示例#1
0
    def clean(self):
        data = super(ChangeEmailPasswordForm, self).clean()

        current_password = data.get('current_password')
        new_email = data.get('new_email')
        new_password = data.get('new_password')

        if not data.get('current_password'):
            message = _("You have to enter your current password.")
            raise forms.ValidationError(message)

        if not self.user.check_password(current_password):
            raise forms.ValidationError(_("Entered password is invalid."))

        if not (new_email or new_password):
            message = _("You have to enter new e-mail or password.")
            raise forms.ValidationError(message)

        if new_email:
            if new_email.lower() == self.user.email.lower():
                message = _("New e-mail is same as current one.")
                raise forms.ValidationError(message)
            validate_email(new_email)

        if new_password:
            validate_password(new_password)

        return data
示例#2
0
文件: user.py 项目: nikescar/Misago
    def create_user(self, username, email, password=None,
                    set_default_avatar=False, **extra_fields):
        from misago.users.validators import (validate_email, validate_password,
                                             validate_username)

        with transaction.atomic():
            if not email:
                raise ValueError(_("User must have an email address."))
            if not password:
                raise ValueError(_("User must have a password."))

            validate_username(username)
            validate_email(email)
            validate_password(password)

            if not 'joined_from_ip' in extra_fields:
                extra_fields['joined_from_ip'] = '127.0.0.1'

            if not 'timezone' in extra_fields:
                extra_fields['timezone'] = settings.default_timezone

            WATCH_DICT = {
                'no': AUTO_SUBSCRIBE_NONE,
                'watch': AUTO_SUBSCRIBE_WATCH,
                'watch_email': AUTO_SUBSCRIBE_WATCH_AND_EMAIL,
            }

            if not 'subscribe_to_started_threads' in extra_fields:
                new_value = WATCH_DICT[settings.subscribe_start]
                extra_fields['subscribe_to_started_threads'] = new_value

            if not 'subscribe_to_replied_threads' in extra_fields:
                new_value = WATCH_DICT[settings.subscribe_reply]
                extra_fields['subscribe_to_replied_threads'] = new_value

            now = timezone.now()
            user = self.model(is_staff=False, is_superuser=False,
                              last_login=now, joined_on=now, **extra_fields)

            user.set_username(username)
            user.set_email(email)
            user.set_password(password)

            if not 'rank' in extra_fields:
                user.rank = Rank.objects.get_default()

            user.save(using=self._db)

            if set_default_avatar:
                avatars.set_default_avatar(user)

            authenticated_role = Role.objects.get(special_role='authenticated')
            if authenticated_role not in user.roles.all():
                user.roles.add(authenticated_role)

            user.update_acl_key()
            user.save(update_fields=['acl_key'])

            return user
示例#3
0
文件: forms.py 项目: tylercole/Misago
 def clean_password(self):
     new_user = User.objects.get_blank_user()
     new_user.set_password(self.cleaned_data['password'])
     try:
         new_user.full_clean()
     except ValidationError as e:
         new_user.is_password_valid(e)
     validate_password(self.cleaned_data['password'],  self.request.settings)
     return self.cleaned_data['password']
示例#4
0
文件: user.py 项目: nescode/Misago
    def create_user(self, username, email, password=None, set_default_avatar=False, **extra_fields):
        from misago.users.validators import validate_email, validate_password, validate_username

        with transaction.atomic():
            if not email:
                raise ValueError(_("User must have an email address."))
            if not password:
                raise ValueError(_("User must have a password."))

            validate_username(username)
            validate_email(email)
            validate_password(password)

            if not "joined_from_ip" in extra_fields:
                extra_fields["joined_from_ip"] = "127.0.0.1"

            WATCH_DICT = {
                "no": AUTO_SUBSCRIBE_NONE,
                "watch": AUTO_SUBSCRIBE_WATCH,
                "watch_email": AUTO_SUBSCRIBE_WATCH_AND_EMAIL,
            }

            if not "subscribe_to_started_threads" in extra_fields:
                new_value = WATCH_DICT[settings.subscribe_start]
                extra_fields["subscribe_to_started_threads"] = new_value

            if not "subscribe_to_replied_threads" in extra_fields:
                new_value = WATCH_DICT[settings.subscribe_reply]
                extra_fields["subscribe_to_replied_threads"] = new_value

            now = timezone.now()
            user = self.model(is_staff=False, is_superuser=False, last_login=now, joined_on=now, **extra_fields)

            user.set_username(username)
            user.set_email(email)
            user.set_password(password)

            if not "rank" in extra_fields:
                user.rank = Rank.objects.get_default()

            user.save(using=self._db)

            if set_default_avatar:
                avatars.set_default_avatar(user)
                user.avatar_hash = avatars.get_avatar_hash(user)
            else:
                user.avatar_hash = "abcdef01"

            authenticated_role = Role.objects.get(special_role="authenticated")
            if authenticated_role not in user.roles.all():
                user.roles.add(authenticated_role)
            user.update_acl_key()

            user.save(update_fields=["avatar_hash", "acl_key"])

            return user
示例#5
0
文件: auth.py 项目: KinKir/Misago
def process_forgotten_password_form(request, user):
    new_password = request.data.get('password', '').strip()
    try:
        validate_password(new_password)
        user.set_password(new_password)
        user.save()
    except ValidationError as e:
        return Response({'detail': e.messages[0]},
                        status=status.HTTP_400_BAD_REQUEST)
    return Response({'detail': 'ok'})
示例#6
0
    def clean(self):
        data = super(SetNewPasswordForm, self).clean()

        new_password = data.get('new_password')
        if not new_password or len(new_password) > 250:
            raise forms.ValidationError(_("You have to fill out form."))

