Commit 60fae5af authored by chirac's avatar chirac

L'initialisation du mdp se fait par mail

parent 8e5464a1
......@@ -12,7 +12,7 @@ https://docs.djangoproject.com/en/1.8/ref/settings/
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
from .settings_local import SECRET_KEY, DATABASES, DEBUG, ALLOWED_HOSTS, ASSO_NAME, ASSO_ADDRESS_LINE1, ASSO_ADDRESS_LINE2, ASSO_SIRET, ASSO_EMAIL, ASSO_PHONE, LOGO_PATH, services_urls
from .settings_local import SECRET_KEY, DATABASES, DEBUG, ALLOWED_HOSTS, ASSO_NAME, ASSO_ADDRESS_LINE1, ASSO_ADDRESS_LINE2, ASSO_SIRET, ASSO_EMAIL, ASSO_PHONE, LOGO_PATH, services_urls, REQ_EXPIRE_HRS, REQ_EXPIRE_STR, EMAIL_FROM, SITE_NAME
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
......
......@@ -2,7 +2,7 @@ from django.contrib import admin
from django.contrib.auth.models import Group
from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
from .models import User, School, Right, ListRight, Ban, Whitelist
from .models import User, School, Right, ListRight, Ban, Whitelist, Request
from .forms import UserChangeForm, UserCreationForm
......@@ -29,6 +29,8 @@ class ListRightAdmin(admin.ModelAdmin):
class RightAdmin(admin.ModelAdmin):
list_display = ('user', 'right')
class RequestAdmin(admin.ModelAdmin):
list_display = ('user', 'type', 'created_at', 'expires_at')
class BanAdmin(admin.ModelAdmin):
list_display = ('user', 'raison', 'date_start', 'date_end')
......@@ -71,6 +73,7 @@ admin.site.register(Right, RightAdmin)
admin.site.register(ListRight, ListRightAdmin)
admin.site.register(Ban, BanAdmin)
admin.site.register(Whitelist, WhitelistAdmin)
admin.site.register(Request, RequestAdmin)
# Now register the new UserAdmin...
admin.site.unregister(User)
admin.site.register(User, UserAdmin)
......
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import migrations, models
import django.db.models.deletion
from django.conf import settings
class Migration(migrations.Migration):
dependencies = [
('users', '0019_auto_20160708_1633'),
]
operations = [
migrations.CreateModel(
name='Request',
fields=[
('id', models.AutoField(auto_created=True, verbose_name='ID', primary_key=True, serialize=False)),
('type', models.CharField(choices=[('PW', 'Mot de passe'), ('EM', 'Email')], max_length=2)),
('token', models.CharField(max_length=32)),
('created_at', models.DateTimeField(auto_now_add=True)),
('expires_at', models.DateTimeField()),
('user', models.ForeignKey(to=settings.AUTH_USER_MODEL, on_delete=django.db.models.deletion.PROTECT)),
],
),
]
......@@ -3,8 +3,9 @@ from django.db.models import Q
from django.forms import ModelForm, Form
from django import forms
from re2o.settings import RIGHTS_LINK
import re
from re2o.settings import RIGHTS_LINK, REQ_EXPIRE_HRS
import re, uuid
import datetime
from django.utils import timezone
from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
......@@ -265,6 +266,27 @@ class Whitelist(models.Model):
def __str__(self):
return str(self.user) + ' ' + str(self.raison)
class Request(models.Model):
PASSWD = 'PW'
EMAIL = 'EM'
TYPE_CHOICES = (
(PASSWD, 'Mot de passe'),
(EMAIL, 'Email'),
)
type = models.CharField(max_length=2, choices=TYPE_CHOICES)
token = models.CharField(max_length=32)
user = models.ForeignKey('User', on_delete=models.PROTECT)
created_at = models.DateTimeField(auto_now_add=True, editable=False)
expires_at = models.DateTimeField()
def save(self):
if not self.expires_at:
self.expires_at = timezone.now() \
+ datetime.timedelta(hours=REQ_EXPIRE_HRS)
if not self.token:
self.token = str(uuid.uuid4()).replace('-', '') # remove hyphens
super(Request, self).save()
class BaseInfoForm(ModelForm):
def __init__(self, *args, **kwargs):
super(BaseInfoForm, self).__init__(*args, **kwargs)
......
Bonjour {{ name }},
Vous trouverez ci-dessous une url permetant d'initialiser ou de reinitialiser votre
compte {{ site_name }}. Celui-ci vous permet de gérer l'ensemble de vos équipements
connectés, votre compte, vos factures, et tous les services proposés sur le réseau.
{{ url }}
Contactez les administrateurs si vous n'êtes pas à l'origine de cette requête.
Ce lien expirera dans {{ expire_in }}.
Cordialement,
L'équipe de {{ asso }} {{ asso_mail }}.
