forked from 0x2620/pandora
fix password reset
This commit is contained in:
parent
d60a3d74e1
commit
e2a76470ae
5 changed files with 20 additions and 18 deletions
|
@ -16,7 +16,7 @@ from itemlist.models import List, Position
|
||||||
|
|
||||||
|
|
||||||
class UserProfile(models.Model):
|
class UserProfile(models.Model):
|
||||||
reset_token = models.TextField(blank=True, null=True, unique=True)
|
reset_code = models.TextField(blank=True, null=True, unique=True)
|
||||||
user = models.ForeignKey(User, unique=True, related_name='profile')
|
user = models.ForeignKey(User, unique=True, related_name='profile')
|
||||||
|
|
||||||
level = models.IntegerField(default=1)
|
level = models.IntegerField(default=1)
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
To reset your password, please use the following token:
|
To reset your password, please use the following code:
|
||||||
|
|
||||||
{{token}}
|
{{code}}
|
||||||
|
|
||||||
If you do not want to reset your password, no further action is required.
|
If you do not want to reset your password, no further action is required.
|
||||||
|
|
||||||
|
|
|
@ -191,15 +191,16 @@ actions.register(signup, cache=False)
|
||||||
def resetPassword(request):
|
def resetPassword(request):
|
||||||
'''
|
'''
|
||||||
param data {
|
param data {
|
||||||
token: reset token
|
username: username,
|
||||||
password: new password
|
password: new password
|
||||||
|
code: reset code
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
status: {'code': int, 'text': string}
|
status: {'code': int, 'text': string}
|
||||||
data: {
|
data: {
|
||||||
errors: {
|
errors: {
|
||||||
token: 'Invalid token'
|
code: 'Invalid Code'
|
||||||
}
|
}
|
||||||
user {
|
user {
|
||||||
}
|
}
|
||||||
|
@ -207,7 +208,7 @@ def resetPassword(request):
|
||||||
}
|
}
|
||||||
'''
|
'''
|
||||||
data = json.loads(request.POST['data'])
|
data = json.loads(request.POST['data'])
|
||||||
if 'token' in data and 'password' in data:
|
if 'code' in data and 'password' in data:
|
||||||
if not data['password']:
|
if not data['password']:
|
||||||
response = json_response({
|
response = json_response({
|
||||||
'errors': {
|
'errors': {
|
||||||
|
@ -215,13 +216,13 @@ def resetPassword(request):
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
else:
|
else:
|
||||||
qs = models.UserProfile.objects.filter(reset_token=data['token'])
|
qs = models.UserProfile.objects.filter(reset_code=data['code'])
|
||||||
if qs.count() == 1:
|
if qs.count() == 1:
|
||||||
user = qs[0].user
|
user = qs[0].user
|
||||||
user.set_password(data['password'])
|
user.set_password(data['password'])
|
||||||
user.save()
|
user.save()
|
||||||
user_profile = user.get_profile()
|
user_profile = user.get_profile()
|
||||||
user_profile.reset_token = None
|
user_profile.reset_code = None
|
||||||
user_profile.save()
|
user_profile.save()
|
||||||
user = authenticate(username=user.username, password=data['password'])
|
user = authenticate(username=user.username, password=data['password'])
|
||||||
login(request, user)
|
login(request, user)
|
||||||
|
@ -233,7 +234,7 @@ def resetPassword(request):
|
||||||
else:
|
else:
|
||||||
response = json_response({
|
response = json_response({
|
||||||
'errors': {
|
'errors': {
|
||||||
'token': 'Invalid token'
|
'code': 'Invalid code'
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -275,17 +276,17 @@ def requestToken(request):
|
||||||
user = None
|
user = None
|
||||||
if user:
|
if user:
|
||||||
while True:
|
while True:
|
||||||
token = ox.to26(random.randint(32768, 1048575))
|
code = ox.to26(random.randint(32768, 1048575))
|
||||||
if models.UserProfile.objects.filter(reset_token=token).count() == 0:
|
if models.UserProfile.objects.filter(reset_code=code).count() == 0:
|
||||||
break
|
break
|
||||||
user_profile = user.get_profile()
|
user_profile = user.get_profile()
|
||||||
user_profile.reset_token = token
|
user_profile.reset_code = code
|
||||||
user_profile.save()
|
user_profile.save()
|
||||||
|
|
||||||
template = loader.get_template('password_reset_email.txt')
|
template = loader.get_template('password_reset_email.txt')
|
||||||
context = RequestContext(request, {
|
context = RequestContext(request, {
|
||||||
'url': request.build_absolute_uri("/"),
|
'url': request.build_absolute_uri("/"),
|
||||||
'token': token,
|
'code': code,
|
||||||
'sitename': settings.SITENAME,
|
'sitename': settings.SITENAME,
|
||||||
})
|
})
|
||||||
message = template.render(context)
|
message = template.render(context)
|
||||||
|
|
|
@ -27,7 +27,7 @@ pandora.autovalidateListname = function(value, blur, callback) {
|
||||||
while (value.indexOf(v) > -1) {
|
while (value.indexOf(v) > -1) {
|
||||||
value = value.replace(new RegExp(v, 'g'), v[0] + (v[0] == '\\' ? v[1] : ''));
|
value = value.replace(new RegExp(v, 'g'), v[0] + (v[0] == '\\' ? v[1] : ''));
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
callback(value);
|
callback(value);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -44,7 +44,7 @@ pandora.autovalidateUsername = function(value, blur, callback) {
|
||||||
while (value.indexOf(v) > -1) {
|
while (value.indexOf(v) > -1) {
|
||||||
value = value.replace(new RegExp(v, 'g'), v[0]);
|
value = value.replace(new RegExp(v, 'g'), v[0]);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
callback(value);
|
callback(value);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -71,10 +71,11 @@ pandora.ui.accountDialogOptions = function(action, value) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
buttons: Ox.merge(buttons[action].map(function(type) {
|
buttons: Ox.merge(buttons[action].map(function(type) {
|
||||||
return button(type);
|
return button(type);
|
||||||
}), [{}, button('cancel'), button('submit')]),
|
}), [button('cancel'), button('submit')]),
|
||||||
content: Ox.Element()
|
content: Ox.Element()
|
||||||
.append(
|
.append(
|
||||||
$('<img>')
|
$('<img>')
|
||||||
|
@ -162,11 +163,11 @@ pandora.ui.accountForm = function(action, value) {
|
||||||
pandora.api.resetPassword(data, function(result) {
|
pandora.api.resetPassword(data, function(result) {
|
||||||
if (!result.data.errors) {
|
if (!result.data.errors) {
|
||||||
pandora.$ui.accountDialog.close();
|
pandora.$ui.accountDialog.close();
|
||||||
pandora.login(result.data);
|
pandora.signin(result.data);
|
||||||
} else {
|
} else {
|
||||||
callback([{id: 'code', message: 'Incorrect code'}]);
|
callback([{id: 'code', message: 'Incorrect code'}]);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}).bindEvent({
|
}).bindEvent({
|
||||||
|
|
Loading…
Reference in a new issue