Revision 48e9f076 snf-astakos-app/astakos/im/forms.py
| b/snf-astakos-app/astakos/im/forms.py | ||
|---|---|---|
| 36 | 36 |
from django import forms |
| 37 | 37 |
from django.utils.translation import ugettext as _ |
| 38 | 38 |
from django.contrib.auth.forms import UserCreationForm, AuthenticationForm, \ |
| 39 |
PasswordResetForm, PasswordChangeForm |
|
| 39 |
PasswordResetForm, PasswordChangeForm, SetPasswordForm
|
|
| 40 | 40 |
from django.core.mail import send_mail |
| 41 | 41 |
from django.contrib.auth.tokens import default_token_generator |
| 42 | 42 |
from django.template import Context, loader |
| ... | ... | |
| 50 | 50 |
from astakos.im.models import AstakosUser, Invitation, get_latest_terms, EmailChange |
| 51 | 51 |
from astakos.im.settings import INVITATIONS_PER_LEVEL, DEFAULT_FROM_EMAIL, \ |
| 52 | 52 |
BASEURL, SITENAME, RECAPTCHA_PRIVATE_KEY, DEFAULT_CONTACT_EMAIL, \ |
| 53 |
RECAPTCHA_ENABLED, LOGGING_LEVEL, PASSWORD_RESET_EMAIL_SUBJECT |
|
| 53 |
RECAPTCHA_ENABLED, LOGGING_LEVEL, PASSWORD_RESET_EMAIL_SUBJECT, \ |
|
| 54 |
ENFORCE_TOKEN_RENEWAL |
|
| 54 | 55 |
from astakos.im.widgets import DummyWidget, RecaptchaWidget |
| 55 | 56 |
from astakos.im.functions import send_change_email |
| 56 | 57 |
|
| ... | ... | |
| 474 | 475 |
Extends PasswordChangeForm by enabling user |
| 475 | 476 |
to optionally renew also the token. |
| 476 | 477 |
""" |
| 477 |
renew = forms.BooleanField(label='Renew token', required=False) |
|
| 478 |
if not ENFORCE_TOKEN_RENEWAL: |
|
| 479 |
renew = forms.BooleanField(label='Renew token', required=False, |
|
| 480 |
initial=True, |
|
| 481 |
help_text='Unsetting this may result in security risk.') |
|
| 478 | 482 |
|
| 479 | 483 |
def __init__(self, user, *args, **kwargs): |
| 480 | 484 |
super(ExtendedPasswordChangeForm, self).__init__(user, *args, **kwargs) |
| 481 | 485 |
|
| 482 | 486 |
def save(self, commit=True): |
| 483 | 487 |
user = super(ExtendedPasswordChangeForm, self).save(commit=False) |
| 484 |
if self.cleaned_data.get('renew'):
|
|
| 488 |
if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'):
|
|
| 485 | 489 |
user.renew_token() |
| 486 | 490 |
if commit: |
| 487 | 491 |
user.save() |
| 488 | 492 |
return user |
| 493 |
|
|
| 494 |
class ExtendedSetPasswordForm(SetPasswordForm): |
|
| 495 |
""" |
|
| 496 |
Extends SetPasswordForm by enabling user |
|
| 497 |
to optionally renew also the token. |
|
| 498 |
""" |
|
| 499 |
if not ENFORCE_TOKEN_RENEWAL: |
|
| 500 |
renew = forms.BooleanField(label='Renew token', required=False, |
|
| 501 |
initial=True, |
|
| 502 |
help_text='Unsetting this may result in security risk.') |
|
| 503 |
|
|
| 504 |
def __init__(self, user, *args, **kwargs): |
|
| 505 |
super(ExtendedSetPasswordForm, self).__init__(user, *args, **kwargs) |
|
| 506 |
|
|
| 507 |
def save(self, commit=True): |
|
| 508 |
user = super(ExtendedSetPasswordForm, self).save(commit=False) |
|
| 509 |
if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'):
|
|
| 510 |
try: |
|
| 511 |
user = AstakosUser.objects.get(id=user.id) |
|
| 512 |
except AstakosUser.DoesNotExist: |
|
| 513 |
pass |
|
| 514 |
else: |
|
| 515 |
user.renew_token() |
|
| 516 |
if commit: |
|
| 517 |
user.save() |
|
| 518 |
return user |
|
Also available in: Unified diff