0001-misc-send-password-reset-email-even-if-no-account-47.patch
src/authentic2/forms/passwords.py | ||
---|---|---|
22 | 22 |
from django.db.models import Q |
23 | 23 |
from django.forms import Form |
24 | 24 |
from django import forms |
25 |
from django.urls import reverse |
|
25 | 26 |
from django.utils.translation import ugettext_lazy as _ |
26 | 27 | |
27 | 28 |
from .. import models, hooks, app_settings, utils |
... | ... | |
45 | 46 |
user. |
46 | 47 |
""" |
47 | 48 |
email = self.cleaned_data["email"].strip() |
48 |
users = get_user_queryset() |
|
49 |
active_users = users.filter( |
|
50 |
Q(email__iexact=email) | Q(username__iexact=email), |
|
51 |
is_active=True) |
|
49 |
users = get_user_queryset().filter(Q(email__iexact=email) | Q(username__iexact=email)) |
|
50 |
active_users = users.filter(is_active=True) |
|
52 | 51 |
for user in active_users: |
53 | 52 |
# we don't set the password to a random string, as some users should not have |
54 | 53 |
# a password |
... | ... | |
58 | 57 |
user, |
59 | 58 |
set_random_password=set_random_password, |
60 | 59 |
next_url=self.cleaned_data.get('next_url')) |
61 |
if not active_users:
|
|
60 |
if not users.exists():
|
|
62 | 61 |
logger.info(u'password reset request for "%s", no user found', email) |
62 |
ctx = {'registration_url': utils.make_url('registration_register', absolute=True)} |
|
63 |
utils.send_templated_mail(email, ['authentic2/password_reset_no_account'], context=ctx) |
|
63 | 64 |
hooks.call_hooks('event', name='password-reset', email=email, users=active_users) |
64 | 65 | |
65 | 66 |
src/authentic2/templates/authentic2/password_reset_no_account_body.html | ||
---|---|---|
1 |
{% extends "emails/body_base.html" %} |
|
2 |
{% load i18n %} |
|
3 | ||
4 |
{% block content %} |
|
5 |
<p>{% trans "Hi," %}</p> |
|
6 | ||
7 |
<p>{% blocktrans trimmed with hostname=request.get_host %} |
|
8 |
You requested reset of your password on {{ hostname }}, but no account was found associated with this address. |
|
9 |
{% endblocktrans %}</p> |
|
10 | ||
11 |
{% with _("Create an account") as button_label %} |
|
12 |
{% include "emails/button-link.html" with url=registration_url label=button_label %} |
|
13 |
{% endwith %} |
|
14 |
{% endblock %} |
src/authentic2/templates/authentic2/password_reset_no_account_body.txt | ||
---|---|---|
1 |
{% extends "emails/body_base.txt" %} |
|
2 |
{% load i18n %} |
|
3 | ||
4 |
{% block content %}{% trans "Hi," %} |
|
5 |
{% blocktrans trimmed with hostname=request.get_host %} |
|
6 |
You requested reset of your password on {{ hostname }}, but no account was found associated with this address. |
|
7 |
{% endblocktrans %} |
|
8 |
{% trans "You can create an account here:" %} {{ registration_url }}. |
|
9 |
{% endblock %} |
src/authentic2/templates/authentic2/password_reset_no_account_subject.txt | ||
---|---|---|
1 |
{% extends "emails/subject.txt" %} |
|
2 |
{% load i18n %} |
|
3 | ||
4 |
{% block email-subject %}{% blocktrans with hostname=request.get_host %}Password reset on {{ hostname }}{% endblocktrans %}{% endblock %} |
src/authentic2/templates/emails/body_base.html | ||
---|---|---|
1 |
<!DOCTYPE html> |
|
2 |
<html> |
|
3 |
<head> |
|
4 |
<meta charset="utf-8"> |
|
5 |
</head> |
|
6 |
<body> |
|
7 |
<div style="max-width: 60ex;"> |
|
8 |
<div class="content"> |
|
9 |
{% block content %} |
|
10 |
{{ content }} |
|
11 |
{% endblock %} |
|
12 |
</div> |
|
13 |
</div> |
|
14 |
</body> |
|
15 |
</html> |
src/authentic2/templates/emails/body_base.txt | ||
---|---|---|
1 |
{% block content %}{{ content }}{% endblock %} |
src/authentic2/templates/emails/button-link.html | ||
---|---|---|
1 |
<a href="{{url}}">{{label}}</a> |
src/authentic2/templates/emails/subject.txt | ||
---|---|---|
1 |
{% block email-subject %}{% endblock %} |
tests/test_password_reset.py | ||
---|---|---|
103 | 103 |
resp.form.set('email', simple_user.email) |
104 | 104 |
assert len(mailoutbox) == 0 |
105 | 105 |
resp = resp.form.submit() |
106 |
assert len(mailoutbox) == 0
|
|
106 |
assert 'no account was found associated with this address' in mailoutbox[0].body
|
|
107 | 107 | |
108 | 108 | |
109 | 109 |
def test_user_exclude(app, simple_user, mailoutbox, settings): |
... | ... | |
114 | 114 |
resp.form.set('email', simple_user.email) |
115 | 115 |
assert len(mailoutbox) == 0 |
116 | 116 |
resp = resp.form.submit() |
117 |
assert len(mailoutbox) == 0
|
|
117 |
assert 'no account was found associated with this address' in mailoutbox[0].body
|
|
118 | 118 | |
119 | 119 | |
120 | 120 |
def test_old_url_redirect(app): |
... | ... | |
122 | 122 |
assert response.location == '/accounts/password/reset/' |
123 | 123 |
response = response.follow() |
124 | 124 |
assert 'please reset your password again' in response |
125 | ||
126 | ||
127 |
def test_send_password_reset_email_no_account(app, db, mailoutbox): |
|
128 |
url = reverse('password_reset') |
|
129 |
resp = app.get(url, status=200) |
|
130 |
resp.form.set('email', 'test@entrouvert.com') |
|
131 |
resp = resp.form.submit() |
|
132 | ||
133 |
mail = mailoutbox[0] |
|
134 |
assert mail.subject == 'Password reset on testserver' |
|
135 |
for body in (mail.body, mail.alternatives[0][0]): |
|
136 |
assert 'no account was found associated with this address' in body |
|
137 |
assert 'http://testserver/accounts/register/' in body |
|
125 |
- |