        validate_password(new_password)

        return data
示例#7
0
 def clean_new_password(self):
     if self.cleaned_data['new_password']:
         self.user.set_password(self.cleaned_data['new_password'])
         try:
             self.user.full_clean()
         except ValidationError as e:
             self.user.is_password_valid(e)
         validate_password(self.cleaned_data['new_password'])
         return self.cleaned_data['new_password']
     return ''
示例#8
0
def change_password(request, user, token):
    new_password = request.DATA.get('password', '').strip()

    try:
        validate_password(new_password)
        user.set_password(new_password)
        user.save()
    except ValidationError as e:
        return Response({'detail': e.messages[0]},
                        status=status.HTTP_400_BAD_REQUEST)

    return Response({'detail': 'ok'})
示例#9
0
def change_forgotten_password(request, user_id, token):
    User = auth.get_user_model()

    invalid_message = _("Form link is invalid. Please try again.")
    expired_message = _("Your link has expired. Please request new one.")

    try:
        try:
            user = User.objects.get(pk=user_id)
        except User.DoesNotExist:
            raise PasswordChangeFailed(invalid_message)

        if request.user.is_authenticated() and request.user.id != user.id:
            raise PasswordChangeFailed(invalid_message)
        if not is_password_change_token_valid(user, token):
            raise PasswordChangeFailed(invalid_message)

        if user.requires_activation:
            raise PasswordChangeFailed(expired_message)
        if get_user_ban(user):
            raise PasswordChangeFailed(expired_message)
    except PasswordChangeFailed as e:
        return Response({
                'detail': e.args[0]
            }, status=status.HTTP_400_BAD_REQUEST)

    try:
        new_password = request.data.get('password', '').strip()
        validate_password(new_password)
        user.set_password(new_password)
        user.save()
    except ValidationError as e:
        return Response({
                'detail': e.messages[0]
            }, status=status.HTTP_400_BAD_REQUEST)

    return Response({
            'username': user.username
        })
示例#10
0
 def test_invalid_name(self):
     """validate_password disallows invalid password"""
     with self.assertRaises(ValidationError):
         validate_password('A' * (settings.password_length_min - 1))
示例#11
0
    def create_user(self, username, email, password, timezone=False, ip='127.0.0.1', agent='', no_roles=False, activation=0, request=False):
        token = ''
        if activation > 0:
            token = get_random_string(12)

        try:
            db_settings = request.settings
        except AttributeError:
            db_settings = DBSettings()

        if timezone == False:
            timezone = db_settings['default_timezone']

        # Get first rank
        try:
            from misago.ranks.models import Rank
            default_rank = Rank.objects.filter(special=0).order_by('order')[0]
        except IndexError:
            default_rank = None

        # Store user in database
        new_user = User(
                        last_sync=tz_util.now(),
                        join_date=tz_util.now(),
                        join_ip=ip,
                        join_agent=agent,
                        activation=activation,
                        token=token,
                        timezone=timezone,
                        rank=default_rank,
                        subscribe_start=db_settings['subscribe_start'],
                        subscribe_reply=db_settings['subscribe_reply'],
                        )

        validate_username(username, db_settings)
        validate_password(password, db_settings)
        new_user.set_username(username)
        new_user.set_email(email)
        new_user.set_password(password)
        new_user.full_clean()
        new_user.default_avatar(db_settings)
        new_user.save(force_insert=True)

        # Set user roles?
        if not no_roles:
            from misago.roles.models import Role
            new_user.roles.add(Role.objects.get(token='registered'))
            new_user.make_acl_key()
            new_user.save(force_update=True)

        # Load monitor
        try:
            monitor = request.monitor
        except AttributeError:
            monitor = Monitor()

        # Update forum stats
        if activation == 0:
            monitor['users'] = int(monitor['users']) + 1
            monitor['last_user'] = new_user.pk
            monitor['last_user_name'] = new_user.username
            monitor['last_user_slug'] = new_user.username_slug
        else:
            monitor['users_inactive'] = int(monitor['users_inactive']) + 1

