Revision 48e9f076 snf-astakos-app/astakos/im/forms.py
b/snf-astakos-app/astakos/im/forms.py | ||
---|---|---|
36 | 36 |
from django import forms |
37 | 37 |
from django.utils.translation import ugettext as _ |
38 | 38 |
from django.contrib.auth.forms import UserCreationForm, AuthenticationForm, \ |
39 |
PasswordResetForm, PasswordChangeForm |
|
39 |
PasswordResetForm, PasswordChangeForm, SetPasswordForm
|
|
40 | 40 |
from django.core.mail import send_mail |
41 | 41 |
from django.contrib.auth.tokens import default_token_generator |
42 | 42 |
from django.template import Context, loader |
... | ... | |
50 | 50 |
from astakos.im.models import AstakosUser, Invitation, get_latest_terms, EmailChange |
51 | 51 |
from astakos.im.settings import INVITATIONS_PER_LEVEL, DEFAULT_FROM_EMAIL, \ |
52 | 52 |
BASEURL, SITENAME, RECAPTCHA_PRIVATE_KEY, DEFAULT_CONTACT_EMAIL, \ |
53 |
RECAPTCHA_ENABLED, LOGGING_LEVEL, PASSWORD_RESET_EMAIL_SUBJECT |
|
53 |
RECAPTCHA_ENABLED, LOGGING_LEVEL, PASSWORD_RESET_EMAIL_SUBJECT, \ |
|
54 |
ENFORCE_TOKEN_RENEWAL |
|
54 | 55 |
from astakos.im.widgets import DummyWidget, RecaptchaWidget |
55 | 56 |
from astakos.im.functions import send_change_email |
56 | 57 |
|
... | ... | |
474 | 475 |
Extends PasswordChangeForm by enabling user |
475 | 476 |
to optionally renew also the token. |
476 | 477 |
""" |
477 |
renew = forms.BooleanField(label='Renew token', required=False) |
|
478 |
if not ENFORCE_TOKEN_RENEWAL: |
|
479 |
renew = forms.BooleanField(label='Renew token', required=False, |
|
480 |
initial=True, |
|
481 |
help_text='Unsetting this may result in security risk.') |
|
478 | 482 |
|
479 | 483 |
def __init__(self, user, *args, **kwargs): |
480 | 484 |
super(ExtendedPasswordChangeForm, self).__init__(user, *args, **kwargs) |
481 | 485 |
|
482 | 486 |
def save(self, commit=True): |
483 | 487 |
user = super(ExtendedPasswordChangeForm, self).save(commit=False) |
484 |
if self.cleaned_data.get('renew'): |
|
488 |
if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'):
|
|
485 | 489 |
user.renew_token() |
486 | 490 |
if commit: |
487 | 491 |
user.save() |
488 | 492 |
return user |
493 |
|
|
494 |
class ExtendedSetPasswordForm(SetPasswordForm): |
|
495 |
""" |
|
496 |
Extends SetPasswordForm by enabling user |
|
497 |
to optionally renew also the token. |
|
498 |
""" |
|
499 |
if not ENFORCE_TOKEN_RENEWAL: |
|
500 |
renew = forms.BooleanField(label='Renew token', required=False, |
|
501 |
initial=True, |
|
502 |
help_text='Unsetting this may result in security risk.') |
|
503 |
|
|
504 |
def __init__(self, user, *args, **kwargs): |
|
505 |
super(ExtendedSetPasswordForm, self).__init__(user, *args, **kwargs) |
|
506 |
|
|
507 |
def save(self, commit=True): |
|
508 |
user = super(ExtendedSetPasswordForm, self).save(commit=False) |
|
509 |
if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'): |
|
510 |
try: |
|
511 |
user = AstakosUser.objects.get(id=user.id) |
|
512 |
except AstakosUser.DoesNotExist: |
|
513 |
pass |
|
514 |
else: |
|
515 |
user.renew_token() |
|
516 |
if commit: |
|
517 |
user.save() |
|
518 |
return user |
Also available in: Unified diff