mygpo/web/users.py

   1 #
   2 # This file is part of my.gpodder.org.
   3 #
   4 # my.gpodder.org is free software: you can redistribute it and/or modify it
   5 # under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or (at your
   7 # option) any later version.
   8 #
   9 # my.gpodder.org is distributed in the hope that it will be useful, but
  10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
  12 # License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 from django.shortcuts import render_to_response
  19 from django.http import HttpResponseRedirect
  20 from django.contrib.auth import authenticate, login, logout
  21 from django.contrib.auth.models import User
  22 from django.contrib.auth.decorators import login_required
  23 from django.template.defaultfilters import slugify
  24 from registration.forms import RegistrationForm
  25 from registration.views import activate, register
  26 from registration.models import RegistrationProfile
  27 from mygpo.api.models import UserProfile
  28 from mygpo.web.forms import RestorePasswordForm
  29 from django.contrib.sites.models import Site
  30 from django.conf import settings
  31 from django.utils.translation import ugettext as _
  32 import string
  33 import random
  34
  35 def login_user(request):
  36        try:
  37               username = request.POST['user']
  38               password = request.POST['pwd']
  39        except:
  40               current_site = Site.objects.get_current()
  41               next = request.GET.get('next', '')
  42               return render_to_response('login.html', {
  43                     'url': current_site,
  44                     'next': next,
  45                     })
  46
  47        user = authenticate(username=username, password=password)
  48
  49        if not user:
  50               form = RestorePasswordForm()
  51               return render_to_response('login.html', {
  52                      'error_message': _('Unknown user or wrong password'),
  53                      'restore_password_form': form
  54               })
  55
  56        if not user.is_active:
  57               return render_to_response('login.html', {
  58                      'error_message': _('Please activate your user first.'),
  59                      'activation_needed': True
  60               })
  61
  62        login(request, user)
  63        current_site = Site.objects.get_current()
  64
  65        try:
  66             if user.get_profile().generated_id:
  67                 return render_to_response('migrate.html', {
  68                      'url': current_site,
  69                      'username': user
  70                 })
  71        except UserProfile.DoesNotExist:
  72             profile, c = UserProfile.objects.get_or_create(user=user)
  73
  74        if 'next' in request.POST and request.POST['next'] and request.POST['next'] != '/login/':
  75            return HttpResponseRedirect(request.POST['next'])
  76
  77        return HttpResponseRedirect('/')
  78
  79 @login_required
  80 def migrate_user(request):
  81     user = request.user
  82     username = request.POST.get('username', user.username)
  83
  84     if username == '':
  85         username = user.username
  86
  87     if user.username != username:
  88         current_site = Site.objects.get_current()
  89         if User.objects.filter(username__exact=username).count() > 0:
  90             return render_to_response('migrate.html', {'error_message': '%s is already taken' % username, 'url': current_site, 'username': user.username})
  91         if slugify(username) != username.lower():
  92             return render_to_response('migrate.html', {'error_message': '%s is not a valid username. Please use characters, numbers, underscore and dash only.' % username, 'url': current_site, 'username': user.username})
  93         else:
  94             user.username = username
  95             user.save()
  96
  97     user.get_profile().generated_id = 0
  98     user.get_profile().save()
  99
 100     return HttpResponseRedirect('/')
 101
 102 def get_user(username, email):
 103     if username:
 104         return User.objects.get(username=username)
 105     elif email:
 106         return User.objects.get(email=email)
 107     else:
 108         raise User.DoesNotExist('neither username nor email provided')
 109
 110 def restore_password(request):
 111
 112     if request.method != 'POST':
 113         return HttpResponseRedirect('/login/')
 114
 115     form = RestorePasswordForm(request.POST)
 116     if not form.is_valid():
 117         return HttpResponseRedirect('/login/')
 118
 119     try:
 120         user = get_user(form.cleaned_data['username'], form.cleaned_data['email'])
 121
 122     except User.DoesNotExist:
 123         error_message = _('User does not exist.')
 124         return render_to_response('password_reset_failed.html', {
 125             'error_message': error_message
 126         })
 127
 128     site = Site.objects.get_current()
 129     pwd = "".join(random.sample(string.letters+string.digits, 8))
 130     subject = _('Reset password for your account on %s') % site
 131     message = _('Here is your new password for your account on %(site)s: %(password)s') % {'site': site, 'password': pwd}
 132     user.email_user(subject, message, settings.DEFAULT_FROM_EMAIL)
 133     user.set_password(pwd)
 134     user.save()
 135     return render_to_response('password_reset.html')
 136