Главная Обзор Помощь
Вход
221V
/
Misago
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 74f10531b8
Ветки Метки
Misago
/
misago
/
users
/
views
/
forgottenpassword.py

forgottenpassword.py 2.2 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. from django.contrib.auth import get_user_model
    2. 

  2. from django.core.exceptions import PermissionDenied
    3. 

  3. from django.shortcuts import get_object_or_404, render
    4. 

  4. from django.urls import reverse
    5. 

  5. from django.utils.translation import gettext as _
    6. 

  6. 

  7. from ...core.exceptions import Banned
    8. 

  8. from ..bans import get_user_ban
    9. 

  9. from ..decorators import deny_banned_ips
    10. 

  10. from ..tokens import is_password_change_token_valid
    11. 

  11. 

  12. 

  13. def reset_view(f):
    14. 

  14.     @deny_banned_ips
    15. 

  15.     def decorator(request, *args, **kwargs):
    16. 

  16.         if request.settings.enable_sso:
    17. 

  17.             raise PermissionDenied(
    18. 

  18.                 _("Please use the 3rd party site to change password.")
    19. 

  19.             )
    20. 

  20. 

  21.         return f(request, *args, **kwargs)
    22. 

  22. 

  23.     return decorator
    24. 

  24. 

  25. 

  26. @reset_view
    27. 

  27. def request_reset(request):
    28. 

  28.     request.frontend_context.update(
    29. 

  29.         {"SEND_PASSWORD_RESET_API": reverse("misago:api:send-password-form")}
    30. 

  30.     )
    31. 

  31.     return render(request, "misago/forgottenpassword/request.html")
    32. 

  32. 

  33. 

  34. class ResetError(Exception):
    35. 

  35.     pass
    36. 

  36. 

  37. 

  38. @reset_view
    39. 

  39. def reset_password_form(request, pk, token):
    40. 

  40.     requesting_user = get_object_or_404(get_user_model(), pk=pk)
    41. 

  41. 

  42.     try:
    43. 

  43.         if request.user.is_authenticated and request.user.id != requesting_user.id:
    44. 

  44.             message = _(
    45. 

  45.                 "%(user)s, your link has expired. "
    46. 

  46.                 "Please request new link and try again."
    47. 

  47.             )
    48. 

  48.             raise ResetError(message % {"user": requesting_user.username})
    49. 

  49. 

  50.         if not is_password_change_token_valid(requesting_user, token):
    51. 

  51.             message = _(
    52. 

  52.                 "%(user)s, your link is invalid. Please try again or request new link."
    53. 

  53.             )
    54. 

  54.             raise ResetError(message % {"user": requesting_user.username})
    55. 

  55. 

  56.         ban = get_user_ban(requesting_user, request.cache_versions)
    57. 

  57.         if ban:
    58. 

  58.             raise Banned(ban)
    59. 

  59.     except ResetError as e:
    60. 

  60.         return render(
    61. 

  61.             request,
    62. 

  62.             "misago/forgottenpassword/error.html",
    63. 

  63.             {"message": e.args[0]},
    64. 

  64.             status=400,
    65. 

  65.         )
    66. 

  66. 

  67.     api_url = reverse(
    68. 

  68.         "misago:api:change-forgotten-password", kwargs={"pk": pk, "token": token}
    69. 

  69.     )
    70. 

  70. 

  71.     request.frontend_context["CHANGE_PASSWORD_API"] = api_url
    72. 

  72.     return render(request, "misago/forgottenpassword/form.html")
    73.