Verified Commit 3822586a authored by erdnaxe's avatar erdnaxe 🎇

Fix user password reset

parent caa99afe
Pipeline #1100 passed with stage
in 3 minutes and 4 seconds
......@@ -232,6 +232,13 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
blank=True,
null=True
)
is_active = models.BooleanField(
_('active'),
default=True,
help_text=_(
'This is updated depending on the state of the user.'
),
)
USERNAME_FIELD = 'pseudo'
REQUIRED_FIELDS = ['surname', 'email']
......@@ -313,11 +320,6 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
# TODO : change to isinstance (cleaner)
return hasattr(self, 'adherent')
@property
def is_active(self):
""" Renvoie si l'user est à l'état actif"""
return self.state == self.STATE_ACTIVE or self.state == self.STATE_NOT_YET_ACTIVE
def set_active(self):
"""Enable this user if he subscribed successfully one time before
Reenable it if it was archived
......@@ -713,36 +715,6 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
)
return
def reset_passwd_mail(self, request):
""" Prend en argument un request, envoie un mail de
réinitialisation de mot de pass """
req = Request()
req.type = Request.PASSWD
req.user = self
req.save()
template = loader.get_template('users/email_passwd_request')
context = {
'name': req.user.get_full_name(),
'asso': AssoOption.get_cached_value('name'),
'asso_mail': AssoOption.get_cached_value('contact'),
'site_name': GeneralOption.get_cached_value('site_name'),
'url': request.build_absolute_uri(
reverse('users:process', kwargs={'token': req.token})
),
'expire_in': str(
GeneralOption.get_cached_value('req_expire_hrs')
) + ' hours',
}
send_mail(
'Changement de mot de passe du %(name)s / Password renewal for '
'%(name)s' % {'name': AssoOption.get_cached_value('name')},
template.render(context),
GeneralOption.get_cached_value('email_from'),
[req.user.email],
fail_silently=False
)
return
def autoregister_machine(self, mac_address, nas_type):
""" Fonction appellée par freeradius. Enregistre la mac pour
une machine inconnue sur le compte de l'user"""
......@@ -1085,6 +1057,11 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
" address has been set.")
)
def save(self, *args, **kwargs):
self.is_active = (self.state == self.STATE_ACTIVE
or self.state == self.STATE_NOT_YET_ACTIVE)
super().save(*args, **kwargs)
def __str__(self):
return self.pseudo
......
Bonjour {{ name }},
Vous trouverez ci-dessous une url permetant d'initialiser ou de reinitialiser votre
compte {{ site_name }}. Celui-ci vous permet de gérer l'ensemble de vos équipements
connectés, votre compte, vos factures, et tous les services proposés sur le réseau.
{{ url }}
Contactez les administrateurs si vous n'êtes pas à l'origine de cette requête.
Ce lien expirera dans {{ expire_in }}.
Cordialement,
L'équipe de {{ asso }} (contact : {{ asso_mail }}).
----------------------
Hi {{ name }},
You will find a link allowing you to change the password of your account on {{ site_name }}.
On this website you will then be able to manage your devices on the {{ asso }}.
{{ url }}
This link will expire in {{ expire_in }}.
Send an email at {{ asso_mail }} if you didn't request this or if you have
any other question.
Thanks
The team of {{ asso }} (contact : {{ asso_mail }}).
......@@ -61,8 +61,6 @@ urlpatterns = [
views.index_serviceusers,
name='index-serviceusers'),
url(r'^mon_profil/$', views.mon_profil, name='mon-profil'),
url(r'^process/(?P<token>[a-z0-9]{32})/$', views.process, name='process'),
url(r'^reset_password/$', views.reset_password, name='reset-password'),
url(r'^mass_archive/$', views.mass_archive, name='mass-archive'),
url(r'^$', views.index, name='index'),
url(r'^index_clubs/$', views.index_clubs, name='index-clubs'),
......
......@@ -696,63 +696,6 @@ def profil(request, users, **_kwargs):
)
def reset_password(request):
""" Reintialisation du mot de passe si mdp oublié """
userform = ResetPasswordForm(request.POST or None)
if userform.is_valid():
try:
user = User.objects.get(
pseudo=userform.cleaned_data['pseudo'],
email=userform.cleaned_data['email'],
state__in=[User.STATE_ACTIVE, User.STATE_NOT_YET_ACTIVE],
)
except User.DoesNotExist:
messages.error(request, _("The user doesn't exist."))
return form(
{'userform': userform, 'action_name': _("Reset")},
'users/user.html',
request
)
user.reset_passwd_mail(request)
messages.success(request, _("An email to reset the password was sent."))
redirect(reverse('index'))
return form(
{'userform': userform, 'action_name': _("Reset")},
'users/user.html',
request
)
def process(request, token):
"""Process, lien pour la reinitialisation du mot de passe"""
valid_reqs = Request.objects.filter(expires_at__gt=timezone.now())
req = get_object_or_404(valid_reqs, token=token)
if req.type == Request.PASSWD:
return process_passwd(request, req)
else:
messages.error(request, _("Error: please contact an admin."))
redirect(reverse('index'))
def process_passwd(request, req):
"""Process le changeemnt de mot de passe, renvoie le formulaire
demandant le nouveau password"""
user = req.user
u_form = PassForm(request.POST or None, instance=user, user=request.user)
if u_form.is_valid():
with transaction.atomic(), reversion.create_revision():
u_form.save()
reversion.set_comment(_("Password reset"))
req.delete()
messages.success(request, _("The password was changed."))
return redirect(reverse('index'))
return form(
{'userform': u_form, 'action_name': _("Change the password")},
'users/user.html',
request
)
@login_required
def initial_register(request):
switch_ip = request.GET.get('switch_ip', None)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment