-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathviews.py
108 lines (88 loc) · 3.85 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
from django import forms
from django.contrib import messages
from django.core.mail import send_mail
from django.http import HttpResponse
from django.shortcuts import redirect, render
from django.template import Context
from django.template.loader import render_to_string
# this is for testing purposes
from django.test import override_settings
from django.urls import reverse
from django.utils.html import strip_tags
from django.views import View
from django.views.decorators.http import require_POST
from apps.ldap.utils import change_password, get_user_email, user_exists
from apps.newuser.utils import valid_password
from .tokens import account_activation_token
REDIRECT = "/"
class RequestPasswordResetForm(forms.Form):
username = forms.CharField(label="Username")
class PasswordResetForm(forms.Form):
password = forms.CharField(widget=forms.PasswordInput(), label="Enter password")
confirm_password = forms.CharField(
widget=forms.PasswordInput(), label="Confirm password"
)
def clean(self):
form_data = super().clean()
password = form_data.get("password")
confirm_password = form_data.get("confirm_password")
if password != confirm_password:
raise forms.ValidationError("Passwords must match!")
elif not valid_password(password):
raise forms.ValidationError("Password must meet requirements!")
return form_data
class PasswordResetView(View):
def post(self, request, uid, token):
form = PasswordResetForm(request.POST)
if form.is_valid():
password = form.cleaned_data["password"]
confirm_password = form.cleaned_data["confirm_password"]
success = change_password(uid, password)
if not success:
raise Exception("Change password failed")
return render(request, "password_reset/resetsuccess.html")
else:
context = {"form": form, "uid": uid, "token": token}
return render(request, "password_reset/resetpasswordconfirm.html", context)
def get(self, request, uid, token):
print(uid, token)
if not user_exists(uid):
user = None
else:
user = uid
# getting here just need to get back the pass
if user is not None and account_activation_token.check_token(user, token):
form = PasswordResetForm()
context = {"form": form, "uid": uid, "token": token}
return render(request, "password_reset/resetpasswordconfirm.html", context)
else:
print("invalid link")
return redirect(REDIRECT)
def get_html_email(username, email, token):
return render_to_string(
"password_reset_email.html", {"uid": username, "email": email, "token": token}
)
def RequestPasswordResetView(request):
if request.method == "POST":
form = RequestPasswordResetForm(request.POST)
if form.is_valid():
username = form.cleaned_data["username"]
token = account_activation_token.make_token(username)
user_email = get_user_email(username)
html_message = get_html_email(username, user_email, token)
if user_email is not None:
send_mail(
subject="CSUA Account Password Reset Link",
message=strip_tags(html_message),
html_message=html_message,
from_email="[email protected]",
recipient_list=[user_email],
)
return redirect(reverse("password_reset:request-reset-password"))
else:
return redirect(reverse("password_reset:request-reset-password"))
else:
pass # form failure
else:
form = RequestPasswordResetForm()
return render(request, "password_reset/requestpasswordreset.html", {"form": form})