/django/contrib/auth/forms.py
Python | 227 lines | 218 code | 6 blank | 3 comment | 4 complexity | 0fc27a6034ed8eed199048d0d6278dfd MD5 | raw file
- from django import forms
- from django.template import Context, loader
- from django.utils.http import int_to_base36
- from django.utils.itercompat import any
- from django.utils.translation import ugettext_lazy as _
- from django.contrib.auth.models import User, UNUSABLE_PASSWORD
- from django.contrib.auth import authenticate
- from django.contrib.auth.tokens import default_token_generator
- from django.contrib.sites.models import get_current_site
- class UserCreationForm(forms.ModelForm):
- """
- A form that creates a user, with no privileges, from the given username and password.
- """
- username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^[\w.@+-]+$',
- help_text = _("Required. 30 characters or fewer. Letters, digits and @/./+/-/_ only."),
- error_messages = {'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")})
- password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
- password2 = forms.CharField(label=_("Password confirmation"), widget=forms.PasswordInput,
- help_text = _("Enter the same password as above, for verification."))
- class Meta:
- model = User
- fields = ("username",)
- def clean_username(self):
- username = self.cleaned_data["username"]
- try:
- User.objects.get(username=username)
- except User.DoesNotExist:
- return username
- raise forms.ValidationError(_("A user with that username already exists."))
- def clean_password2(self):
- password1 = self.cleaned_data.get("password1", "")
- password2 = self.cleaned_data["password2"]
- if password1 != password2:
- raise forms.ValidationError(_("The two password fields didn't match."))
- return password2
- def save(self, commit=True):
- user = super(UserCreationForm, self).save(commit=False)
- user.set_password(self.cleaned_data["password1"])
- if commit:
- user.save()
- return user
- class UserChangeForm(forms.ModelForm):
- username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^[\w.@+-]+$',
- help_text = _("Required. 30 characters or fewer. Letters, digits and @/./+/-/_ only."),
- error_messages = {'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")})
- class Meta:
- model = User
- def __init__(self, *args, **kwargs):
- super(UserChangeForm, self).__init__(*args, **kwargs)
- f = self.fields.get('user_permissions', None)
- if f is not None:
- f.queryset = f.queryset.select_related('content_type')
- class AuthenticationForm(forms.Form):
- """
- Base class for authenticating users. Extend this to get a form that accepts
- username/password logins.
- """
- username = forms.CharField(label=_("Username"), max_length=30)
- password = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
- def __init__(self, request=None, *args, **kwargs):
- """
- If request is passed in, the form will validate that cookies are
- enabled. Note that the request (a HttpRequest object) must have set a
- cookie with the key TEST_COOKIE_NAME and value TEST_COOKIE_VALUE before
- running this validation.
- """
- self.request = request
- self.user_cache = None
- super(AuthenticationForm, self).__init__(*args, **kwargs)
- def clean(self):
- username = self.cleaned_data.get('username')
- password = self.cleaned_data.get('password')
- if username and password:
- self.user_cache = authenticate(username=username, password=password)
- if self.user_cache is None:
- raise forms.ValidationError(_("Please enter a correct username and password. Note that both fields are case-sensitive."))
- elif not self.user_cache.is_active:
- raise forms.ValidationError(_("This account is inactive."))
- self.check_for_test_cookie()
- return self.cleaned_data
- def check_for_test_cookie(self):
- if self.request and not self.request.session.test_cookie_worked():
- raise forms.ValidationError(
- _("Your Web browser doesn't appear to have cookies enabled. "
- "Cookies are required for logging in."))
- def get_user_id(self):
- if self.user_cache:
- return self.user_cache.id
- return None
- def get_user(self):
- return self.user_cache
- class PasswordResetForm(forms.Form):
- email = forms.EmailField(label=_("E-mail"), max_length=75)
- def clean_email(self):
- """
- Validates that an active user exists with the given email address.
- """
- email = self.cleaned_data["email"]
- self.users_cache = User.objects.filter(
- email__iexact=email,
- is_active=True)
- if not len(self.users_cache):
- raise forms.ValidationError(_("That e-mail address doesn't have an associated user account. Are you sure you've registered?"))
- if any((user.password == UNUSABLE_PASSWORD) for user in self.users_cache):
- raise forms.ValidationError(_("The user account associated with this e-mail address cannot reset the password."))
- return email
- def save(self, domain_override=None,
- subject_template_name='registration/password_reset_subject.txt',
- email_template_name='registration/password_reset_email.html',
- use_https=False, token_generator=default_token_generator,
- from_email=None, request=None):
- """
- Generates a one-use only link for resetting password and sends to the user
- """
- from django.core.mail import send_mail
- for user in self.users_cache:
- if not domain_override:
- current_site = get_current_site(request)
- site_name = current_site.name
- domain = current_site.domain
- else:
- site_name = domain = domain_override
- c = {
- 'email': user.email,
- 'domain': domain,
- 'site_name': site_name,
- 'uid': int_to_base36(user.id),
- 'user': user,
- 'token': token_generator.make_token(user),
- 'protocol': use_https and 'https' or 'http',
- }
- subject = loader.render_to_string(subject_template_name, c)
- # Email subject *must not* contain newlines
- subject = ''.join(subject.splitlines())
- email = loader.render_to_string(email_template_name, c)
- send_mail(subject, email, from_email, [user.email])
- class SetPasswordForm(forms.Form):
- """
- A form that lets a user change set his/her password without
- entering the old password
- """
- new_password1 = forms.CharField(label=_("New password"), widget=forms.PasswordInput)
- new_password2 = forms.CharField(label=_("New password confirmation"), widget=forms.PasswordInput)
- def __init__(self, user, *args, **kwargs):
- self.user = user
- super(SetPasswordForm, self).__init__(*args, **kwargs)
- def clean_new_password2(self):
- password1 = self.cleaned_data.get('new_password1')
- password2 = self.cleaned_data.get('new_password2')
- if password1 and password2:
- if password1 != password2:
- raise forms.ValidationError(_("The two password fields didn't match."))
- return password2
- def save(self, commit=True):
- self.user.set_password(self.cleaned_data['new_password1'])
- if commit:
- self.user.save()
- return self.user
- class PasswordChangeForm(SetPasswordForm):
- """
- A form that lets a user change his/her password by entering
- their old password.
- """
- old_password = forms.CharField(label=_("Old password"), widget=forms.PasswordInput)
- def clean_old_password(self):
- """
- Validates that the old_password field is correct.
- """
- old_password = self.cleaned_data["old_password"]
- if not self.user.check_password(old_password):
- raise forms.ValidationError(_("Your old password was entered incorrectly. Please enter it again."))
- return old_password
- PasswordChangeForm.base_fields.keyOrder = ['old_password', 'new_password1', 'new_password2']
- class AdminPasswordChangeForm(forms.Form):
- """
- A form used to change the password of a user in the admin interface.
- """
- password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
- password2 = forms.CharField(label=_("Password (again)"), widget=forms.PasswordInput)
- def __init__(self, user, *args, **kwargs):
- self.user = user
- super(AdminPasswordChangeForm, self).__init__(*args, **kwargs)
- def clean_password2(self):
- password1 = self.cleaned_data.get('password1')
- password2 = self.cleaned_data.get('password2')
- if password1 and password2:
- if password1 != password2:
- raise forms.ValidationError(_("The two password fields didn't match."))
- return password2
- def save(self, commit=True):
- """
- Saves the new password.
- """
- self.user.set_password(self.cleaned_data["password1"])
- if commit:
- self.user.save()
- return self.user