        # Return new user
        return new_user
示例#12
0
 def clean_new_password(self):
     data = self.cleaned_data['new_password']
     if data:
         validate_password(data)
     return data
示例#13
0
 def clean_new_password(self):
     data = self.cleaned_data['new_password']
     if data:
         validate_password(data)
     return data
示例#14
0
 def test_invalid_name(self):
     """validate_password disallows invalid password"""
     with self.assertRaises(ValidationError):
         validate_password('A' * (settings.password_length_min - 1))
示例#15
0
 def test_valid_password(self):
     """validate_password allows valid password"""
     validate_password('A' * (settings.password_length_min + 1))
示例#16
0
def validate_password(request):
    try:
        validators.validate_password(request.POST['password'])
        return _("Entered password is valid.")
    except KeyError:
        raise ValidationError(_('Enter password.'))
示例#17
0
 def test_valid_password(self):
     """validate_password allows valid password"""
     validate_password('A' * (settings.password_length_min + 1))
示例#18
0
文件: api.py 项目: sun5495/Misago
def validate_password(request):
    try:
        validators.validate_password(request.POST["password"])
        return _("Entered password is valid.")
    except KeyError:
        raise ValidationError(_("Enter password."))
示例#19
0
文件: user.py 项目: qhhonx/Misago
    def create_user(self,
                    username,
                    email,
                    password=None,
                    set_default_avatar=False,
                    **extra_fields):
        from misago.users.validators import (validate_email, validate_password,
                                             validate_username)

        with transaction.atomic():
            if not email:
                raise ValueError(_("User must have an email address."))
            if not password:
                raise ValueError(_("User must have a password."))

            validate_username(username)
            validate_email(email)
            validate_password(password)

            if not 'joined_from_ip' in extra_fields:
                extra_fields['joined_from_ip'] = '127.0.0.1'

            if not 'timezone' in extra_fields:
                extra_fields['timezone'] = settings.default_timezone

            WATCH_DICT = {
                'no': AUTO_SUBSCRIBE_NONE,
                'watch': AUTO_SUBSCRIBE_WATCH,
                'watch_email': AUTO_SUBSCRIBE_WATCH_AND_EMAIL,
            }

            if not 'subscribe_to_started_threads' in extra_fields:
                new_value = WATCH_DICT[settings.subscribe_start]
                extra_fields['subscribe_to_started_threads'] = new_value

            if not 'subscribe_to_replied_threads' in extra_fields:
                new_value = WATCH_DICT[settings.subscribe_reply]
                extra_fields['subscribe_to_replied_threads'] = new_value

            now = timezone.now()
            user = self.model(is_staff=False,
                              is_superuser=False,
                              last_login=now,
                              joined_on=now,
                              **extra_fields)

            user.set_username(username)
            user.set_email(email)
            user.set_password(password)

            if not 'rank' in extra_fields:
                user.rank = Rank.objects.get_default()

            user.save(using=self._db)

            if set_default_avatar:
                avatars.set_default_avatar(user)

            authenticated_role = Role.objects.get(special_role='authenticated')
            if authenticated_role not in user.roles.all():
                user.roles.add(authenticated_role)

            user.update_acl_key()
            user.save(update_fields=['acl_key'])

            return user
示例#20
0
    def handle(self, *args, **options):
        username = options.get("username")
        email = options.get("email")
        password = options.get("password")
        interactive = options.get("interactive")
        verbosity = int(options.get("verbosity", 1))

        # Validate initial inputs
        if username is not None:
            try:
                username = username.strip()
                validate_username(username)
            except ValidationError as e:
                self.stderr.write(e.messages[0])
                username = None

        if email is not None:
            try:
                email = email.strip()
                validate_email(email)
            except ValidationError as e:
                self.stderr.write(e.messages[0])
                email = None

        if password is not None:
            try:
                password = password.strip()
                validate_password(password)
            except ValidationError as e:
                self.stderr.write(e.messages[0])
                password = None

        if not interactive:
            if username and email and password:
                # Call User manager's create_superuser using our wrapper
                self.create_superuser(username, email, password, verbosity)
        else:
            try:
                if hasattr(self.stdin, "isatty") and not self.stdin.isatty():
                    raise NotRunningInTTYException("Not running in a TTY")

                # Prompt for username/password, and any other required fields.
                # Enclose this whole thing in a try/except to trap for a
                # keyboard interrupt and exit gracefully.
                while not username:
                    try:
                        message = force_str("Enter displayed username: "******"Enter E-mail address: ").strip()
                        validate_email(raw_value)
                        email = raw_value
                    except ValidationError as e:
                        self.stderr.write(e.messages[0])

                while not password:
                    try:
                        raw_value = getpass("Enter password: "******"Repeat password: "******"Entered passwords are different.")
                        password = raw_value
                    except ValidationError as e:
                        self.stderr.write(e.messages[0])

                # Call User manager's create_superuser using our wrapper
                self.create_superuser(username, email, password, verbosity)

            except KeyboardInterrupt:
                self.stderr.write("\nOperation cancelled.")
                sys.exit(1)
            except NotRunningInTTYException:
                self.stdout.write(
                    "Superuser creation skipped due to not running in a TTY. "
                    "You can run `manage.py createsuperuser` in your project "
                    "to create one manually."
                )