[cig-commits] r11859 - in cs/portal/trunk/seismo/SeismoWebPortal: . templates/registration

leif at geodynamics.org leif at geodynamics.org
Wed Apr 23 13:28:19 PDT 2008 

Author: leif
Date: 2008-04-23 13:28:18 -0700 (Wed, 23 Apr 2008)
New Revision: 11859

Modified:
   cs/portal/trunk/seismo/SeismoWebPortal/forms.py
   cs/portal/trunk/seismo/SeismoWebPortal/templates/registration/pwreset.html
   cs/portal/trunk/seismo/SeismoWebPortal/views.py
Log:
Fixed password-reset bugs found by Dr. Gurnis.


Modified: cs/portal/trunk/seismo/SeismoWebPortal/forms.py
===================================================================
--- cs/portal/trunk/seismo/SeismoWebPortal/forms.py	2008-04-23 20:06:17 UTC (rev 11858)
+++ cs/portal/trunk/seismo/SeismoWebPortal/forms.py	2008-04-23 20:28:18 UTC (rev 11859)
@@ -3,6 +3,8 @@
 from django.contrib.auth import authenticate, login
 from django.contrib.auth.models import User
 from django.core import validators
+from django.template import loader
+from django.template import Context
 from models import Location, CMTSolution
 from models import Specfem3DGlobeMesh, Event, DataSource, Region, Source
 from models import UserInfo, Invite, Folder
@@ -275,6 +277,41 @@
         raise validators.ValidationError("Someone has already registered using this e-mail address (but under a different username).")
 
 
+class PasswordResetForm(forms.Manipulator):
+    "A form that lets a user request a password reset"
+    def __init__(self):
+        self.fields = (
+            forms.EmailField(field_name="email", length=40, is_required=True,
+                validator_list=[self.isValidUserEmail]),
+        )
+
+    def isValidUserEmail(self, new_data, all_data):
+        "Validates that a user exists with the given e-mail address"
+        try:
+            self.user_cache = User.objects.get(email__iexact=new_data)
+        except User.DoesNotExist:
+            raise validators.ValidationError, "That e-mail address doesn't have an associated user account. Are you sure you've registered?"
+
+    def save(self):
+        "Calculates a new password randomly and sends it to the user"
+        from django.core.mail import send_mail
+        new_pass = User.objects.make_random_password()
+        self.user_cache.set_password(new_pass)
+        self.user_cache.save()
+        t = loader.get_template('registration/pwreset_email.txt')
+        c = {
+            'new_password': new_pass,
+            'email': self.user_cache.email,
+            'root': config.root,
+            'user': self.user_cache,
+        }
+        send_mail('Password reset on the CIG Seismology Web Portal',
+                  t.render(Context(c)),
+                  None,
+                  [self.user_cache.email])
+        return
+
+
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Events
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Modified: cs/portal/trunk/seismo/SeismoWebPortal/templates/registration/pwreset.html
===================================================================
--- cs/portal/trunk/seismo/SeismoWebPortal/templates/registration/pwreset.html	2008-04-23 20:06:17 UTC (rev 11858)
+++ cs/portal/trunk/seismo/SeismoWebPortal/templates/registration/pwreset.html	2008-04-23 20:28:18 UTC (rev 11859)
@@ -3,7 +3,7 @@
 
 <p>Forgotten your password? Enter your e-mail address below, and we'll reset your password and e-mail the new one to you.</p>
 
-<form action="{{root}}/login/reset/" method="post">
+<form action="{{action}}" method="post">
 
     {% if form.has_errors %}
     <p><span class=error>Please correct the following error{{ form.error_dict|pluralize }}.</span>

Modified: cs/portal/trunk/seismo/SeismoWebPortal/views.py
===================================================================
--- cs/portal/trunk/seismo/SeismoWebPortal/views.py	2008-04-23 20:06:17 UTC (rev 11858)
+++ cs/portal/trunk/seismo/SeismoWebPortal/views.py	2008-04-23 20:28:18 UTC (rev 11859)
@@ -113,7 +113,7 @@
 
     # Login is required for everything beyond this point.
     if request.user.is_anonymous():
-        from opal.contrib.auth import REDIRECT_FIELD_NAME
+        from django.contrib.auth import REDIRECT_FIELD_NAME
         from urllib import quote
         return HttpResponseRedirect(config.root + '/login?%s=%s' %
                                     (REDIRECT_FIELD_NAME, quote(request.get_full_path())))
@@ -665,7 +665,7 @@
 
 def pwreset(request, path, reset, desktop):
     from django.views.generic.simple import direct_to_template
-    from django.contrib.auth.forms import PasswordResetForm
+    from forms import PasswordResetForm
     
     if path:
         name = path.pop(0)
@@ -685,11 +685,12 @@
         new_data = request.POST.copy()
         errors = form.get_validation_errors(new_data)
         if not errors:
-            form.save(email_template_name='registration/pwreset_email.txt',
-                      domain_override="the CIG Seismology Web Portal")
+            form.save()
             return HttpResponseRedirect('%sdone/' % request.path)
     html = loader.render_to_string('registration/pwreset.html',
-                                   {'form': forms.FormWrapper(form, new_data, errors)})
+                                   {'form': forms.FormWrapper(form, new_data, errors),
+                                    'action': request.path
+                                    })
     reset.content = gui.StaticContent(html)
     desktop.activeWindow.selectWindow(reset)
     return desktop
@@ -1113,7 +1114,7 @@
 
 
 def password_change(request, password, desktop, template_name='registration/password_change_form.html'):
-    from django.contrib.auth.forms import PasswordResetForm, PasswordChangeForm
+    from django.contrib.auth.forms import PasswordChangeForm
 
     new_data, errors = {}, {}
     form = PasswordChangeForm(request.user)

More information about the cig-commits mailing list