phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert "Password reset confirmation mechanics"

Browse Source 
This reverts commit 71528d8
This commit is contained in:
Kuroshini 2019-10-14 15:53:40 +03:00
parent 1f6bf819e8
commit 6fa0051c93
9 changed files with 4 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
apps/account/models.py
View File

@ -82,7 +82,6 @@ class User(AbstractUser):
unconfirmed_email = models.EmailField(_('unconfirmed email'), blank=True, null=True, default=None)
email_confirmed = models.BooleanField(_('email status'), default=False)
newsletter = models.NullBooleanField(default=True)
password_confirmed = models.BooleanField(_('is new password confirmed'), default=True, null=False)
EMAIL_FIELD = 'email'
USERNAME_FIELD = 'username'
@ -139,10 +138,6 @@ class User(AbstractUser):
self.email_confirmed = True
self.save()
def confirm_password(self):
self.password_confirmed = True
self.save()
def approve(self):
"""Set user is_active status to True"""
self.is_active = True
@ -177,11 +172,6 @@ class User(AbstractUser):
"""Make a token for finish signup."""
return password_token_generator.make_token(self)
@property
def confirm_password_token(self):
"""Make a token for new password confirmation """
return GMTokenGenerator(purpose=GMTokenGenerator.CONFIRM_PASSWORD).make_token(self)
@property
def get_user_uidb64(self):
"""Get base64 value for user by primary key identifier"""
@ -211,16 +201,6 @@ class User(AbstractUser):
template_name=settings.RESETTING_TOKEN_TEMPLATE,
context=context)
def confirm_password_template(self, country_code):
"""Get confirm password template"""
context = {'token': self.confirm_password_token,
'country_code': country_code}
context.update(self.base_template)
return render_to_string(
template_name=settings.CONFIRM_PASSWORD_TEMPLATE,
context=context,
)
def confirm_email_template(self, country_code):
"""Get confirm email template"""
context = {'token': self.confirm_email_token,

13
apps/account/serializers/web.py
View File

@ -1,10 +1,8 @@
"""Serializers for account web"""
from django.contrib.auth import password_validation as password_validators
from django.conf import settings
from rest_framework import serializers
from account import models
from account import tasks
from utils import exceptions as utils_exceptions
from utils.methods import username_validator
@ -69,16 +67,5 @@ class PasswordResetConfirmSerializer(serializers.ModelSerializer):
"""Override update method"""
# Update user password from instance
instance.set_password(validated_data.get('password'))
instance.password_confirmed = False
instance.save()
if settings.USE_CELERY:
tasks.send_reset_password_confirm.delay(
user=instance,
country_code=self.context.get('request').country_code,
)
else:
tasks.send_reset_password_confirm(
user=instance,
country_code=self.context.get('request').country_code,
)
return instance

11
apps/account/tasks.py
View File

@ -22,17 +22,6 @@ def send_reset_password_email(user_id, country_code):
f'DETAIL: Exception occurred for reset password: '
f'{user_id}')
@shared_task
def send_reset_password_confirm(user: models.User, country_code):
""" Send email to user for applying new password. """
try:
user.send_email(subject=_('New password confirmation'),
message=user.confirm_password_template(country_code))
except:
logger.error(f'METHOD_NAME: {send_reset_password_confirm.__name__}\n'
f'DETAIL: Exception occured for new passwordconfirmation',
f'{user.id}')
@shared_task
def confirm_new_email_address(user_id, country_code):

1
apps/account/urls/common.py
View File

@ -8,7 +8,6 @@ app_name = 'account'
urlpatterns = [
path('user/', views.UserRetrieveUpdateView.as_view(), name='user-retrieve-update'),
path('change-password/', views.ChangePasswordView.as_view(), name='change-password'),
path('change-password-confirm/<uuid64>/<token>/', views.ConfirmPasswordView.as_view(), name='change-password'),
path('email/confirm/', views.SendConfirmationEmailView.as_view(), name='send-confirm-email'),
path('email/confirm/<uidb64>/<token>/', views.ConfirmEmailView.as_view(), name='confirm-email'),
]

