Revision ee210d1d
b/snf-astakos-app/README | ||
---|---|---|
89 | 89 |
ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activated (%%(user)s)' % SITENAME Account activation helpdesk notification email subject |
90 | 90 |
ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT 'Email change on %s alpha2 testing' % SITENAME Email change subject |
91 | 91 |
ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT 'Password reset on %s alpha2 testing' % SITENAME Password change email subject |
92 |
ASTAKOS_ENFORCE_TOKEN_RENEWAL True Enforce token renewal on password change/reset. If set to False, user can optionally decide
|
|
92 |
ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN True Enforce token renewal on password change/reset. If set to False, user can optionally decide
|
|
93 | 93 |
whether to renew the token or not. |
94 | 94 |
=========================================== ============================================================================= =========================================================================================== |
95 | 95 |
|
b/snf-astakos-app/astakos/im/forms.py | ||
---|---|---|
51 | 51 |
from astakos.im.settings import INVITATIONS_PER_LEVEL, DEFAULT_FROM_EMAIL, \ |
52 | 52 |
BASEURL, SITENAME, RECAPTCHA_PRIVATE_KEY, DEFAULT_CONTACT_EMAIL, \ |
53 | 53 |
RECAPTCHA_ENABLED, LOGGING_LEVEL, PASSWORD_RESET_EMAIL_SUBJECT, \ |
54 |
ENFORCE_TOKEN_RENEWAL
|
|
54 |
NEWPASSWD_INVALIDATE_TOKEN
|
|
55 | 55 |
from astakos.im.widgets import DummyWidget, RecaptchaWidget |
56 | 56 |
from astakos.im.functions import send_change_email |
57 | 57 |
|
... | ... | |
475 | 475 |
Extends PasswordChangeForm by enabling user |
476 | 476 |
to optionally renew also the token. |
477 | 477 |
""" |
478 |
if not ENFORCE_TOKEN_RENEWAL:
|
|
478 |
if not NEWPASSWD_INVALIDATE_TOKEN:
|
|
479 | 479 |
renew = forms.BooleanField(label='Renew token', required=False, |
480 | 480 |
initial=True, |
481 | 481 |
help_text='Unsetting this may result in security risk.') |
... | ... | |
485 | 485 |
|
486 | 486 |
def save(self, commit=True): |
487 | 487 |
user = super(ExtendedPasswordChangeForm, self).save(commit=False) |
488 |
if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'):
|
|
488 |
if NEWPASSWD_INVALIDATE_TOKEN or self.cleaned_data.get('renew'):
|
|
489 | 489 |
user.renew_token() |
490 | 490 |
if commit: |
491 | 491 |
user.save() |
... | ... | |
496 | 496 |
Extends SetPasswordForm by enabling user |
497 | 497 |
to optionally renew also the token. |
498 | 498 |
""" |
499 |
if not ENFORCE_TOKEN_RENEWAL:
|
|
499 |
if not NEWPASSWD_INVALIDATE_TOKEN:
|
|
500 | 500 |
renew = forms.BooleanField(label='Renew token', required=False, |
501 | 501 |
initial=True, |
502 | 502 |
help_text='Unsetting this may result in security risk.') |
... | ... | |
506 | 506 |
|
507 | 507 |
def save(self, commit=True): |
508 | 508 |
user = super(ExtendedSetPasswordForm, self).save(commit=False) |
509 |
if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'):
|
|
509 |
if NEWPASSWD_INVALIDATE_TOKEN or self.cleaned_data.get('renew'):
|
|
510 | 510 |
try: |
511 | 511 |
user = AstakosUser.objects.get(id=user.id) |
512 | 512 |
except AstakosUser.DoesNotExist: |
b/snf-astakos-app/astakos/im/settings.py | ||
---|---|---|
119 | 119 |
'Password reset on %s alpha2 testing' % SITENAME) |
120 | 120 |
|
121 | 121 |
# Enforce token renewal on password change/reset |
122 |
ENFORCE_TOKEN_RENEWAL = getattr(settings, 'ASTAKOS_ENFORCE_TOKEN_RENEWAL', True) |
|
122 |
NEWPASSWD_INVALIDATE_TOKEN = getattr(settings, 'ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN', True) |
b/snf-astakos-app/conf/20-snf-astakos-app-settings.conf | ||
---|---|---|
112 | 112 |
#ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT = 'Password reset on %s alpha2 testing' % SITENAME |
113 | 113 |
|
114 | 114 |
# Enforce token renewal on password change/reset |
115 |
# ENFORCE_TOKEN_RENEWAL = getattr(settings, 'ASTAKOS_ENFORCE_TOKEN_RENEWAL', True)
|
|
115 |
NEWPASSWD_INVALIDATE_TOKEN = getattr(settings, 'ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN', True)
|
Also available in: Unified diff