......@@ -21,6 +21,7 @@ urlpatterns = [
url(r'^index_white/$', views.index_white, name='index-white'),
url(r'^index_school/$', views.index_school, name='index-school'),
url(r'^mon_profil/$', views.mon_profil, name='mon-profil'),
url(r'^process/(?P<token>[a-z0-9]{32})/$', views.process, name='process'),
url(r'^$', views.index, name='index'),
]
......
# App de gestion des users pour re2o
# Goulven Kermarec, Gabriel Détraz
# Gplv2
from django.shortcuts import render_to_response, render, redirect
from django.shortcuts import render_to_response, get_object_or_404, render, redirect
from django.core.context_processors import csrf
from django.template import RequestContext
from django.template import Context, RequestContext, loader
from django.contrib import messages
from django.contrib.auth.decorators import login_required, permission_required
from django.db.models import Max, ProtectedError
from django.db import IntegrityError
from django.core.mail import send_mail
from django.utils import timezone
from django.core.urlresolvers import reverse
from users.models import User, Right, Ban, Whitelist, School
from users.models import User, Right, Ban, Whitelist, School, Request
from users.models import DelRightForm, BanForm, WhitelistForm, DelSchoolForm
from users.models import InfoForm, BaseInfoForm, StateForm, RightForm, SchoolForm
from cotisations.models import Facture
......@@ -19,7 +21,7 @@ from users.forms import PassForm
from machines.views import unassign_ips, assign_ips
from re2o.login import hashNT
from re2o.settings import REQ_EXPIRE_STR, EMAIL_FROM, ASSO_NAME, ASSO_EMAIL, SITE_NAME
def archive(user):
""" Archive un utilisateur """
......@@ -41,14 +43,49 @@ def form(ctx, template, request):
context_instance=RequestContext(request)
)
def password_change_action(u_form, user, request, req=False):
""" Fonction qui effectue le changeemnt de mdp bdd"""
if u_form.cleaned_data['passwd1'] != u_form.cleaned_data['passwd2']:
messages.error(request, "Les 2 mots de passe différent")
return form({'userform': u_form}, 'users/user.html', request)
user.set_password(u_form.cleaned_data['passwd1'])
user.pwd_ntlm = hashNT(u_form.cleaned_data['passwd1'])
user.save()
messages.success(request, "Le mot de passe a changé")
if req:
req.delete()
return redirect("/")
return redirect("/users/profil/" + str(user.id))
def reset_passwd_mail(req, request):
t = loader.get_template('users/email_passwd_request')
c = Context({
'name': str(req.user.name) + ' ' + str(req.user.surname),
'asso': ASSO_NAME,
'asso_mail': ASSO_EMAIL,
'site_name': SITE_NAME,
'url': request.build_absolute_uri(
reverse('users:process', kwargs={'token': req.token})),
'expire_in': REQ_EXPIRE_STR,
})
send_mail('Changement de mot de passe', t.render(c),
EMAIL_FROM, [req.user.email], fail_silently=False)
return
@login_required
@permission_required('cableur')
def new_user(request):
user = InfoForm(request.POST or None)
if user.is_valid():
user = user.save(commit=False)
user.save()
messages.success(request, "L'utilisateur a été crée")
return redirect("/users/")
req = Request()
req.type = Request.PASSWD
req.user = user
req.save()
reset_passwd_mail(req, request)
messages.success(request, "L'utilisateur %s a été crée, un mail pour l'initialisation du mot de passe a été envoyé" % user.pseudo)
redirect("/users/profil/" + user.id)
return form({'userform': user}, 'users/user.html', request)
@login_required
......@@ -106,14 +143,7 @@ def password(request, userid):
return redirect("/users/profil/" + str(request.user.id))
u_form = PassForm(request.POST or None)
if u_form.is_valid():
if u_form.cleaned_data['passwd1'] != u_form.cleaned_data['passwd2']:
messages.error(request, "Les 2 mots de passe différent")
return form({'userform': u_form}, 'users/user.html', request)
user.set_password(u_form.cleaned_data['passwd1'])
user.pwd_ntlm = hashNT(u_form.cleaned_data['passwd1'])
user.save()
messages.success(request, "Le mot de passe a changé")
return redirect("/users/profil/" + userid)
return password_change_action(u_form, user, request)
return form({'userform': u_form}, 'users/user.html', request)
@login_required
......@@ -322,3 +352,20 @@ def profil(request, userid):
}
)
def process(request, token):
valid_reqs = Request.objects.filter(expires_at__gt=timezone.now())
req = get_object_or_404(valid_reqs, token=token)
if req.type == Request.PASSWD:
return process_passwd(request, req)
elif req.type == Request.EMAIL:
return process_email(request, req=req)
else:
return error(request, 'Entrée incorrecte, contactez un admin')
def process_passwd(request, req):
u_form = PassForm(request.POST or None)
user = req.user
if u_form.is_valid():
return password_change_action(u_form, user, request, req=req)
return form({'userform': u_form}, 'users/user.html', request)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment