+try:
+ from urllib.parse import urlparse, urlunparse
+except ImportError: # Python 2
+ from urlparse import urlparse, urlunparse
+
+from django.conf import settings
+from django.core.urlresolvers import reverse
+from django.http import HttpResponseRedirect, QueryDict
+from django.template.response import TemplateResponse
+from django.utils.http import base36_to_int, is_safe_url
+from django.utils.translation import ugettext as _
+from django.shortcuts import resolve_url
+from django.views.decorators.debug import sensitive_post_parameters
+from django.views.decorators.cache import never_cache
+from django.views.decorators.csrf import csrf_protect
+
+# Avoid shadowing the login() and logout() views below.
+from django.contrib.auth import REDIRECT_FIELD_NAME, login as auth_login, logout as auth_logout, get_user_model
+from django.contrib.auth.decorators import login_required
+from portal.forms import PasswordResetForm, SetPasswordForm
+from django.contrib.auth.tokens import default_token_generator
+from django.contrib.sites.models import get_current_site
+from django.contrib.auth.hashers import UNUSABLE_PASSWORD, identify_hasher
+
+##
+import os.path, re
+import json
+
+from random import choice
+
+from django.core.mail import send_mail
+from django.contrib import messages
+from django.views.generic import View
+from django.shortcuts import render
+from django.http import HttpResponse, HttpResponseRedirect
+
+from unfold.loginrequired import FreeAccessView
+from ui.topmenu import topmenu_items_live
+
+from manifold.manifoldapi import execute_admin_query
+from manifold.core.query import Query
+from portal.actions import manifold_update_user
+
+from portal.forms import PassResetForm
+from portal.actions import manifold_update_user
+
+
+
+# 4 views for password reset:
+# - password_reset sends the mail
+# - password_reset_done shows a success message for the above
+# - password_reset_confirm checks the link the user clicked and
+# prompts for a new password
+# - password_reset_complete shows a success message for the above
+
+@csrf_protect
+def password_reset(request, is_admin_site=False,
+ template_name='registration/password_reset_form.html',
+ email_template_name='registration/password_reset_email.html',
+ subject_template_name='registration/password_reset_subject.txt',
+ password_reset_form=PasswordResetForm,
+ token_generator=default_token_generator,
+ post_reset_redirect=None,
+ from_email=None,
+ current_app=None,
+ extra_context=None):
+ if post_reset_redirect is None:
+ post_reset_redirect = reverse('portal.django_passresetview.password_reset_done')
+ if request.method == "POST":
+ form = password_reset_form(request.POST)
+ if form.is_valid():
+
+ ### email check in manifold DB ###
+ email = form.cleaned_data['email'] # email inserted on the form
+ user_query = Query().get('local:user').select('user_id','email')
+ user_details = execute_admin_query(request, user_query)
+ flag = 0
+ for user_detail in user_details:
+ if user_detail['email']==email:
+ flag = 1
+ break
+
+ if flag == 0:
+ messages.error(request, 'Sorry, this email is not registered.')
+ return render(request, 'registration/password_reset_form.html', {
+ 'form': form,
+ })
+ ### end of email check in manifold ###
+
+ opts = {
+ 'use_https': request.is_secure(),
+ 'token_generator': token_generator,
+ 'from_email': from_email,
+ 'email_template_name': email_template_name,
+ 'subject_template_name': subject_template_name,
+ 'request': request,
+ }
+ if is_admin_site:
+ opts = dict(opts, domain_override=request.get_host())
+ form.save(**opts)
+ return HttpResponseRedirect(post_reset_redirect)
+ else:
+ form = password_reset_form()
+ context = {
+ 'form': form,
+ }
+ if extra_context is not None:
+ context.update(extra_context)
+ return TemplateResponse(request, template_name, context,
+ current_app=current_app)
+
+
+def password_reset_done(request,
+ template_name='registration/password_reset_done.html',
+ current_app=None, extra_context=None):
+ context = {}
+ if extra_context is not None:
+ context.update(extra_context)
+ return TemplateResponse(request, template_name, context,
+ current_app=current_app)
+
+
+# Doesn't need csrf_protect since no-one can guess the URL
+@sensitive_post_parameters()
+@never_cache
+def password_reset_confirm(request, uidb36=None, token=None,
+ template_name='registration/password_reset_confirm.html',
+ token_generator=default_token_generator,
+ set_password_form=SetPasswordForm,
+ post_reset_redirect=None,
+ current_app=None, extra_context=None):
+ """
+ View that checks the hash in a password reset link and presents a
+ form for entering a new password.
+ """
+ UserModel = get_user_model()
+ assert uidb36 is not None and token is not None # checked by URLconf
+ if post_reset_redirect is None:
+ post_reset_redirect = reverse('portal.django_passresetview.password_reset_complete')
+ try:
+ uid_int = base36_to_int(uidb36)
+ user = UserModel._default_manager.get(pk=uid_int)
+ except (ValueError, OverflowError, UserModel.DoesNotExist):
+ user = None
+
+ if user is not None and token_generator.check_token(user, token):
+ validlink = True
+ if request.method == 'POST':
+ form = set_password_form(user, request.POST)
+ if form.is_valid():
+
+ ### manifold pass update ###
+ #password = form.cleaned_data('password1')
+ password=request.POST['new_password1']
+ user_query = Query().get('local:user').select('user_id','email','password')
+ user_details = execute_admin_query(request, user_query)
+ for user_detail in user_details:
+ if user_detail['email'] == user.email:
+ user_detail['password'] = password
+ #updating password in local:user
+ user_params = { 'password': user_detail['password']}
+ manifold_update_user(request,user.email,user_params)
+ ### end of manifold pass update ###
+
+
+ form.save()
+ return HttpResponseRedirect(post_reset_redirect)
+ else:
+ form = set_password_form(None)
+ else:
+ validlink = False
+ form = None
+ context = {
+ 'form': form,
+ 'validlink': validlink,
+ }
+ if extra_context is not None:
+ context.update(extra_context)
+ return TemplateResponse(request, template_name, context,
+ current_app=current_app)
+
+
+def password_reset_complete(request,
+ template_name='registration/password_reset_complete.html',
+ current_app=None, extra_context=None):
+ context = {
+ 'login_url': resolve_url(settings.LOGIN_URL)
+ }
+ if extra_context is not None:
+ context.update(extra_context)
+ return TemplateResponse(request, template_name, context,
+ current_app=current_app)
+
+