fix password reset

This commit is contained in:
j 2011-10-07 19:56:39 +02:00
parent d60a3d74e1
commit e2a76470ae
5 changed files with 20 additions and 18 deletions

View file

@ -16,7 +16,7 @@ from itemlist.models import List, Position
class UserProfile(models.Model): class UserProfile(models.Model):
reset_token = models.TextField(blank=True, null=True, unique=True) reset_code = models.TextField(blank=True, null=True, unique=True)
user = models.ForeignKey(User, unique=True, related_name='profile') user = models.ForeignKey(User, unique=True, related_name='profile')
level = models.IntegerField(default=1) level = models.IntegerField(default=1)

View file

@ -1,6 +1,6 @@
To reset your password, please use the following token: To reset your password, please use the following code:
{{token}} {{code}}
If you do not want to reset your password, no further action is required. If you do not want to reset your password, no further action is required.

View file

@ -191,15 +191,16 @@ actions.register(signup, cache=False)
def resetPassword(request): def resetPassword(request):
''' '''
param data { param data {
token: reset token username: username,
password: new password password: new password
code: reset code
} }
return { return {
status: {'code': int, 'text': string} status: {'code': int, 'text': string}
data: { data: {
errors: { errors: {
token: 'Invalid token' code: 'Invalid Code'
} }
user { user {
} }
@ -207,7 +208,7 @@ def resetPassword(request):
} }
''' '''
data = json.loads(request.POST['data']) data = json.loads(request.POST['data'])
if 'token' in data and 'password' in data: if 'code' in data and 'password' in data:
if not data['password']: if not data['password']:
response = json_response({ response = json_response({
'errors': { 'errors': {
@ -215,13 +216,13 @@ def resetPassword(request):
} }
}) })
else: else:
qs = models.UserProfile.objects.filter(reset_token=data['token']) qs = models.UserProfile.objects.filter(reset_code=data['code'])
if qs.count() == 1: if qs.count() == 1:
user = qs[0].user user = qs[0].user
user.set_password(data['password']) user.set_password(data['password'])
user.save() user.save()
user_profile = user.get_profile() user_profile = user.get_profile()
user_profile.reset_token = None user_profile.reset_code = None
user_profile.save() user_profile.save()
user = authenticate(username=user.username, password=data['password']) user = authenticate(username=user.username, password=data['password'])
login(request, user) login(request, user)
@ -233,7 +234,7 @@ def resetPassword(request):
else: else:
response = json_response({ response = json_response({
'errors': { 'errors': {
'token': 'Invalid token' 'code': 'Invalid code'
} }
}) })
@ -275,17 +276,17 @@ def requestToken(request):
user = None user = None
if user: if user:
while True: while True:
token = ox.to26(random.randint(32768, 1048575)) code = ox.to26(random.randint(32768, 1048575))
if models.UserProfile.objects.filter(reset_token=token).count() == 0: if models.UserProfile.objects.filter(reset_code=code).count() == 0:
break break
user_profile = user.get_profile() user_profile = user.get_profile()
user_profile.reset_token = token user_profile.reset_code = code
user_profile.save() user_profile.save()
template = loader.get_template('password_reset_email.txt') template = loader.get_template('password_reset_email.txt')
context = RequestContext(request, { context = RequestContext(request, {
'url': request.build_absolute_uri("/"), 'url': request.build_absolute_uri("/"),
'token': token, 'code': code,
'sitename': settings.SITENAME, 'sitename': settings.SITENAME,
}) })
message = template.render(context) message = template.render(context)

View file

@ -27,7 +27,7 @@ pandora.autovalidateListname = function(value, blur, callback) {
while (value.indexOf(v) > -1) { while (value.indexOf(v) > -1) {
value = value.replace(new RegExp(v, 'g'), v[0] + (v[0] == '\\' ? v[1] : '')); value = value.replace(new RegExp(v, 'g'), v[0] + (v[0] == '\\' ? v[1] : ''));
} }
}) });
callback(value); callback(value);
}; };
@ -44,7 +44,7 @@ pandora.autovalidateUsername = function(value, blur, callback) {
while (value.indexOf(v) > -1) { while (value.indexOf(v) > -1) {
value = value.replace(new RegExp(v, 'g'), v[0]); value = value.replace(new RegExp(v, 'g'), v[0]);
} }
}) });
callback(value); callback(value);
}; };

View file

@ -71,10 +71,11 @@ pandora.ui.accountDialogOptions = function(action, value) {
}); });
} }
} }
return { return {
buttons: Ox.merge(buttons[action].map(function(type) { buttons: Ox.merge(buttons[action].map(function(type) {
return button(type); return button(type);
}), [{}, button('cancel'), button('submit')]), }), [button('cancel'), button('submit')]),
content: Ox.Element() content: Ox.Element()
.append( .append(
$('<img>') $('<img>')
@ -162,11 +163,11 @@ pandora.ui.accountForm = function(action, value) {
pandora.api.resetPassword(data, function(result) { pandora.api.resetPassword(data, function(result) {
if (!result.data.errors) { if (!result.data.errors) {
pandora.$ui.accountDialog.close(); pandora.$ui.accountDialog.close();
pandora.login(result.data); pandora.signin(result.data);
} else { } else {
callback([{id: 'code', message: 'Incorrect code'}]); callback([{id: 'code', message: 'Incorrect code'}]);
} }
}) });
} }
} }
}).bindEvent({ }).bindEvent({