidationError("The passwords do not match.") password_validation.validate_password(password2) return password2
def clean_password2(self): password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2 and password1 != password2: raise forms.ValidationError(self.error_messages["password_mismatch"], code="password_mismatch") self.instance.email = self.cleaned_data.get("email") password_validation.validate_password(self.cleaned_data.get("password2"), self.instance) return password2
def clean_password2(self): # Check that the two password entries match password = self.cleaned_data.get("password") password2 = self.cleaned_data.get("password2") if password and password2 and password != password2: raise forms.ValidationError("Passwords don't match") validate_password(password) return password2
def clean_password2(self): password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2: if password1 != password2: raise forms.ValidationError(self.error_messages["password_mismatch"], code="password_mismatch") password_validation.validate_password(password2, self.user) return password2
def clean_new_password2(self): password1 = self.cleaned_data.get('new_password1') password2 = self.cleaned_data.get('new_password2') if password1 and password2: if password1 != password2: raise forms.ValidationError(_("The two password fields didn't match."), code='password_mismatch') password_validation.validate_password(password2, self.user) return password2
def clean_password_confirmation(self): new_password = self.cleaned_data['new_password'] if new_password: validate_password(new_password, self.instance.user) password_confirmation = self.cleaned_data['password_confirmation'] if new_password != password_confirmation: raise ValidationError("Password mismatch", code='invalid') return password_confirmation
def validate_password(self, value): password_validation.validate_password(value, self.instance) return value
def clean_password1(self): password1 = self.cleaned_data.get("password1") email = self.cleaned_data.get("email") validate_password(password1, User(username=email, email=email)) return password1
def validate_password(self, value): if value is not None: password_validation.validate_password(value) return value
def handle(self, *args, **options): username = options.get('username') email = options.get('email') password = options.get('password') interactive = options.get('interactive') verbosity = int(options.get('verbosity', 1)) # Validate initial inputs if username is not None: try: username = username.strip() validate_username(username) except ValidationError as e: self.stderr.write('\n'.join(e.messages)) username = None if email is not None: try: email = email.strip() validate_email(email) except ValidationError as e: self.stderr.write('\n'.join(e.messages)) email = None if password is not None: password = password.strip() if password == '': self.stderr.write("Error: Blank passwords aren't allowed.") if not interactive: if username and email and password: # Call User manager's create_superuser using our wrapper self.create_superuser(username, email, password, verbosity) else: try: if hasattr(self.stdin, 'isatty') and not self.stdin.isatty(): raise NotRunningInTTYException("Not running in a TTY") # Prompt for username/password, and any other required fields. # Enclose this whole thing in a try/except to trap for a # keyboard interrupt and exit gracefully. while not username: try: message = force_str("Enter displayed username: "******"Enter e-mail address: ").strip() validate_email(raw_value) email = raw_value except ValidationError as e: self.stderr.write('\n'.join(e.messages)) while not password: raw_value = getpass("Enter password: "******"Repeat password:"******"Error: Your passwords didn't match.") # Don't validate passwords that don't match. continue if raw_value.strip() == '': self.stderr.write("Error: Blank passwords aren't allowed.") # Don't validate blank passwords. continue try: validate_password( raw_value, user=UserModel(username=username, email=email) ) except ValidationError as e: self.stderr.write('\n'.join(e.messages)) response = input('Bypass password validation and create user anyway? [y/N]: ') if response.lower() != 'y': continue password = raw_value # Call User manager's create_superuser using our wrapper self.create_superuser(username, email, password, verbosity) except KeyboardInterrupt: self.stderr.write("\nOperation cancelled.") sys.exit(1) except NotRunningInTTYException: self.stdout.write( "Superuser creation skipped due to not running in a TTY. " "You can run `manage.py createsuperuser` in your project " "to create one manually." )
def validate_password(self, value): try: validate_password(value) except ValidationError as exc: raise serializers.ValidationError(str(exc)) return value
def validate_password(self, data): password_validation.validate_password(data) return data
def clean_new_password(self): data = self.cleaned_data['new_password'] if data: validate_password(data, user=self.instance) return data
