X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=portal%2Fforms.py;h=38293e4ea967ca130d15e060b95a0648a58fa107;hb=d77bd6393a4d5a910996e5d0502375b00679ea24;hp=c7cb7f06b64760984638141553858b1bf8cd7803;hpb=dc0c3cef4b19067ee34234f295d8e96649add6f5;p=unfold.git diff --git a/portal/forms.py b/portal/forms.py index c7cb7f06..38293e4e 100644 --- a/portal/forms.py +++ b/portal/forms.py @@ -28,11 +28,26 @@ from portal.models import PendingUser, PendingSlice from django.utils.translation import ugettext_lazy as _ from django.contrib.auth.tokens import default_token_generator from django.contrib.auth import authenticate, get_user_model -from django.contrib.auth.hashers import UNUSABLE_PASSWORD, identify_hasher from django.contrib.sites.models import get_current_site from django.utils.http import int_to_base36 from django.template import loader +# TODO: Remove these automated forms and use html templates and views like any other page ! +from django.contrib.auth.hashers import identify_hasher +# adapted from https://sourcegraph.com/github.com/fusionbox/django-authtools/symbols/python/authtools/forms + +def is_password_unusable(pw): + # like Django's is_password_usable, but only checks for unusable + # passwords, not invalidly encoded passwords too. + try: + # 1.5 + from django.contrib.auth.hashers import UNUSABLE_PASSWORD + return pw == UNUSABLE_PASSWORD + except ImportError: + # 1.6 + from django.contrib.auth.hashers import UNUSABLE_PASSWORD_PREFIX + return pw.startswith(UNUSABLE_PASSWORD_PREFIX) + @@ -54,12 +69,31 @@ from django.template import loader # cc_myself = forms.BooleanField(required=False) class ContactForm(forms.Form): - first_name = forms.CharField(widget=forms.TextInput(attrs={'class':'form-control'})) - last_name = forms.CharField(widget=forms.TextInput(attrs={'class':'form-control'})) - authority = forms.CharField(widget=forms.TextInput(attrs={'class':'form-control'})) + # first_name = forms.RegexField(widget=forms.TextInput(attrs={'class':'form-control'}), + # regex=r'^[\w.@+-]+$', + # max_length=30, + # label=_("First name"), + # error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")}) + # last_name = forms.RegexField(widget=forms.TextInput(attrs={'class':'form-control'}), + # regex=r'^[\w.@+-]+$', + # max_length=30, + # label=_("Last name"), + # error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")}) + # authority = forms.RegexField(widget=forms.TextInput(attrs={'class':'form-control'}), + # regex=r'^[\w.@+-]+$', + # max_length=30, + # label=_("authority"), + # error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")}) email = forms.EmailField(widget=forms.TextInput(attrs={'class':'form-control'})) - subject = forms.CharField(max_length=100,widget=forms.TextInput(attrs={'class':'form-control'})) - message = forms.CharField(widget=forms.Textarea(attrs={'class':'form-control'})) + subject = forms.RegexField(widget=forms.TextInput(attrs={'class':'form-control'}), + regex=r'^[\w.@+-]+$', + max_length=100, + label=_("subject"), + error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")}) + description = forms.RegexField(widget=forms.Textarea(attrs={'class':'form-control'}), + regex=r'^[\w.@+-]+$', + label=_("description"), + error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")}) cc_myself = forms.BooleanField(required=False,widget=forms.CheckboxInput(attrs={'class':'form-control'})) class PassResetForm(forms.Form): @@ -142,8 +176,7 @@ class PasswordResetForm(forms.Form): if not any(user.is_active for user in self.users_cache): # none of the filtered users are active raise forms.ValidationError(self.error_messages['unknown']) - if any((user.password == UNUSABLE_PASSWORD) - for user in self.users_cache): + if any(is_password_unusable(user.password) for user in self.users_cache): raise forms.ValidationError(self.error_messages['unusable']) return email @@ -156,28 +189,31 @@ class PasswordResetForm(forms.Form): Generates a one-use only link for resetting password and sends to the user. """ - from django.core.mail import send_mail - for user in self.users_cache: - if not domain_override: - current_site = get_current_site(request) - site_name = current_site.name - domain = current_site.domain - else: - site_name = domain = domain_override - c = { - 'email': user.email, - 'domain': domain, - 'site_name': site_name, - 'uid': int_to_base36(user.pk), - 'user': user, - 'token': token_generator.make_token(user), - 'protocol': use_https and 'https' or 'http', - } - subject = loader.render_to_string(subject_template_name, c) - # Email subject *must not* contain newlines - subject = ''.join(subject.splitlines()) - email = loader.render_to_string(email_template_name, c) - send_mail(subject, email, from_email, [user.email]) + from django.core.mail import send_mail,EmailMultiAlternatives + try: + for user in self.users_cache: + if not domain_override: + current_site = get_current_site(request) + site_name = current_site.name + domain = current_site.domain + else: + site_name = domain = domain_override + c = { + 'email': user.email, + 'domain': domain, + 'site_name': site_name, + 'uid': int_to_base36(user.pk), + 'user': user, + 'token': token_generator.make_token(user), + 'protocol': use_https and 'https' or 'http', + } + subject = loader.render_to_string(subject_template_name, c) + # Email subject *must not* contain newlines + subject = ''.join(subject.splitlines()) + email = loader.render_to_string(email_template_name, c) + send_mail(subject, email, from_email, [user.email]) + except Exception, e: + print "Failed to send email, please check the mail templates and the SMTP configuration of your server" class SetPasswordForm(forms.Form):