+ help_text = "An authority responsible for vetting your slice")
+
+
+class PasswordResetForm(forms.Form):
+ error_messages = {
+ 'unknown': _("That email address doesn't have an associated "
+ "user account. Are you sure you've registered?"),
+ 'unusable': _("The user account associated with this email "
+ "address cannot reset the password."),
+ }
+ email = forms.EmailField(label=_("Email"), max_length=254)
+
+ def clean_email(self):
+ """
+ Validates that an active user exists with the given email address.
+ """
+ UserModel = get_user_model()
+ email = self.cleaned_data["email"]
+ self.users_cache = UserModel._default_manager.filter(email__iexact=email)
+ if not len(self.users_cache):
+ raise forms.ValidationError(self.error_messages['unknown'])
+ if not any(user.is_active for user in self.users_cache):
+ # none of the filtered users are active
+ raise forms.ValidationError(self.error_messages['unknown'])
+ if any((user.password == UNUSABLE_PASSWORD)
+ for user in self.users_cache):
+ raise forms.ValidationError(self.error_messages['unusable'])
+ return email
+
+ def save(self, domain_override=None,
+ subject_template_name='registration/password_reset_subject.txt',
+ email_template_name='registration/password_reset_email.html',
+ use_https=False, token_generator=default_token_generator,
+ from_email=None, request=None):
+ """
+ Generates a one-use only link for resetting password and sends to the
+ user.
+ """
+ from django.core.mail import send_mail
+ for user in self.users_cache:
+ if not domain_override:
+ current_site = get_current_site(request)
+ site_name = current_site.name
+ domain = current_site.domain
+ else:
+ site_name = domain = domain_override
+ c = {
+ 'email': user.email,
+ 'domain': domain,
+ 'site_name': site_name,
+ 'uid': int_to_base36(user.pk),
+ 'user': user,
+ 'token': token_generator.make_token(user),
+ 'protocol': use_https and 'https' or 'http',
+ }
+ subject = loader.render_to_string(subject_template_name, c)
+ # Email subject *must not* contain newlines
+ subject = ''.join(subject.splitlines())
+ email = loader.render_to_string(email_template_name, c)
+ send_mail(subject, email, from_email, [user.email])
+
+
+class SetPasswordForm(forms.Form):
+ """
+ A form that lets a user change set his/her password without entering the
+ old password
+ """
+ error_messages = {
+ 'password_mismatch': _("The two password fields didn't match."),
+ }
+ new_password1 = forms.CharField(label=_("New password"),
+ widget=forms.PasswordInput)
+ new_password2 = forms.CharField(label=_("New password confirmation"),
+ widget=forms.PasswordInput)
+
+ def __init__(self, user, *args, **kwargs):
+ self.user = user
+ super(SetPasswordForm, self).__init__(*args, **kwargs)
+
+ def clean_new_password2(self):
+ password1 = self.cleaned_data.get('new_password1')
+ password2 = self.cleaned_data.get('new_password2')
+ if password1 and password2:
+ if password1 != password2:
+ raise forms.ValidationError(
+ self.error_messages['password_mismatch'])
+ return password2
+
+ def save(self, commit=True):
+ self.user.set_password(self.cleaned_data['new_password1'])
+ if commit:
+ self.user.save()
+ return self.user