Revision ee210d1d

b/snf-astakos-app/README
89 89 
ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activated (%%(user)s)' % SITENAME                    Account activation helpdesk notification email subject
90 90 
ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT          'Email change on %s alpha2 testing' % SITENAME                                  Email change subject
91 91 
ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT        'Password reset on %s alpha2 testing' % SITENAME                                Password change email subject
92 
ASTAKOS_ENFORCE_TOKEN_RENEWAL               True                                                                            Enforce token renewal on password change/reset. If set to False, user can optionally decide
92 
ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN          True                                                                            Enforce token renewal on password change/reset. If set to False, user can optionally decide
93 93 
                                                                                                                            whether to renew the token or not.
94 94 
=========================================== =============================================================================   ===========================================================================================
95 95 

  		












  

    
      b/snf-astakos-app/astakos/im/forms.py
    
  






  51
  51
  
    
from astakos.im.settings import INVITATIONS_PER_LEVEL, DEFAULT_FROM_EMAIL, \


  		





  52
  52
  
    
    BASEURL, SITENAME, RECAPTCHA_PRIVATE_KEY, DEFAULT_CONTACT_EMAIL, \


  		





  53
  53
  
    
    RECAPTCHA_ENABLED, LOGGING_LEVEL, PASSWORD_RESET_EMAIL_SUBJECT, \


  		





  54
  
  
    
    ENFORCE_TOKEN_RENEWAL


  		





  
  54
  
    
    NEWPASSWD_INVALIDATE_TOKEN


  		





  55
  55
  
    
from astakos.im.widgets import DummyWidget, RecaptchaWidget


  		





  56
  56
  
    
from astakos.im.functions import send_change_email


  		





  57
  57
  
    

  		





  ......




  475
  475
  
    
    Extends PasswordChangeForm by enabling user


  		





  476
  476
  
    
    to optionally renew also the token.


  		





  477
  477
  
    
    """


  		





  478
  
  
    
    if not ENFORCE_TOKEN_RENEWAL:


  		





  
  478
  
    
    if not NEWPASSWD_INVALIDATE_TOKEN:


  		





  479
  479
  
    
        renew = forms.BooleanField(label='Renew token', required=False,


  		





  480
  480
  
    
                                   initial=True,


  		





  481
  481
  
    
                                   help_text='Unsetting this may result in security risk.')


  		





  ......




  485
  485
  
    

  		





  486
  486
  
    
    def save(self, commit=True):


  		





  487
  487
  
    
        user = super(ExtendedPasswordChangeForm, self).save(commit=False)


  		





  488
  
  
    
        if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'):


  		





  
  488
  
    
        if NEWPASSWD_INVALIDATE_TOKEN or self.cleaned_data.get('renew'):


  		





  489
  489
  
    
            user.renew_token()


  		





  490
  490
  
    
        if commit:


  		





  491
  491
  
    
            user.save()


  		





  ......




  496
  496
  
    
    Extends SetPasswordForm by enabling user


  		





  497
  497
  
    
    to optionally renew also the token.


  		





  498
  498
  
    
    """


  		





  499
  
  
    
    if not ENFORCE_TOKEN_RENEWAL:


  		





  
  499
  
    
    if not NEWPASSWD_INVALIDATE_TOKEN:


  		





  500
  500
  
    
        renew = forms.BooleanField(label='Renew token', required=False,


  		





  501
  501
  
    
                                   initial=True,


  		





  502
  502
  
    
                                   help_text='Unsetting this may result in security risk.')


  		





  ......




  506
  506
  
    
    


  		





  507
  507
  
    
    def save(self, commit=True):


  		





  508
  508
  
    
        user = super(ExtendedSetPasswordForm, self).save(commit=False)


  		





  509
  
  
    
        if ENFORCE_TOKEN_RENEWAL or self.cleaned_data.get('renew'):


  		





  
  509
  
    
        if NEWPASSWD_INVALIDATE_TOKEN or self.cleaned_data.get('renew'):


  		





  510
  510
  
    
            try:


  		





  511
  511
  
    
                user = AstakosUser.objects.get(id=user.id)


  		





  512
  512
  
    
            except AstakosUser.DoesNotExist:


  		












  

    
      b/snf-astakos-app/astakos/im/settings.py
    
  






  119
  119
  
    
        'Password reset on %s alpha2 testing' % SITENAME)


  		





  120
  120
  
    

  		





  121
  121
  
    
# Enforce token renewal on password change/reset


  		





  122
  
  
    
ENFORCE_TOKEN_RENEWAL = getattr(settings, 'ASTAKOS_ENFORCE_TOKEN_RENEWAL', True)


  		





  
  122
  
    
NEWPASSWD_INVALIDATE_TOKEN = getattr(settings, 'ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN', True)


  		












  

    
      b/snf-astakos-app/conf/20-snf-astakos-app-settings.conf
    
  






  112
  112
  
    
#ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT = 'Password reset on %s alpha2 testing' % SITENAME


  		





  113
  113
  
    

  		





  114
  114
  
    
# Enforce token renewal on password change/reset


  		





  115
  
  
    
# ENFORCE_TOKEN_RENEWAL = getattr(settings, 'ASTAKOS_ENFORCE_TOKEN_RENEWAL', True)


  		





  
  115
  
    
NEWPASSWD_INVALIDATE_TOKEN = getattr(settings, 'ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN', True)


  		












Also available in:
  Unified diff