search:
summary | log | graphiclog1 | graphiclog2 | refs | edit | fork

e7a40a1000d1409f2b1144d8836c46457e8b7027
[mygpo.git] / mygpo / web / views / users.py
blobe7a40a1000d1409f2b1144d8836c46457e8b7027
1 #
2 # This file is part of my.gpodder.org.
3 #
4 # my.gpodder.org is free software: you can redistribute it and/or modify it
5 # under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or (at your
7 # option) any later version.
8 #
9 # my.gpodder.org is distributed in the hope that it will be useful, but
10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
12 # License for more details.
13 #
14 # You should have received a copy of the GNU Affero General Public License
15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
16 #
17
18 from django.shortcuts import render_to_response
19 from django.http import HttpResponseRedirect
20 from django.contrib.auth import authenticate, login, logout
21 from django.contrib.auth.models import User
22 from django.contrib.auth.decorators import login_required
23 from django.template.defaultfilters import slugify
24 from django.template import RequestContext
25 from registration.views import activate, register
26 from mygpo.api.models import UserProfile
27 from mygpo.web.forms import RestorePasswordForm
28 from django.contrib.sites.models import Site
29 from django.conf import settings
30 from mygpo.decorators import requires_token, manual_gc
31 from django.utils.translation import ugettext as _
32 import string
33 import random
34
35 from mygpo.constants import DEFAULT_LOGIN_REDIRECT
36
37 def login_user(request):
38 # Do not show login page for already-logged-in users
39 if request.user.is_authenticated():
40 return HttpResponseRedirect(DEFAULT_LOGIN_REDIRECT)
41
42 if 'user' not in request.POST or 'pwd' not in request.POST:
43 if request.GET.get('restore_password', False):
44 form = RestorePasswordForm()
45 else:
46 form = None
47
48 return render_to_response('login.html', {
49 'url': Site.objects.get_current(),
50 'next': request.GET.get('next', ''),
51 'restore_password_form': form,
52 }, context_instance=RequestContext(request))
53
54 username = request.POST['user']
55 password = request.POST['pwd']
56 user = authenticate(username=username, password=password)
57
58 if user is None:
59 return render_to_response('login.html', {
60 'error_message': _('Wrong username or password.'),
61 'next': request.POST.get('next', ''),
62 }, context_instance=RequestContext(request))
63
64 if not user.is_active:
65
66 p, c = UserProfile.objects.get_or_create(user=user)
67
68 if p.deleted:
69 return render_to_response('login.html', {
70 'error_message': _('You have deleted your account, but you can register again')
71 }, context_instance=RequestContext(request))
72
73 else:
74 return render_to_response('login.html', {
75 'error_message': _('Please activate your account first.'),
76 'activation_needed': True,
77 }, context_instance=RequestContext(request))
78
79 login(request, user)
80
81 try:
82 if user.get_profile().generated_id:
83 site = Site.objects.get_current()
84 return render_to_response('migrate.html', {
85 'url': site,
86 'username': user
87 }, context_instance=RequestContext(request))
88
89 except UserProfile.DoesNotExist:
90 profile, c = UserProfile.objects.get_or_create(user=user)
91
92 if 'next' in request.POST and request.POST['next'] and request.POST['next'] != '/login/':
93 return HttpResponseRedirect(request.POST['next'])
94
95 return HttpResponseRedirect(DEFAULT_LOGIN_REDIRECT)
96
97 @login_required
98 def migrate_user(request):
99 user = request.user
100 username = request.POST.get('username', user.username)
101
102 if username == '':
103 username = user.username
104
105 if user.username != username:
106 current_site = Site.objects.get_current()
107 if User.objects.filter(username__exact=username).count() > 0:
108 return render_to_response('migrate.html', {
109 'error_message': '%s is already taken' % username,
110 'url': current_site,
111 'username': user.username
112 }, context_instance=RequestContext(request))
113
114 if slugify(username) != username.lower():
115 return render_to_response('migrate.html', {
116 'error_message': '%s is not a valid username. Please use characters, numbers, underscore and dash only.' % username,
117 'url': current_site,
118 'username': user.username
119 }, context_instance=RequestContext(request))
120
121 else:
122 user.username = username
123 user.save()
124
125 user.get_profile().generated_id = 0
126 user.get_profile().save()
127
128 return HttpResponseRedirect('/')
129
130 def get_user(username, email):
131 if username:
132 return User.objects.get(username=username)
133 elif email:
134 return User.objects.get(email=email)
135 else:
136 raise User.DoesNotExist('neither username nor email provided')
137
138 def restore_password(request):
139
140 if request.method != 'POST':
141 return HttpResponseRedirect('/login/')
142
143 form = RestorePasswordForm(request.POST)
144 if not form.is_valid():
145 return HttpResponseRedirect('/login/')
146
147 try:
148 user = get_user(form.cleaned_data['username'], form.cleaned_data['email'])
149
150 except User.DoesNotExist:
151 error_message = _('User does not exist.')
152 return render_to_response('password_reset_failed.html', {
153 'error_message': error_message
154 }, context_instance=RequestContext(request))
155
156 site = Site.objects.get_current()
157 pwd = "".join(random.sample(string.letters+string.digits, 8))
158 subject = _('Reset password for your account on %s') % site
159 message = _('Here is your new password for your account %(username)s on %(site)s: %(password)s') % {'username': user.username, 'site': site, 'password': pwd}
160 user.email_user(subject, message, settings.DEFAULT_FROM_EMAIL)
161 user.set_password(pwd)
162 user.save()
163 return render_to_response('password_reset.html', context_instance=RequestContext(request))
164
165
166 @manual_gc
167 def resend_activation(request):
168 error_message = ''
169
170 if request.method == 'GET':
171 form = ResendActivationForm()
172 return render_to_response('registration/resend_activation.html', {
173 'form': form,
174 }, context_instance=RequestContext(request))
175
176 site = Site.objects.get_current()
177 form = ResendActivationForm(request.POST)
178
179 try:
180 if not form.is_valid():
181 raise ValueError(_('Invalid Username entered'))
182
183 try:
184 user = get_user(form.cleaned_data['username'], form.cleaned_data['email'])
185 except User.DoesNotExist:
186 raise ValueError(_('User does not exist.'))
187
188 p, c = UserProfile.objects.get_or_create(user=user)
189 if p.deleted:
190 raise ValueError(_('You have deleted your account, but you can regster again.'))
191
192 try:
193 profile = RegistrationProfile.objects.get(user=user)
194 except RegistrationProfile.DoesNotExist:
195 profile = RegistrationProfile.objects.create_profile(user)
196
197 if profile.activation_key == RegistrationProfile.ACTIVATED:
198 user.is_active = True
199 user.save()
200 raise ValueError(_('Your account already has been activated. Go ahead and log in.'))
201
202 elif profile.activation_key_expired():
203 raise ValueError(_('Your activation key has expired. Please try another username, or retry with the same one tomorrow.'))
204
205 except ValueError, e:
206 return render_to_response('registration/resend_activation.html', {
207 'form': form,
208 'error_message' : e
209 }, context_instance=RequestContext(request))
210
211
212 try:
213 profile.send_activation_email(site)
214
215 except AttributeError:
216 #old versions of django-registration send registration mails from RegistrationManager
217 RegistrationProfile.objects.send_activation_email(profile, site)
218
219 return render_to_response('registration/resent_activation.html', context_instance=RequestContext(request))
220
gpodder.net is a webservice that connects podcast players