26
apps/account/views/common.py
View File

@ -91,32 +91,6 @@ class ConfirmEmailView(JWTGenericViewMixin):
else:
raise utils_exceptions.UserNotFoundError()
class ConfirmPasswordView(JWTGenericViewMixin):
"""View for applying newly set password"""
permission_classes = (permissions.AllowAny,)
def get(self, request, *args, **kwargs):
uidb64 = kwargs.get('uidb64')
token = kwargs.get('token')
uid = force_text(urlsafe_base64_decode(uidb64))
user_qs = models.User.objects.filter(pk=uid)
if user_qs.exists():
user = user_qs.first()
if not GMTokenGenerator(GMTokenGenerator.CONFIRM_PASSWORD).check_token(
user, token):
raise utils_exceptions.NotValidTokenError()
user.confirm_password()
tokens = user.create_jwt_tokens()
return self._put_cookies_in_response(
cookies=self._put_data_in_cookies(
access_token=tokens.get('access_token'),
refresh_token=tokens.get('refresh_token')),
response=Response(status=status.HTTP_200_OK))
else:
raise utils_exceptions.UserNotFoundError()
# Firebase Cloud Messaging
class FCMDeviceViewSet(generics.GenericAPIView):

4
apps/authorization/serializers/common.py
View File

@ -108,8 +108,8 @@ class LoginByUsernameOrEmailSerializer(SourceSerializerMixin,
"""Override validate method"""
username_or_email = attrs.pop('username_or_email')
password = attrs.pop('password')
user_qs = account_models.User.objects.filter(password_confirmed=True)\
.filter(Q(username=username_or_email) | Q(email=username_or_email))
user_qs = account_models.User.objects.filter(Q(username=username_or_email) |
Q(email=username_or_email))
if not user_qs.exists():
raise utils_exceptions.WrongAuthCredentials()
else:

7
apps/utils/models.py
View File

@ -258,14 +258,12 @@ class GMTokenGenerator(PasswordResetTokenGenerator):
RESET_PASSWORD = 1
CHANGE_PASSWORD = 2
CONFIRM_EMAIL = 3
CONFIRM_PASSWORD = 4
TOKEN_CHOICES = (
CHANGE_EMAIL,
RESET_PASSWORD,
CHANGE_PASSWORD,
CONFIRM_EMAIL,
CONFIRM_PASSWORD,
CONFIRM_EMAIL
)
def __init__(self, purpose: int):
@ -281,8 +279,7 @@ class GMTokenGenerator(PasswordResetTokenGenerator):
self.purpose == self.CONFIRM_EMAIL:
fields.extend([str(user.email_confirmed), str(user.email)])
elif self.purpose == self.RESET_PASSWORD or \
self.purpose == self.CHANGE_PASSWORD or \
self.purpose == self.CONFIRM_PASSWORD:
self.purpose == self.CHANGE_PASSWORD:
fields.append(str(user.password))
return fields

1
project/settings/base.py
View File

@ -405,7 +405,6 @@ PASSWORD_RESET_TIMEOUT_DAYS = 1
# TEMPLATES
RESETTING_TOKEN_TEMPLATE = 'account/password_reset_email.html'
CHANGE_EMAIL_TEMPLATE = 'account/change_email.html'
CONFIRM_PASSWORD_TEMPLATE = 'account/password_confirm_email.html'
CONFIRM_EMAIL_TEMPLATE = 'authorization/confirm_email.html'
NEWS_EMAIL_TEMPLATE = "news/news_email.html"

11
project/templates/account/password_confirm_email.html
View File

@ -1,11 +0,0 @@
{% load i18n %}{% autoescape off %}
{% blocktrans %}Confirm a password reset for your user account at {{ site_name }}.{% endblocktrans %}
{% trans "Please go to the following page:" %}
https://{{ country_code }}.{{ domain_uri }}/confirm-new-password/{{ uidb64 }}/{{ token }}/
{% trans "Thanks for using our site!" %}
{% blocktrans %}The {{ site_name }} team{% endblocktrans %}
{% endautoescape %}