2 from urllib.parse import urlparse, urlunparse
3 except ImportError: # Python 2
4 from urlparse import urlparse, urlunparse
6 from django.conf import settings
7 from django.core.urlresolvers import reverse
8 from django.http import HttpResponseRedirect, QueryDict
9 from django.template.response import TemplateResponse
10 from django.utils.http import base36_to_int, is_safe_url
11 from django.utils.translation import ugettext as _
12 from django.shortcuts import resolve_url
13 from django.views.decorators.debug import sensitive_post_parameters
14 from django.views.decorators.cache import never_cache
15 from django.views.decorators.csrf import csrf_protect
17 # Avoid shadowing the login() and logout() views below.
18 from django.contrib.auth import REDIRECT_FIELD_NAME, login as auth_login, logout as auth_logout, get_user_model
19 from django.contrib.auth.decorators import login_required
20 from portal.forms import PasswordResetForm, SetPasswordForm
21 from django.contrib.auth.tokens import default_token_generator
22 from django.contrib.sites.models import get_current_site
23 from django.contrib.auth.hashers import UNUSABLE_PASSWORD, identify_hasher
29 from random import choice
31 from django.core.mail import send_mail
32 from django.contrib import messages
33 from django.views.generic import View
34 from django.shortcuts import render
35 from django.http import HttpResponse, HttpResponseRedirect
37 from unfold.loginrequired import FreeAccessView
38 from ui.topmenu import topmenu_items_live
40 from manifold.manifoldapi import execute_admin_query
41 from manifold.core.query import Query
42 from portal.actions import manifold_update_user
44 from portal.forms import PassResetForm
45 from portal.actions import manifold_update_user
49 # 4 views for password reset:
50 # - password_reset sends the mail
51 # - password_reset_done shows a success message for the above
52 # - password_reset_confirm checks the link the user clicked and
53 # prompts for a new password
54 # - password_reset_complete shows a success message for the above
57 def password_reset(request, is_admin_site=False,
58 template_name='registration/password_reset_form.html',
59 email_template_name='registration/password_reset_email.html',
60 subject_template_name='registration/password_reset_subject.txt',
61 password_reset_form=PasswordResetForm,
62 token_generator=default_token_generator,
63 post_reset_redirect=None,
67 if post_reset_redirect is None:
68 post_reset_redirect = reverse('portal.django_passresetview.password_reset_done')
69 if request.method == "POST":
70 form = password_reset_form(request.POST)
73 ### email check in manifold DB ###
74 email = form.cleaned_data['email'] # email inserted on the form
75 user_query = Query().get('local:user').select('user_id','email')
76 user_details = execute_admin_query(request, user_query)
78 for user_detail in user_details:
79 if user_detail['email']==email:
84 messages.error(request, 'Sorry, this email is not registered.')
85 return render(request, 'registration/password_reset_form.html', {
88 ### end of email check in manifold ###
91 'use_https': request.is_secure(),
92 'token_generator': token_generator,
93 'from_email': from_email,
94 'email_template_name': email_template_name,
95 'subject_template_name': subject_template_name,
99 opts = dict(opts, domain_override=request.get_host())
101 return HttpResponseRedirect(post_reset_redirect)
103 form = password_reset_form()
107 if extra_context is not None:
108 context.update(extra_context)
109 return TemplateResponse(request, template_name, context,
110 current_app=current_app)
113 def password_reset_done(request,
114 template_name='registration/password_reset_done.html',
115 current_app=None, extra_context=None):
117 if extra_context is not None:
118 context.update(extra_context)
119 return TemplateResponse(request, template_name, context,
120 current_app=current_app)
123 # Doesn't need csrf_protect since no-one can guess the URL
124 @sensitive_post_parameters()
126 def password_reset_confirm(request, uidb36=None, token=None,
127 template_name='registration/password_reset_confirm.html',
128 token_generator=default_token_generator,
129 set_password_form=SetPasswordForm,
130 post_reset_redirect=None,
131 current_app=None, extra_context=None):
133 View that checks the hash in a password reset link and presents a
134 form for entering a new password.
136 UserModel = get_user_model()
137 assert uidb36 is not None and token is not None # checked by URLconf
138 if post_reset_redirect is None:
139 post_reset_redirect = reverse('portal.django_passresetview.password_reset_complete')
141 uid_int = base36_to_int(uidb36)
142 user = UserModel._default_manager.get(pk=uid_int)
143 except (ValueError, OverflowError, UserModel.DoesNotExist):
146 if user is not None and token_generator.check_token(user, token):
148 if request.method == 'POST':
149 form = set_password_form(user, request.POST)
152 ### manifold pass update ###
153 #password = form.cleaned_data('password1')
154 password=request.POST['new_password1']
155 user_query = Query().get('local:user').select('user_id','email','password')
156 user_details = execute_admin_query(request, user_query)
157 for user_detail in user_details:
158 if user_detail['email'] == user.email:
159 user_detail['password'] = password
160 #updating password in local:user
161 user_params = { 'password': user_detail['password']}
162 manifold_update_user(request,user.email,user_params)
163 ### end of manifold pass update ###
167 return HttpResponseRedirect(post_reset_redirect)
169 form = set_password_form(None)
175 'validlink': validlink,
177 if extra_context is not None:
178 context.update(extra_context)
179 return TemplateResponse(request, template_name, context,
180 current_app=current_app)
183 def password_reset_complete(request,
184 template_name='registration/password_reset_complete.html',
185 current_app=None, extra_context=None):
187 'login_url': resolve_url(settings.LOGIN_URL)
189 if extra_context is not None:
190 context.update(extra_context)
191 return TemplateResponse(request, template_name, context,
192 current_app=current_app)