1ef577be6bf830202252dabbf33bb3477c7808ff
2 # This file is part of my.gpodder.org.
4 # my.gpodder.org is free software: you can redistribute it and/or modify it
5 # under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or (at your
7 # option) any later version.
9 # my.gpodder.org is distributed in the hope that it will be useful, but
10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
12 # License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
18 from django
.shortcuts
import render_to_response
19 from django
.http
import HttpResponseRedirect
20 from django
.contrib
.auth
import authenticate
, login
, logout
21 from django
.contrib
.auth
.models
import User
22 from django
.contrib
.auth
.decorators
import login_required
23 from django
.template
.defaultfilters
import slugify
24 from django
.template
import RequestContext
25 from registration
.views
import activate
, register
26 from mygpo
.api
.models
import UserProfile
27 from mygpo
.web
.forms
import RestorePasswordForm
28 from django
.contrib
.sites
.models
import Site
29 from django
.conf
import settings
30 from mygpo
.decorators
import requires_token
, manual_gc
, allowed_methods
31 from django
.utils
.translation
import ugettext
as _
35 from mygpo
.constants
import DEFAULT_LOGIN_REDIRECT
37 def login_user(request
):
38 # Do not show login page for already-logged-in users
39 if request
.user
.is_authenticated():
40 return HttpResponseRedirect(DEFAULT_LOGIN_REDIRECT
)
42 if 'user' not in request
.POST
or 'pwd' not in request
.POST
:
43 if request
.GET
.get('restore_password', False):
44 form
= RestorePasswordForm()
48 return render_to_response('login.html', {
49 'url': Site
.objects
.get_current(),
50 'next': request
.GET
.get('next', ''),
51 'restore_password_form': form
,
52 }, context_instance
=RequestContext(request
))
54 username
= request
.POST
['user']
55 password
= request
.POST
['pwd']
56 user
= authenticate(username
=username
, password
=password
)
59 return render_to_response('login.html', {
60 'error_message': _('Wrong username or password.'),
61 'next': request
.POST
.get('next', ''),
62 }, context_instance
=RequestContext(request
))
64 if not user
.is_active
:
66 p
, c
= UserProfile
.objects
.get_or_create(user
=user
)
69 return render_to_response('login.html', {
70 'error_message': _('You have deleted your account, but you can register again')
71 }, context_instance
=RequestContext(request
))
74 return render_to_response('login.html', {
75 'error_message': _('Please activate your account first.'),
76 'activation_needed': True,
77 }, context_instance
=RequestContext(request
))
82 if user
.get_profile().generated_id
:
83 site
= Site
.objects
.get_current()
84 return render_to_response('migrate.html', {
87 }, context_instance
=RequestContext(request
))
89 except UserProfile
.DoesNotExist
:
90 profile
, c
= UserProfile
.objects
.get_or_create(user
=user
)
92 if 'next' in request
.POST
and request
.POST
['next'] and request
.POST
['next'] != '/login/':
93 return HttpResponseRedirect(request
.POST
['next'])
95 return HttpResponseRedirect(DEFAULT_LOGIN_REDIRECT
)
98 def migrate_user(request
):
100 username
= request
.POST
.get('username', user
.username
)
103 username
= user
.username
105 if user
.username
!= username
:
106 current_site
= Site
.objects
.get_current()
107 if User
.objects
.filter(username__exact
=username
).count() > 0:
108 return render_to_response('migrate.html', {
109 'error_message': '%s is already taken' % username
,
111 'username': user
.username
112 }, context_instance
=RequestContext(request
))
114 if slugify(username
) != username
.lower():
115 return render_to_response('migrate.html', {
116 'error_message': '%s is not a valid username. Please use characters, numbers, underscore and dash only.' % username
,
118 'username': user
.username
119 }, context_instance
=RequestContext(request
))
122 user
.username
= username
125 user
.get_profile().generated_id
= 0
126 user
.get_profile().save()
128 return HttpResponseRedirect('/')
130 def get_user(username
, email
):
132 return User
.objects
.get(username
=username
)
134 return User
.objects
.get(email
=email
)
136 raise User
.DoesNotExist('neither username nor email provided')
139 @allowed_methods(['POST'])
140 def restore_password(request
):
141 form
= RestorePasswordForm(request
.POST
)
142 if not form
.is_valid():
143 return HttpResponseRedirect('/login/')
146 user
= get_user(form
.cleaned_data
['username'], form
.cleaned_data
['email'])
148 except User
.DoesNotExist
:
149 error_message
= _('User does not exist.')
150 return render_to_response('password_reset_failed.html', {
151 'error_message': error_message
152 }, context_instance
=RequestContext(request
))
154 site
= Site
.objects
.get_current()
155 pwd
= "".join(random
.sample(string
.letters
+string
.digits
, 8))
156 subject
= _('Reset password for your account on %s') % site
157 message
= _('Here is your new password for your account %(username)s on %(site)s: %(password)s') % {'username': user
.username
, 'site': site
, 'password': pwd
}
158 user
.email_user(subject
, message
, settings
.DEFAULT_FROM_EMAIL
)
159 user
.set_password(pwd
)
161 return render_to_response('password_reset.html', context_instance
=RequestContext(request
))
165 @allowed_methods(['GET', 'POST'])
166 def resend_activation(request
):
169 if request
.method
== 'GET':
170 form
= ResendActivationForm()
171 return render_to_response('registration/resend_activation.html', {
173 }, context_instance
=RequestContext(request
))
175 site
= Site
.objects
.get_current()
176 form
= ResendActivationForm(request
.POST
)
179 if not form
.is_valid():
180 raise ValueError(_('Invalid Username entered'))
183 user
= get_user(form
.cleaned_data
['username'], form
.cleaned_data
['email'])
184 except User
.DoesNotExist
:
185 raise ValueError(_('User does not exist.'))
187 p
, c
= UserProfile
.objects
.get_or_create(user
=user
)
189 raise ValueError(_('You have deleted your account, but you can regster again.'))
192 profile
= RegistrationProfile
.objects
.get(user
=user
)
193 except RegistrationProfile
.DoesNotExist
:
194 profile
= RegistrationProfile
.objects
.create_profile(user
)
196 if profile
.activation_key
== RegistrationProfile
.ACTIVATED
:
197 user
.is_active
= True
199 raise ValueError(_('Your account already has been activated. Go ahead and log in.'))
201 elif profile
.activation_key_expired():
202 raise ValueError(_('Your activation key has expired. Please try another username, or retry with the same one tomorrow.'))
204 except ValueError, e
:
205 return render_to_response('registration/resend_activation.html', {
208 }, context_instance
=RequestContext(request
))
212 profile
.send_activation_email(site
)
214 except AttributeError:
215 #old versions of django-registration send registration mails from RegistrationManager
216 RegistrationProfile
.objects
.send_activation_email(profile
, site
)
218 return render_to_response('registration/resent_activation.html', context_instance
=RequestContext(request
))