0009-add-a-page-for-users-to-input-their-sms-registration.patch

Paul Marillonnet, 13 octobre 2022 14:06

Voir les différences: en ligne côte à côte

Subject: [PATCH 09/10] add a page for users to input their sms registration
 code (#69223)

 src/authentic2/forms/registration.py          |  7 ++-
 .../sms_input_registration_code.html          | 17 ++++++
 src/authentic2/urls.py                        |  5 ++
 src/authentic2/views.py                       | 55 +++++++++++++++++++
 4 files changed, 83 insertions(+), 1 deletion(-)
 create mode 100644 src/authentic2/templates/registration/sms_input_registration_code.html

     from django.contrib.auth.models import BaseUserManager, Group
     from django.core.exceptions import ValidationError
     from django.core.validators import RegexValidator
     from django.forms import Form
     from django.utils.translation import ugettext
     from django.utils.translation import ugettext_lazy as _
     from authentic2.a2_rbac.models import OrganizationalUnit
     from authentic2.forms.fields import CheckPasswordField, NewPasswordField
     from authentic2.forms.fields import CharField, CheckPasswordField, NewPasswordField
     from authentic2.passwords import get_min_password_strength
     from .. import app_settings, models
-...
                     raise ValidationError(_("The two password fields didn't match."))
                 self.instance.set_password(self.cleaned_data['password1'])
             return self.cleaned_data
     class InputRegistrationCodeForm(Form):
         registration_code = CharField()

     {% load i18n gadjo %}
     {% block page-title %}
       {{ view.title }}
     {% endblock %}
     {% block content %}
       <form method="post" action=".">
         <p>{% blocktrans trimmed %}Input your account activation code.{% endblocktrans %}</p>
         {% csrf_token %}
         {{ form }}
         <div class="buttons">
           <button class="submit-button">{% trans 'Submit' %}</button>
           <button class="cancel-button" name="cancel" formnovalidate>{% trans "Cancel" %}</button>
         </div>
       </form>
     {% endblock %}

             TemplateView.as_view(template_name='registration/registration_closed.html'),
             name='registration_disallowed',
         ),
         path(
             'register/input_code/(?P<token>[A-Za-z0-9_ -]+)/',
             views.input_registration_code,
             name='input_registration_code',
         ),
         # Password reset
         re_path(
             r'^password/reset/confirm/(?P<token>[A-Za-z0-9_ -]+)/$',

             return context
     class InputRegistrationCodeView(cbv.ValidateCSRFMixin, FormView):
         template_name = 'registration/sms_input_registration_code.html'
         form_class = registration_forms.InputRegistrationCodeForm
         success_url = '/accounts/'
         title = _('Account activation')
         def dispatch(self, request, *args, **kwargs):
             token = kwargs.get('token')
             try:
                 self.code = models.SMSCode.objects.get(url_token=token)
             except models.SMSCode.DoesNotExist:
                 return HttpResponseBadRequest(_('Invalid account activation request'))
             if not self.code.sent:
                 return HttpResponseBadRequest(_('Invalid account activation code'))
             return super().dispatch(request, *args, **kwargs)
         def post(self, request, *args, **kwargs):
             if 'cancel' in request.POST:
                 self.code.delete()
                 return utils_misc.redirect(request, reverse('auth_homepage'))
             return super().post(request, *args, **kwargs)
         def form_valid(self, form):
             super().form_valid(form)
             registration_code = form.cleaned_data.pop('registration_code')
             if self.code.value != registration_code:
                 # TODO ratelimit on erroneous code inputs(?)
                 # (code expires after 120 seconds)
                 form.add_error('registration_code', _('Wrong registration code.'))
                 return self.form_invalid(form)
             if self.code.expires < timezone.now():
                 form.add_error('registration_code', _('The code has expired.'))
                 return self.form_invalid(form)
             Lock.lock_identifier(self.code.phone)
             content = {
                 # TODO missing ou registration management
                 'authentication_method': 'phone',
                 'phone': self.code.phone,
+            }
             # create token to process final account activation and user-defined attributes
             token = models.Token.create(
                 kind='registration',
                 content=content,
                 duration=120,
+            )
             return utils_misc.redirect(
                 # TODO next_url management throughout account creation process
                 self.request,
                 reverse('registration_activate', kwargs={'registration_token': token.uuid}),
+            )
     input_registration_code = InputRegistrationCodeView.as_view()
     class RegistrationView(cbv.ValidateCSRFMixin, BaseRegistrationView):
         pass
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0009-add-a-page-for-users-to-input-their-sms-registration.patch