0001-send-notification-emails-for-unauthorized-password-r.patch
src/authentic2/profile_forms.py | ||
---|---|---|
5 | 5 |
from django.contrib.auth import get_user_model |
6 | 6 | |
7 | 7 |
from .backends import get_user_queryset |
8 |
from .utils import send_password_reset_mail |
|
8 |
from .utils import send_password_reset_mail, send_templated_mail
|
|
9 | 9 |
from . import hooks, app_settings |
10 | 10 | |
11 | 11 | |
... | ... | |
26 | 26 |
email = self.cleaned_data["email"].strip() |
27 | 27 |
users = get_user_queryset() |
28 | 28 |
active_users = users.filter(email__iexact=email, is_active=True) |
29 |
inactive_users = users.filter(email__iexact=email, is_active=False) |
|
29 | 30 |
for user in active_users: |
30 | 31 |
# we don't set the password to a random string, as some users should not have |
31 | 32 |
# a password |
... | ... | |
33 | 34 |
and app_settings.A2_SET_RANDOM_PASSWORD_ON_RESET) |
34 | 35 |
send_password_reset_mail(user, set_random_password=set_random_password, |
35 | 36 |
next_url=self.cleaned_data.get('next_url')) |
36 |
if not active_users: |
|
37 |
for user in inactive_users: |
|
38 |
logger.info(u'password reset failed for user %r: account is disabled.', user) |
|
39 |
send_templated_mail(user_or_email=user, template_names="registration/password_reset_refused") |
|
40 | ||
41 |
if not active_users and not inactive_users: |
|
37 | 42 |
logger.info(u'password reset requests for "%s", no user found') |
38 | 43 |
hooks.call_hooks('event', name='password-reset', email=email, users=active_users) |
src/authentic2/templates/registration/password_reset_refused_body.html | ||
---|---|---|
1 |
{% load i18n %} |
|
2 |
<html> |
|
3 |
<body style="max-width: 90ex"> |
|
4 |
<p> |
|
5 |
{% blocktrans with hostname=request.get_host %} |
|
6 |
You requested reset of your password on {{ hostname }}. Unfortunately, your account has been disabled on this server, thus your request can't succeed. |
|
7 |
{% endblocktrans %} |
|
8 |
</p> |
|
9 |
</body> |
|
10 |
</html> |
src/authentic2/templates/registration/password_reset_refused_body.txt | ||
---|---|---|
1 |
{% load i18n %} |
|
2 |
{% blocktrans with hostname=request.get_host %}You requested reset of your password on {{ hostname }}. Unfortunately, your account has been disabled on this server, thus your request can't succeed.{% endblocktrans %} |
src/authentic2/templates/registration/password_reset_refused_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %} |
|
2 |
{% blocktrans with hostname=request.get_host %}Your account on {{ hostname }} is disabled{% endblocktrans %} |
|
3 |
{% endautoescape %} |
tests/conftest.py | ||
---|---|---|
63 | 63 | |
64 | 64 | |
65 | 65 |
@pytest.fixture |
66 |
def inactive_user(db, ou1): |
|
67 |
return create_user(username='user', first_name=u'Jôhn', last_name=u'Smïth', |
|
68 |
email='yetanotheruser@example.net', ou=get_default_ou(), |
|
69 |
is_active=False) |
|
70 | ||
71 | ||
72 |
@pytest.fixture |
|
66 | 73 |
def superuser(db): |
67 | 74 |
return create_user(username='superuser', |
68 | 75 |
first_name='super', last_name='user', |
tests/test_password_reset.py | ||
---|---|---|
23 | 23 |
assert str(app.session['_auth_user_id']) == str(simple_user.pk) |
24 | 24 | |
25 | 25 | |
26 |
def test_send_password_reset_refused_email(app, inactive_user, mailoutbox): |
|
27 |
from authentic2.profile_forms import PasswordResetForm |
|
28 | ||
29 |
inactive_user.is_active = False |
|
30 |
form = PasswordResetForm() |
|
31 |
form.cleaned_data = {'email': inactive_user.email} |
|
32 | ||
33 |
assert len(mailoutbox) == 0 |
|
34 |
form.save() |
|
35 |
assert len(mailoutbox) == 1 |
|
36 |
assert 'disabled' in mailoutbox[0].subject |
|
37 |
assert 'your account has been disabled' in mailoutbox[0].body |
|
38 | ||
39 | ||
26 | 40 |
def test_view(app, simple_user, mailoutbox): |
27 | 41 |
url = reverse('password_reset') + '?next=/moncul/' |
28 | 42 |
resp = app.get(url, status=200) |
29 |
- |