mygpo/web/users.py

   1 #
   2 # This file is part of my.gpodder.org.
   3 #
   4 # my.gpodder.org is free software: you can redistribute it and/or modify it
   5 # under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or (at your
   7 # option) any later version.
   8 #
   9 # my.gpodder.org is distributed in the hope that it will be useful, but
  10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
  12 # License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 from django.shortcuts import render_to_response
  19 from django.http import HttpResponseRedirect
  20 from django.contrib.auth import authenticate, login, logout
  21 from django.contrib.auth.models import User
  22 from django.contrib.auth.decorators import login_required
  23 from django.template.defaultfilters import slugify
  24 from registration.forms import RegistrationForm
  25 from registration.views import activate, register
  26 from registration.models import RegistrationProfile
  27 from mygpo.api.models import UserProfile
  28 from mygpo.web.forms import RestorePasswordForm
  29 from django.contrib.sites.models import Site
  30 from django.conf import settings
  31 from django.utils.translation import ugettext as _
  32 import string
  33 import random
  34
  35 def login_user(request):
  36        try:
  37               username = request.POST['user']
  38               password = request.POST['pwd']
  39        except:
  40               current_site = Site.objects.get_current()
  41               return render_to_response('login.html', {'url': current_site})
  42
  43        user = authenticate(username=username, password=password)
  44        if user is not None:
  45               login(request, user)
  46               current_site = Site.objects.get_current()
  47
  48               try:
  49                   if user.get_profile().generated_id:
  50                       return render_to_response('migrate.html', {
  51                            'url': current_site,
  52                            'username': user
  53                       })
  54               except UserProfile.DoesNotExist:
  55                   UserProfile.objects.create(user=user)
  56                   return HttpResponseRedirect('/')
  57
  58               else:
  59                   return HttpResponseRedirect('/')
  60
  61        else:
  62               form = RestorePasswordForm()
  63               return render_to_response('login.html', {
  64                      'error_message': 'Unknown user or wrong password',
  65                      'restore_password_form': form
  66               })
  67
  68 @login_required
  69 def migrate_user(request):
  70     user = request.user
  71     username = request.POST.get('username', user.username)
  72
  73     if username == '':
  74         username = user.username
  75
  76     if user.username != username:
  77         current_site = Site.objects.get_current()
  78         if User.objects.filter(username__exact=username).count() > 0:
  79             return render_to_response('migrate.html', {'error_message': '%s is already taken' % username, 'url': current_site, 'username': user.username})
  80         if slugify(username) != username:
  81             return render_to_response('migrate.html', {'error_message': '%s is not a valid username. Please use characters, numbers, underscore and dash only.' % username, 'url': current_site, 'username': user.username})
  82         else:
  83             user.username = username
  84             user.save()
  85
  86     user.get_profile().generated_id = 0
  87     user.get_profile().save()
  88
  89     return HttpResponseRedirect('/')
  90
  91 def restore_password(request):
  92
  93     if request.method != 'POST':
  94         return HttpResponseRedirect('/login/')
  95
  96     form = RestorePasswordForm(request.POST)
  97     if not form.is_valid():
  98         return HttpResponseRedirect('/login/')
  99
 100     try:
 101         if form.cleaned_data['username']:
 102             username = form.cleaned_data['username']
 103             user = User.objects.get(username=username)
 104
 105         elif form.cleaned_data['email']:
 106             email = form.cleaned_data['email']
 107             user = User.objects.get(email=email)
 108         else:
 109             raise ValueError('Please provide either email address or username')
 110
 111     except User.DoesNotExist:
 112         error_message = _('User does not exist.')
 113         return render_to_response('password_reset_failed.html', {
 114             'error_message': error_message
 115         })
 116
 117     except ValueError, e:
 118         return render_to_response('password_reset_failed.html', {
 119             'error_message': e
 120         })
 121
 122     site = Site.objects.get_current()
 123     pwd = "".join(random.sample(string.letters+string.digits, 8))
 124     subject = _('Reset password for your account on %s') % site
 125     message = _('Here is your new password for your account on %s: %s') % (site, pwd)
 126     user.email_user(subject, message, settings.DEFAULT_FROM_EMAIL)
 127     return render_to_response('password_reset.html')
 128