def register_view(request): reglink_id = request.GET.get('reglink_id', request.POST.get('reglink_id', '')) try: reglink = RegLink.objects.get(reglink_id=reglink_id) reglink_usable = reglink.is_usable() except RegLink.DoesNotExist: reglink_usable = False reglink = None context = { 'can_register': True, 'done_registeration': False, 'warning': '', 'reglink_id': reglink_id, } if reglink_usable is False or request.method == 'GET': if reglink_usable is False: context['can_register'] = False context['warning'] = 'Your registeration link is invalid! Please check again!' return shortcuts.render(request, 'registration/register.html', context) if request.method == 'POST': username = request.POST.get('username', '') password = request.POST.get('password', '') password2 = request.POST.get('password2', '') email = request.POST.get('email', '') email = email.strip() info_valid = True registeration_success = True try: validate_email(email) except ValidationError: context['warning'] += 'Invalid Email! <BR>' info_valid = False if password != password2: context['warning'] += 'Your password didn\'t match! <BR>' info_valid = False try: User.objects.get(username=username) info_valid = False context['warning'] += 'Your username has been used!<br>' except User.DoesNotExist: pass try: User.objects.get(email=email) info_valid = False context['warning'] += 'Your email has been used!<br>' except User.DoesNotExist: pass try: password_validation.validate_password(password) except ValidationError as e: context['warning'] += f'{"<br>".join(e.messages)}<BR>' info_valid = False try: validators.UnicodeUsernameValidator()(username) except ValidationError as e: context['warning'] += f'{"<br>".join(e.messages)}<BR>' info_valid = False if info_valid: user = User.objects.create(username=username, email=email) user.set_password(password) user.save() else: user = None if user is None: registeration_success = False if registeration_success: try: UserProfile.objects.get(user=user) except UserProfile.DoesNotExist: UserProfile.objects.create(user=user) reglink.is_used = True reglink.save() context['done_registeration'] = True context['warning'] = '' return shortcuts.render(request, 'registration/register.html', context) else: context['done_registeration'] = False return shortcuts.render(request, 'registration/register.html', context)
def validate_password(self, password): user = self.context['request'].user validate_password(password, user=user) return password
def validate_new_password(self, value): # https://docs.djangoproject.com/en/2.0/topics/auth/passwords/#django.contrib.auth.password_validation.validate_password password_validation.validate_password(value) return value
def new_password__is_valid(form, parsed_data, **_): try: validate_password(parsed_data, form.get_request().user) return True, None except ValidationError as e: return False, ','.join(e)
def validate_old_password(self, value): validate_password( value, user=self.instance) # validate it is a real, acceptable pw return value
def clean_password1(self): password1 = self.cleaned_data['password1'] if password1: password_validation.validate_password(password1) return password1
def handle(self, *args, **options): username = options[self.UserModel.USERNAME_FIELD] database = options['database'] user_data = {} verbose_field_name = self.username_field.verbose_name try: self.UserModel._meta.get_field(PASSWORD_FIELD) except exceptions.FieldDoesNotExist: pass else: # If not provided, create the user with an unusable password. user_data[PASSWORD_FIELD] = None try: if options['interactive']: # Same as user_data but with foreign keys as fake model # instances instead of raw IDs. fake_user_data = {} if hasattr(self.stdin, 'isatty') and not self.stdin.isatty(): raise NotRunningInTTYException default_username = get_default_username() if username: error_msg = self._validate_username( username, verbose_field_name, database) if error_msg: self.stderr.write(error_msg) username = None elif username == '': raise CommandError('%s cannot be blank.' % capfirst(verbose_field_name)) # Prompt for username. while username is None: message = self._get_input_message(self.username_field, default_username) username = self.get_input_data(self.username_field, message, default_username) if username: error_msg = self._validate_username( username, verbose_field_name, database) if error_msg: self.stderr.write(error_msg) username = None continue user_data[self.UserModel.USERNAME_FIELD] = username fake_user_data[self.UserModel.USERNAME_FIELD] = ( self.username_field.remote_field.model(username) if self.username_field.remote_field else username) # Prompt for required fields. for field_name in self.UserModel.REQUIRED_FIELDS: field = self.UserModel._meta.get_field(field_name) user_data[field_name] = options[field_name] while user_data[field_name] is None: message = self._get_input_message(field) input_value = self.get_input_data(field, message) user_data[field_name] = input_value fake_user_data[field_name] = input_value # Wrap any foreign keys in fake model instances if field.remote_field: fake_user_data[ field_name] = field.remote_field.model( input_value) # Prompt for a password if the model has one. while PASSWORD_FIELD in user_data and user_data[ PASSWORD_FIELD] is None: password = getpass.getpass() password2 = getpass.getpass('Password (again): ') if password != password2: self.stderr.write( "Error: Your passwords didn't match.") # Don't validate passwords that don't match. continue if password.strip() == '': self.stderr.write( "Error: Blank passwords aren't allowed.") # Don't validate blank passwords. continue try: validate_password(password2, self.UserModel(**fake_user_data)) except exceptions.ValidationError as err: self.stderr.write('\n'.join(err.messages)) response = input( 'Bypass password validation and create user anyway? [y/N]: ' ) if response.lower() != 'y': continue user_data[PASSWORD_FIELD] = password else: # Non-interactive mode. # Use password from environment variable, if provided. if PASSWORD_FIELD in user_data and 'DJANGO_SUPERUSER_PASSWORD' in os.environ: user_data[PASSWORD_FIELD] = os.environ[ 'DJANGO_SUPERUSER_PASSWORD'] # Use username from environment variable, if not provided in # options. if username is None: username = os.environ.get( 'DJANGO_SUPERUSER_' + self.UserModel.USERNAME_FIELD.upper()) if username is None: raise CommandError('You must use --%s with --noinput.' % self.UserModel.USERNAME_FIELD) else: error_msg = self._validate_username( username, verbose_field_name, database) if error_msg: raise CommandError(error_msg) user_data[self.UserModel.USERNAME_FIELD] = username for field_name in self.UserModel.REQUIRED_FIELDS: env_var = 'DJANGO_SUPERUSER_' + field_name.upper() value = options[field_name] or os.environ.get(env_var) if not value: raise CommandError( 'You must use --%s with --noinput.' % field_name) field = self.UserModel._meta.get_field(field_name) user_data[field_name] = field.clean(value, None) self.UserModel._default_manager.db_manager( database).create_superuser(**user_data) if options['verbosity'] >= 1: self.stdout.write("Superuser created successfully.") except KeyboardInterrupt: self.stderr.write('\nOperation cancelled.') sys.exit(1) except exceptions.ValidationError as e: raise CommandError('; '.join(e.messages)) except NotRunningInTTYException: self.stdout.write( 'Superuser creation skipped due to not running in a TTY. ' 'You can run `manage.py createsuperuser` in your project ' 'to create one manually.')
def clean_password(self): password = self.cleaned_data.get("password") validate_password(password) return password
def validate_password(self, password): password_validation.validate_password(password) return password
def handle(self, *args, **options): username = options[self.UserModel.USERNAME_FIELD] database = options['database'] # If not provided, create the user with an unusable password password = None user_data = {} # Same as user_data but with foreign keys as fake model instances # instead of raw IDs. fake_user_data = {} # Do quick and dirty validation if --noinput if not options['interactive']: try: if not username: raise CommandError("You must use --%s with --noinput." % self.UserModel.USERNAME_FIELD) username = self.username_field.clean(username, None) for field_name in self.UserModel.REQUIRED_FIELDS: if options[field_name]: field = self.UserModel._meta.get_field(field_name) user_data[field_name] = field.clean( options[field_name], None) else: raise CommandError( "You must use --%s with --noinput." % field_name) except exceptions.ValidationError as e: raise CommandError('; '.join(e.messages)) else: # Prompt for username/password, and any other required fields. # Enclose this whole thing in a try/except to catch # KeyboardInterrupt and exit gracefully. default_username = get_default_username() try: if hasattr(self.stdin, 'isatty') and not self.stdin.isatty(): #raise NotRunningInTTYException("Not running in a TTY") print "1" # Get a username verbose_field_name = self.username_field.verbose_name while username is None: input_msg = capfirst(verbose_field_name) if default_username: input_msg += " (leave blank to use '%s')" % default_username username_rel = self.username_field.remote_field input_msg = '%s%s: ' % ( input_msg, ' (%s.%s)' % (username_rel.model._meta.object_name, username_rel.field_name) if username_rel else '') username = self.get_input_data(self.username_field, input_msg, default_username) if not username: continue if self.username_field.unique: try: self.UserModel._default_manager.db_manager( database).get_by_natural_key(username) except self.UserModel.DoesNotExist: pass else: self.stderr.write( "Error: That %s is already taken." % verbose_field_name) username = None for field_name in self.UserModel.REQUIRED_FIELDS: field = self.UserModel._meta.get_field(field_name) user_data[field_name] = options[field_name] while user_data[field_name] is None: message = '%s%s: ' % ( capfirst(field.verbose_name), ' (%s.%s)' % ( field.remote_field.model._meta.object_name, field.remote_field.field_name, ) if field.remote_field else '', ) input_value = self.get_input_data(field, message) user_data[field_name] = input_value fake_user_data[field_name] = input_value # Wrap any foreign keys in fake model instances if field.remote_field: fake_user_data[ field_name] = field.remote_field.model( input_value) # Get a password while password is None: password = getpass.getpass() password2 = getpass.getpass('Password (again): ') if password != password2: self.stderr.write( "Error: Your passwords didn't match.") password = None # Don't validate passwords that don't match. continue if password.strip() == '': self.stderr.write( "Error: Blank passwords aren't allowed.") password = None # Don't validate blank passwords. continue try: validate_password(password2, self.UserModel(**fake_user_data)) except exceptions.ValidationError as err: self.stderr.write('\n'.join(err.messages)) password = None except KeyboardInterrupt: self.stderr.write("\nOperation cancelled.") sys.exit(1) except NotRunningInTTYException: self.stdout.write( "Superuser creation skipped due to not running in a TTY. " "You can run `manage.py createsuperuser` in your project " "to create one manually.") if username: user_data[self.UserModel.USERNAME_FIELD] = username user_data['password'] = password self.UserModel._default_manager.db_manager( database).create_superuser(**user_data) if options['verbosity'] >= 1: self.stdout.write("Superuser created successfully.")
def validate_password(self, value): """ Method for validating password """ password_validation.validate_password(value) return value
def validate(self, attrs): validators.validate_password(attrs['password']) return attrs
def validate_password(self, value): validate_password(value) return value
def validate_password(self, data): validators.validate_password(password=data, user=User) return data
def validate_new_password(self, value): validate_password(value, user=self.instance) return value
def clean_password_first(self): password = self.cleaned_data['password1'] if password: password_validation.validate_password(password) return password
def validate_new_password(self, value): password_validation.validate_password(value) return value
def clean_password2(self): password = self.cleaned_data.get('password2', None) validate_password(password) return password
def validate_new_password(self, data): validators.validate_password(password=data, user=User) user = self.context.get("user") if user.check_password(data): raise serializers.ValidationError("New password must be different") return data
def validate_new_password(self, value): validate_password(value, user=self.context["user"]) return value
def clean_new_password(self): password = self.cleaned_data["new_password"] if password: validate_password(password, self.instance) return password
def validate_new_password(self, password): try: password_validation.validate_password(password=password, user=User) except exceptions.ValidationError as e: raise serializers.ValidationError({'password': [str(e)]}) return password
def validate_new_password(self, value): validate_password(value) return value # class UserSerializer(serializers.ModelSerializer): # class Meta: # model = User # fields = ('id', 'email', 'firstname', 'lastname', # 'about_me', 'avatar' ) # read_only_fields = ('id',) # validators = [UniqueTogetherValidator( # queryset=User.objects.all(), # fields=('email',) # )] # class UserSerializer(serializers.ModelSerializer): # class Meta: # model = User # fields = ('id', 'email', 'firstname', 'lastname', # 'about_me', 'avatar' ) # class UserRegisterSerializer(serializers.Serializer): # email = serializers.EmailField(required=True) # password = serializers.CharField(required=True) # password2 = serializers.CharField(required=True) # def validate_email(self, validated_data): # email = self.validated_data['email'] # qs = User.objects.filter(email=email) # if qs.exists(): # raise serializers.ValidationError("email is taken") # return email # def validate_password2(self, validated_data): # # Check that the two password entries match # password1 = self.validated_data["password"] # password2 = self.validated_data["password2"] # if password1 and password2 and password1 != password2: # raise serializers.ValidationError("Passwords don't match") # return password2 # def validate_email(email): # qs = User.objects.filter(email=email) # if qs.exists(): # raise serializers.ValidationError("email is taken") # return email # def validate_password2(password, password2): # if password and password2 and password != password2: # raise serializers.ValidationError("Passwords don't match") # return password2 # class UserRegisterSerializer(serializers.Serializer): # email = serializers.EmailField(validators=[validate_email]) # password = serializers.CharField(required=True) # password2 = serializers.CharField(required=True) # # password2 = serializers.CharField(validators=[validate_password2]) # class UserRegisterSerializer(serializers.ModelSerializer): # class Meta: # model = User # fields = ('email', 'password') # def create(self, validated_data): # user = super().create(validated_data) # user.set_password(validated_data['password']) # user.save() # return user