From 6fa0051c93b6965523f8bf731e48e4c76d26f3cf Mon Sep 17 00:00:00 2001 From: Kuroshini Date: Mon, 14 Oct 2019 15:53:40 +0300 Subject: [PATCH] Revert "Password reset confirmation mechanics" This reverts commit 71528d8 --- apps/account/models.py | 20 -------------- apps/account/serializers/web.py | 13 ---------- apps/account/tasks.py | 11 -------- apps/account/urls/common.py | 1 - apps/account/views/common.py | 26 ------------------- apps/authorization/serializers/common.py | 4 +-- apps/utils/models.py | 7 ++--- project/settings/base.py | 1 - .../account/password_confirm_email.html | 11 -------- 9 files changed, 4 insertions(+), 90 deletions(-) delete mode 100644 project/templates/account/password_confirm_email.html diff --git a/apps/account/models.py b/apps/account/models.py index 24cc6d95..2d7ad8f2 100644 --- a/apps/account/models.py +++ b/apps/account/models.py @@ -82,7 +82,6 @@ class User(AbstractUser): unconfirmed_email = models.EmailField(_('unconfirmed email'), blank=True, null=True, default=None) email_confirmed = models.BooleanField(_('email status'), default=False) newsletter = models.NullBooleanField(default=True) - password_confirmed = models.BooleanField(_('is new password confirmed'), default=True, null=False) EMAIL_FIELD = 'email' USERNAME_FIELD = 'username' @@ -139,10 +138,6 @@ class User(AbstractUser): self.email_confirmed = True self.save() - def confirm_password(self): - self.password_confirmed = True - self.save() - def approve(self): """Set user is_active status to True""" self.is_active = True @@ -177,11 +172,6 @@ class User(AbstractUser): """Make a token for finish signup.""" return password_token_generator.make_token(self) - @property - def confirm_password_token(self): - """Make a token for new password confirmation """ - return GMTokenGenerator(purpose=GMTokenGenerator.CONFIRM_PASSWORD).make_token(self) - @property def get_user_uidb64(self): """Get base64 value for user by primary key identifier""" @@ -211,16 +201,6 @@ class User(AbstractUser): template_name=settings.RESETTING_TOKEN_TEMPLATE, context=context) - def confirm_password_template(self, country_code): - """Get confirm password template""" - context = {'token': self.confirm_password_token, - 'country_code': country_code} - context.update(self.base_template) - return render_to_string( - template_name=settings.CONFIRM_PASSWORD_TEMPLATE, - context=context, - ) - def confirm_email_template(self, country_code): """Get confirm email template""" context = {'token': self.confirm_email_token, diff --git a/apps/account/serializers/web.py b/apps/account/serializers/web.py index dd8ccec8..8be73afa 100644 --- a/apps/account/serializers/web.py +++ b/apps/account/serializers/web.py @@ -1,10 +1,8 @@ """Serializers for account web""" from django.contrib.auth import password_validation as password_validators -from django.conf import settings from rest_framework import serializers from account import models -from account import tasks from utils import exceptions as utils_exceptions from utils.methods import username_validator @@ -69,16 +67,5 @@ class PasswordResetConfirmSerializer(serializers.ModelSerializer): """Override update method""" # Update user password from instance instance.set_password(validated_data.get('password')) - instance.password_confirmed = False instance.save() - if settings.USE_CELERY: - tasks.send_reset_password_confirm.delay( - user=instance, - country_code=self.context.get('request').country_code, - ) - else: - tasks.send_reset_password_confirm( - user=instance, - country_code=self.context.get('request').country_code, - ) return instance diff --git a/apps/account/tasks.py b/apps/account/tasks.py index 3729c40c..03a231b3 100644 --- a/apps/account/tasks.py +++ b/apps/account/tasks.py @@ -22,17 +22,6 @@ def send_reset_password_email(user_id, country_code): f'DETAIL: Exception occurred for reset password: ' f'{user_id}') -@shared_task -def send_reset_password_confirm(user: models.User, country_code): - """ Send email to user for applying new password. """ - try: - user.send_email(subject=_('New password confirmation'), - message=user.confirm_password_template(country_code)) - except: - logger.error(f'METHOD_NAME: {send_reset_password_confirm.