phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

version 0.0.5.8: fixed method to reset password (until without confirmation), unfinished confirm method

Browse Source
This commit is contained in:
Anatoly 2019-08-11 20:51:50 +03:00
parent cfc6e05595
commit 7c27757874
5 changed files with 35 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
apps/account/models.py
View File

@ -126,7 +126,6 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
on_delete=models.CASCADE, on_delete=models.CASCADE,
verbose_name=_('The User which is associated to ' verbose_name=_('The User which is associated to '
'this password reset token')) 'this password reset token'))
# Key field, though it is not the primary key of the model # Key field, though it is not the primary key of the model
key = models.CharField(max_length=255, key = models.CharField(max_length=255,
verbose_name=_('Key')) verbose_name=_('Key'))
@ -176,18 +175,18 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
"""Get reset password template""" """Get reset password template"""
return render_to_string( return render_to_string(
template_name=self.RESETTING_TOKEN_TEMPLATE_NAME, template_name=self.RESETTING_TOKEN_TEMPLATE_NAME,
context={'token': self.key}) context={'token': self.key,
'domain_uri': settings.DOMAIN_URI})
def send_reset_password_request(self): def send_reset_password_request(self):
"""Method to reset user password""" """Method to reset user password"""
subject = _('Password resetting') subject = _('Password resetting')
# Remove access token and revoke refresh tokens
self.user.remove_access_tokens(source=[Application.MOBILE,
Application.WEB])
# Make user temporarily unavailable
self.user.change_status(switcher=False)
# Send an email with url for resetting a password # Send an email with url for resetting a password
self.user.send_email(subject=subject, self.user.send_email(subject=subject,
message=self.get_reset_password_template()) message=self.get_reset_password_template())
def confirm_reset_password_request(self):
"""Method to confirm reset user passwrod request"""
# Remove access token and revoke refresh tokens
self.user.remove_access_tokens(source=[Application.MOBILE,
Application.WEB])

14
apps/account/serializers/web.py
View File

@ -1,7 +1,17 @@
from django.contrib.auth import password_validation as password_validators
from rest_framework import serializers from rest_framework import serializers
class PasswordResetSerializer(serializers.Serializer): class PasswordResetConfirmSerializer(serializers.Serializer):
"""Serializer for reset password""" """Serializer for reset password"""
password = serializers.CharField() password = serializers.CharField(write_only=True)
def validate_password(self, data):
"""Custom password validation"""
try:
password_validators.validate_password(password=data)
except serializers.ValidationError as e:
raise serializers.ValidationError(str(e))
else:
return data

6
apps/account/urls/web.py
View File

@ -1,4 +1,5 @@
"""Web account URLs""" """Web account URLs"""
from django.contrib.auth.urls import urlpatterns as django_urls
from django.urls import path from django.urls import path
from account.urls import common as common_views from account.urls import common as common_views
@ -9,7 +10,10 @@ app_name = 'account'
urlpatterns_api = [ urlpatterns_api = [
path('reset-password/', views.PasswordResetView.as_view(), path('reset-password/', views.PasswordResetView.as_view(),
name='password-reset'), name='password-reset'),
path('reset-password/<str:token>/confirm', views.PasswordResetConfirmView.as_view(),
name='password-reset-confirm'),
] ]
urlpatterns = urlpatterns_api + \ urlpatterns = urlpatterns_api + \
common_views.urlpatterns common_views.urlpatterns + \
django_urls

13
apps/account/views/web.py
View File

@ -1,5 +1,4 @@
"""Web account views""" """Web account views"""
from rest_framework import permissions
from rest_framework import status, generics from rest_framework import status, generics
from rest_framework.response import Response from rest_framework.response import Response
@ -12,9 +11,6 @@ from utils import exceptions as utils_exceptions
class PasswordResetView(generics.GenericAPIView): class PasswordResetView(generics.GenericAPIView):
"""View for resetting user password""" """View for resetting user password"""
permission_classes = (permissions.IsAuthenticated,)
serializer_class = serializers.PasswordResetSerializer
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
"""Post-method for password resetting""" """Post-method for password resetting"""
user = request.user user = request.user
@ -29,3 +25,12 @@ class PasswordResetView(generics.GenericAPIView):
return Response(status=status.HTTP_200_OK) return Response(status=status.HTTP_200_OK)
except: except:
raise utils_exceptions.EmailSendingError(user.email) raise utils_exceptions.EmailSendingError(user.email)
class PasswordResetConfirmView(generics.GenericAPIView):
"""View for confirmation new password"""
serializer_class = serializers.PasswordResetConfirmSerializer
def post(self, request, *args, **kwargs):
"""Post method to confirm user change password request"""

2
project/templates/account/password_reset_email.html
View File

@ -3,7 +3,7 @@
{% trans "Please go to the following page and choose a new password:" %} {% trans "Please go to the following page and choose a new password:" %}
{% block reset_link %} {% block reset_link %}
http://{{ settings.DOMAIN_URI }}{% url 'web:account:password-reset-confirm' token=token %} http://{{ domain_uri }}{% url 'web:account:password-reset-confirm' token=token %}
{% endblock %} {% endblock %}
{% trans 'Your username, in case youve forgotten:' %} {{ user.get_username }} {% trans 'Your username, in case youve forgotten:' %} {{ user.get_username }}