X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=portal%2Fforms.py;h=cf3e172ab0e0ded57a403715d8171873049014a3;hb=f9880f0f3a06830f54b6f4d89eca5ce58eea122d;hp=fc8d8c3f06a02fb54cee816f08acfe140a7c1cc3;hpb=eb1e290439ad9dd7947766462d2138073d84c759;p=unfold.git diff --git a/portal/forms.py b/portal/forms.py index fc8d8c3f..cf3e172a 100644 --- a/portal/forms.py +++ b/portal/forms.py @@ -28,11 +28,26 @@ from portal.models import PendingUser, PendingSlice from django.utils.translation import ugettext_lazy as _ from django.contrib.auth.tokens import default_token_generator from django.contrib.auth import authenticate, get_user_model -from django.contrib.auth.hashers import UNUSABLE_PASSWORD, identify_hasher from django.contrib.sites.models import get_current_site from django.utils.http import int_to_base36 from django.template import loader +# TODO: Remove these automated forms and use html templates and views like any other page ! +from django.contrib.auth.hashers import identify_hasher +# adapted from https://sourcegraph.com/github.com/fusionbox/django-authtools/symbols/python/authtools/forms + +def is_password_unusable(pw): + # like Django's is_password_usable, but only checks for unusable + # passwords, not invalidly encoded passwords too. + try: + # 1.5 + from django.contrib.auth.hashers import UNUSABLE_PASSWORD + return pw == UNUSABLE_PASSWORD + except ImportError: + # 1.6 + from django.contrib.auth.hashers import UNUSABLE_PASSWORD_PREFIX + return pw.startswith(UNUSABLE_PASSWORD_PREFIX) + @@ -142,8 +157,7 @@ class PasswordResetForm(forms.Form): if not any(user.is_active for user in self.users_cache): # none of the filtered users are active raise forms.ValidationError(self.error_messages['unknown']) - if any((user.password == UNUSABLE_PASSWORD) - for user in self.users_cache): + if any(is_password_unusable(user.password) for user in self.users_cache): raise forms.ValidationError(self.error_messages['unusable']) return email @@ -156,28 +170,31 @@ class PasswordResetForm(forms.Form): Generates a one-use only link for resetting password and sends to the user. """ - from django.core.mail import send_mail - for user in self.users_cache: - if not domain_override: - current_site = get_current_site(request) - site_name = current_site.name - domain = current_site.domain - else: - site_name = domain = domain_override - c = { - 'email': user.email, - 'domain': domain, - 'site_name': site_name, - 'uid': int_to_base36(user.pk), - 'user': user, - 'token': token_generator.make_token(user), - 'protocol': use_https and 'https' or 'http', - } - subject = loader.render_to_string(subject_template_name, c) - # Email subject *must not* contain newlines - subject = ''.join(subject.splitlines()) - email = loader.render_to_string(email_template_name, c) - send_mail(subject, email, from_email, [user.email]) + from django.core.mail import send_mail,EmailMultiAlternatives + try: + for user in self.users_cache: + if not domain_override: + current_site = get_current_site(request) + site_name = current_site.name + domain = current_site.domain + else: + site_name = domain = domain_override + c = { + 'email': user.email, + 'domain': domain, + 'site_name': site_name, + 'uid': int_to_base36(user.pk), + 'user': user, + 'token': token_generator.make_token(user), + 'protocol': use_https and 'https' or 'http', + } + subject = loader.render_to_string(subject_template_name, c) + # Email subject *must not* contain newlines + subject = ''.join(subject.splitlines()) + email = loader.render_to_string(email_template_name, c) + send_mail(subject, email, from_email, [user.email]) + except Exception, e: + print "Failed to send email, please check the mail templates and the SMTP configuration of your server" class SetPasswordForm(forms.Form):