__name__}\n' - f'DETAIL: Exception occured for new passwordconfirmation', - f'{user.id}') - @shared_task def confirm_new_email_address(user_id, country_code): diff --git a/apps/account/urls/common.py b/apps/account/urls/common.py index a440c5bf..4ea2af66 100644 --- a/apps/account/urls/common.py +++ b/apps/account/urls/common.py @@ -8,7 +8,6 @@ app_name = 'account' urlpatterns = [ path('user/', views.UserRetrieveUpdateView.as_view(), name='user-retrieve-update'), path('change-password/', views.ChangePasswordView.as_view(), name='change-password'), - path('change-password-confirm///', views.ConfirmPasswordView.as_view(), name='change-password'), path('email/confirm/', views.SendConfirmationEmailView.as_view(), name='send-confirm-email'), path('email/confirm///', views.ConfirmEmailView.as_view(), name='confirm-email'), ] diff --git a/apps/account/views/common.py b/apps/account/views/common.py index cb0d84d7..d29ce2bb 100644 --- a/apps/account/views/common.py +++ b/apps/account/views/common.py @@ -91,32 +91,6 @@ class ConfirmEmailView(JWTGenericViewMixin): else: raise utils_exceptions.UserNotFoundError() -class ConfirmPasswordView(JWTGenericViewMixin): - """View for applying newly set password""" - - permission_classes = (permissions.AllowAny,) - - def get(self, request, *args, **kwargs): - uidb64 = kwargs.get('uidb64') - token = kwargs.get('token') - uid = force_text(urlsafe_base64_decode(uidb64)) - user_qs = models.User.objects.filter(pk=uid) - if user_qs.exists(): - user = user_qs.first() - if not GMTokenGenerator(GMTokenGenerator.CONFIRM_PASSWORD).check_token( - user, token): - raise utils_exceptions.NotValidTokenError() - user.confirm_password() - tokens = user.create_jwt_tokens() - return self._put_cookies_in_response( - cookies=self._put_data_in_cookies( - access_token=tokens.get('access_token'), - refresh_token=tokens.get('refresh_token')), - response=Response(status=status.HTTP_200_OK)) - else: - raise utils_exceptions.UserNotFoundError() - - # Firebase Cloud Messaging class FCMDeviceViewSet(generics.GenericAPIView): diff --git a/apps/authorization/serializers/common.py b/apps/authorization/serializers/common.py index 6be76a00..ed68ba9f 100644 --- a/apps/authorization/serializers/common.py +++ b/apps/authorization/serializers/common.py @@ -108,8 +108,8 @@ class LoginByUsernameOrEmailSerializer(SourceSerializerMixin, """Override validate method""" username_or_email = attrs.pop('username_or_email') password = attrs.pop('password') - user_qs = account_models.User.objects.filter(password_confirmed=True)\ - .filter(Q(username=username_or_email) | Q(email=username_or_email)) + user_qs = account_models.User.objects.filter(Q(username=username_or_email) | + Q(email=username_or_email)) if not user_qs.exists(): raise utils_exceptions.WrongAuthCredentials() else: diff --git a/apps/utils/models.py b/apps/utils/models.py index e5a39895..4e6df35e 100644 --- a/apps/utils/models.py +++ b/apps/utils/models.py @@ -258,14 +258,12 @@ class GMTokenGenerator(PasswordResetTokenGenerator): RESET_PASSWORD = 1 CHANGE_PASSWORD = 2 CONFIRM_EMAIL = 3 - CONFIRM_PASSWORD = 4 TOKEN_CHOICES = ( CHANGE_EMAIL, RESET_PASSWORD, CHANGE_PASSWORD, - CONFIRM_EMAIL, - CONFIRM_PASSWORD, + CONFIRM_EMAIL ) def __init__(self, purpose: int): @@ -281,8 +279,7 @@ class GMTokenGenerator(PasswordResetTokenGenerator): self.purpose == self.CONFIRM_EMAIL: fields.extend([str(user.email_confirmed), str(user.email)]) elif self.purpose == self.RESET_PASSWORD or \ - self.purpose == self.CHANGE_PASSWORD or \ - self.purpose == self.CONFIRM_PASSWORD: + self.purpose == self.CHANGE_PASSWORD: fields.append(str(user.password)) return fields diff --git a/project/settings/base.py b/project/settings/base.py index 7d9b8c05..06f83811 100644 --- a/project/settings/base.py +++ b/project/settings/base.py @@ -405,7 +405,6 @@ PASSWORD_RESET_TIMEOUT_DAYS = 1 # TEMPLATES RESETTING_TOKEN_TEMPLATE = 'account/password_reset_email.html' CHANGE_EMAIL_TEMPLATE = 'account/change_email.html' -CONFIRM_PASSWORD_TEMPLATE = 'account/password_confirm_email.html' CONFIRM_EMAIL_TEMPLATE = 'authorization/confirm_email.html' NEWS_EMAIL_TEMPLATE = "news/news_email.html" diff --git a/project/templates/account/password_confirm_email.html b/project/templates/account/password_confirm_email.html deleted file mode 100644 index 29f27afb..00000000 --- a/project/templates/account/password_confirm_email.html +++ /dev/null @@ -1,11 +0,0 @@ -{% load i18n %}{% autoescape off %} -{% blocktrans %}Confirm a password reset for your user account at {{ site_name }}.{% endblocktrans %} - -{% trans "Please go to the following page:" %} - -https://{{ country_code }}.{{ domain_uri }}/confirm-new-password/{{ uidb64 }}/{{ token }}/ - -{% trans "Thanks for using our site!" %} - -{% blocktrans %}The {{ site_name }} team{% endblocktrans %} -{% endautoescape %} \ No newline at end of file