0001-views-better-display-password-reset-instructions-380.patch
src/authentic2/templates/registration/password_reset_instructions.html | ||
---|---|---|
1 |
{% extends "authentic2/base-page.html" %} |
|
2 |
{% load i18n gadjo %} |
|
3 | ||
4 |
{% block page-title %} |
|
5 |
{% trans "Password reset instructions" %} |
|
6 |
{% endblock %} |
|
7 | ||
8 |
{% block content %} |
|
9 |
<p><strong> |
|
10 |
{% blocktrans with email=request.session.reset_email %} |
|
11 |
If your email address exists in ou database, an email has been sent to {{ email }}. |
|
12 |
{% endblocktrans %} |
|
13 |
</strong></p> |
|
14 |
<p><strong> |
|
15 |
{% blocktrans %} |
|
16 |
Follow the instructions in this email in order to choose a new password. |
|
17 |
{% endblocktrans %} |
|
18 |
</strong></p> |
|
19 |
<p> |
|
20 |
{% blocktrans %} |
|
21 |
Note that it can take several minutes to be delivered. Please check your spam folder if you haven't received it by then. |
|
22 |
{% endblocktrans %} |
|
23 |
</p> |
|
24 |
<p> |
|
25 |
{% blocktrans %} |
|
26 |
If you still have not received the instructions, add "{{from_email_address}}" |
|
27 |
to your address book or authorized sender list, and then repeat the |
|
28 |
registration process. |
|
29 |
{% endblocktrans %} |
|
30 |
</p> |
|
31 |
<a type=button href="/login/">{% trans "Back to login" %}</a> |
|
32 |
{% endblock %} |
src/authentic2/urls.py | ||
---|---|---|
81 | 81 |
url(r'^password/reset/$', |
82 | 82 |
views.password_reset, |
83 | 83 |
name='password_reset'), |
84 |
url(r'^password/reset/instructions/$', |
|
85 |
views.password_reset_instructions, |
|
86 |
name='password_reset_instructions'), |
|
84 | 87 | |
85 | 88 |
# Legacy, only there to provide old view names to resolver |
86 | 89 |
url(r'^password/change/$', |
src/authentic2/views.py | ||
---|---|---|
626 | 626 |
return HttpResponseRedirect(request.get_full_path()) |
627 | 627 | |
628 | 628 | |
629 |
class PasswordResetView(cbv.NextURLViewMixin, FormView):
|
|
629 |
class PasswordResetView(FormView): |
|
630 | 630 |
'''Ask for an email and send a password reset link by mail''' |
631 | 631 |
form_class = passwords_forms.PasswordResetForm |
632 | 632 |
title = _('Password Reset') |
633 |
next_url_default = '/' |
|
633 | ||
634 |
def get_success_url(self): |
|
635 |
return reverse('password_reset_instructions') |
|
634 | 636 | |
635 | 637 |
def get_template_names(self): |
636 | 638 |
return [ |
... | ... | |
649 | 651 |
if app_settings.A2_USER_CAN_RESET_PASSWORD is False: |
650 | 652 |
raise Http404('Password reset is not allowed.') |
651 | 653 |
ctx['title'] = _('Password reset') |
654 |
ctx['from_email_address'] = parseaddr(settings.DEFAULT_FROM_EMAIL)[1] |
|
652 | 655 |
return ctx |
653 | 656 | |
654 | 657 |
def form_valid(self, form): |
655 | 658 |
form.save() |
656 |
# return to next URL |
|
657 |
messages.info(self.request, _('If your email address exists in our ' |
|
658 |
'database, you will receive an email ' |
|
659 |
'containing instructions to reset ' |
|
660 |
'your password')) |
|
659 |
self.request.session['reset_email'] = form.cleaned_data['email'] |
|
661 | 660 |
return super(PasswordResetView, self).form_valid(form) |
662 | 661 | |
663 | 662 |
password_reset = PasswordResetView.as_view() |
664 | 663 | |
665 | 664 | |
665 |
class PasswordResetInstructionsView(TemplateView): |
|
666 |
template_name = 'registration/password_reset_instructions.html' |
|
667 | ||
668 | ||
669 |
password_reset_instructions = PasswordResetInstructionsView.as_view() |
|
670 | ||
671 | ||
666 | 672 |
class PasswordResetConfirmView(cbv.RedirectToNextURLViewMixin, FormView): |
667 | 673 |
'''Validate password reset link, show a set password form and login |
668 | 674 |
the user. |
tests/test_password_reset.py | ||
---|---|---|
40 | 40 | |
41 | 41 | |
42 | 42 |
def test_view(app, simple_user, mailoutbox): |
43 |
url = reverse('password_reset') + '?next=/moncul/'
|
|
43 |
url = reverse('password_reset') |
|
44 | 44 |
resp = app.get(url, status=200) |
45 | 45 |
resp.form.set('email', simple_user.email) |
46 | 46 |
assert len(mailoutbox) == 0 |
47 | 47 |
resp = resp.form.submit() |
48 |
assert resp['Location'].endswith('/moncul/')
|
|
48 |
assert resp['Location'].endswith('/instructions/')
|
|
49 | 49 |
assert len(mailoutbox) == 1 |
50 | 50 |
url = utils.get_link_from_mail(mailoutbox[0]) |
51 | 51 |
relative_url = url.split('testserver')[1] |
... | ... | |
55 | 55 |
resp = resp.form.submit() |
56 | 56 |
# verify user is logged |
57 | 57 |
assert str(app.session['_auth_user_id']) == str(simple_user.pk) |
58 |
# verify next_url was kept |
|
59 |
assert resp['Location'].endswith('/moncul/') |
|
60 | 58 | |
61 | 59 |
with override_settings(A2_USER_CAN_RESET_PASSWORD=False): |
62 |
url = reverse('password_reset') + '?next=/moncul/'
|
|
60 |
url = reverse('password_reset') |
|
63 | 61 |
app.get(url, status=404) |
64 | 62 | |
65 | 63 |
def test_user_filter(app, simple_user, mailoutbox, settings): |
66 | 64 |
settings.A2_USER_FILTER = {'username': 'xxx'} # will not match simple_user |
67 | 65 | |
68 |
url = reverse('password_reset') + '?next=/moncul/'
|
|
66 |
url = reverse('password_reset') |
|
69 | 67 |
resp = app.get(url, status=200) |
70 | 68 |
resp.form.set('email', simple_user.email) |
71 | 69 |
assert len(mailoutbox) == 0 |
72 | 70 |
resp = resp.form.submit() |
73 |
assert resp['Location'].endswith('/moncul/') |
|
74 | 71 |
assert len(mailoutbox) == 0 |
75 | 72 | |
76 | 73 | |
77 | 74 |
def test_user_exclude(app, simple_user, mailoutbox, settings): |
78 | 75 |
settings.A2_USER_EXCLUDE = {'username': simple_user.username} # will not match simple_user |
79 | 76 | |
80 |
url = reverse('password_reset') + '?next=/moncul/'
|
|
77 |
url = reverse('password_reset') |
|
81 | 78 |
resp = app.get(url, status=200) |
82 | 79 |
resp.form.set('email', simple_user.email) |
83 | 80 |
assert len(mailoutbox) == 0 |
84 | 81 |
resp = resp.form.submit() |
85 |
assert resp['Location'].endswith('/moncul/') |
|
86 | 82 |
assert len(mailoutbox) == 0 |
87 |
- |