def post(self, request): username = request.POST.get('username') email = request.POST.get('email') if not (username or email): messages.error(request, _('Provide either username or email address')) return HttpResponseRedirect(reverse('admin-resend-activation')) try: user = UserProxy.objects.all().by_username_or_email(username, email) except UserProxy.DoesNotExist: messages.error(request, _('No user found')) return HttpResponseRedirect(reverse('admin-resend-activation')) if user.is_active: messages.success(request, 'User {username} is already activated') else: send_activation_email(user, request) messages.success( request, _( 'Email for {username} ({email}) resent'.format( username=user.username, email=user.email ) ), ) return HttpResponseRedirect(reverse('admin-resend-activation'))
def post(self, request): username = request.POST.get("username") email = request.POST.get("email") if not (username or email): messages.error(request, _("Provide either username or email address")) return HttpResponseRedirect(reverse("admin-resend-activation")) try: user = UserProxy.objects.all().by_username_or_email( username, email) except UserProxy.DoesNotExist: messages.error(request, _("No user found")) return HttpResponseRedirect(reverse("admin-resend-activation")) if user.is_active: messages.success(request, "User {username} is already activated") else: send_activation_email(user, request) messages.success( request, _("Email for {username} ({email}) resent".format( username=user.username, email=user.email)), ) return HttpResponseRedirect(reverse("admin-resend-activation"))
def restore_password(request): if request.method == "GET": form = RestorePasswordForm() return render(request, "restore_password.html", {"form": form}) form = RestorePasswordForm(request.POST) if not form.is_valid(): return HttpResponseRedirect("/login/") try: user = UserProxy.objects.all().by_username_or_email(form.cleaned_data["username"], form.cleaned_data["email"]) except UserProxy.DoesNotExist: messages.error(request, _("User does not exist.")) return render(request, "password_reset_failed.html") if not user.is_active: send_activation_email(user, request) messages.error(request, _("Please activate your account first. " "We have just re-sent your activation email")) return HttpResponseRedirect(reverse("login")) site = RequestSite(request) pwd = random_token(length=16) user.set_password(pwd) user.save() subject = render_to_string("reset-pwd-subj.txt", {"site": site}).strip() message = render_to_string("reset-pwd-msg.txt", {"username": user.username, "site": site, "password": pwd}) user.email_user(subject, message) return render(request, "password_reset.html")
def post(self, request): """ Carries out the login, redirects to get if it fails """ # redirect target on successful login next_page = request.POST.get('next', '') # redirect target on failed login login_page = '{page}?next={next_page}'.format( page=reverse('login'), next_page=next_page ) username = request.POST.get('user', None) if not username: messages.error(request, _('Username missing')) return HttpResponseRedirect(login_page) password = request.POST.get('pwd', None) if not password: messages.error(request, _('Password missing')) return HttpResponseRedirect(login_page) # find the user from the configured login systems, and verify pwd user = authenticate(username=username, password=password) if not user: messages.error(request, _('Wrong username or password.')) return HttpResponseRedirect(login_page) if not user.is_active: send_activation_email(user, request) messages.error( request, _( 'Please activate your account first. ' 'We have just re-sent your activation email' ), ) return HttpResponseRedirect(login_page) # set up the user's session login(request, user) if next_page: domain = RequestSite(request).domain allowed_hosts = [domain] if is_safe_url(next_page, allowed_hosts): return HttpResponseRedirect(next_page) else: # TODO: log a warning that next_page is not # considered a safe redirect target pass return HttpResponseRedirect(DEFAULT_LOGIN_REDIRECT)
def post(self, request): """ Carries out the login, redirects to get if it fails """ # redirect target on successful login next_page = request.POST.get('next', '') # redirect target on failed login login_page = '{page}?next={next_page}'.format( page=reverse('login'), next_page=next_page ) username = request.POST.get('user', None) if not username: messages.error(request, _('Username missing')) return HttpResponseRedirect(login_page) password = request.POST.get('pwd', None) if not password: messages.error(request, _('Password missing')) return HttpResponseRedirect(login_page) # find the user from the configured login systems, and verify pwd user = authenticate(username=username, password=password) if not user: messages.error(request, _('Wrong username or password.')) return HttpResponseRedirect(login_page) if not user.is_active: send_activation_email(user, request) messages.error( request, _( 'Please activate your account first. ' 'We have just re-sent your activation email' ), ) return HttpResponseRedirect(login_page) # set up the user's session login(request, user) if next_page: if is_safe_url(next_page): return HttpResponseRedirect(next_page) else: # TODO: log a warning that next_page is not # considered a safe redirect target pass return HttpResponseRedirect(DEFAULT_LOGIN_REDIRECT)
def restore_password(request): if request.method == 'GET': form = RestorePasswordForm() return render(request, 'restore_password.html', { 'form': form, }) form = RestorePasswordForm(request.POST) if not form.is_valid(): return HttpResponseRedirect('/login/') try: user = UserProxy.objects.all().by_username_or_email( form.cleaned_data['username'], form.cleaned_data['email'] ) except UserProxy.DoesNotExist: messages.error(request, _('User does not exist.')) return render(request, 'password_reset_failed.html') if not user.is_active: send_activation_email(user, request) messages.error(request, _('Please activate your account first. ' 'We have just re-sent your activation email')) return HttpResponseRedirect(reverse('login')) site = RequestSite(request) pwd = random_token(length=16) user.set_password(pwd) user.save() subject = render_to_string('reset-pwd-subj.txt', {'site': site}).strip() message = render_to_string('reset-pwd-msg.txt', { 'username': user.username, 'site': site, 'password': pwd, }) user.email_user(subject, message) return render(request, 'password_reset.html')
def restore_password(request): if request.method == "GET": form = RestorePasswordForm() return render(request, "restore_password.html", {"form": form}) form = RestorePasswordForm(request.POST) if not form.is_valid(): return HttpResponseRedirect("/login/") try: user = UserProxy.objects.all().by_username_or_email( form.cleaned_data["username"], form.cleaned_data["email"]) except UserProxy.DoesNotExist: messages.error(request, _("User does not exist.")) return render(request, "password_reset_failed.html") if not user.is_active: send_activation_email(user, request) messages.error( request, _("Please activate your account first. " "We have just re-sent your activation email"), ) return HttpResponseRedirect(reverse("login")) site = RequestSite(request) pwd = random_token(length=16) user.set_password(pwd) user.save() subject = render_to_string("reset-pwd-subj.txt", {"site": site}).strip() message = render_to_string("reset-pwd-msg.txt", { "username": user.username, "site": site, "password": pwd }) user.email_user(subject, message) return render(request, "password_reset.html")