From 8b27710266d7310409253bcfce307fa7ed4f7f20 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Fri, 9 Aug 2019 23:12:56 +0200 Subject: [PATCH] Send password init mail --- users/admin.py | 19 +++++++ users/locale/fr/LC_MESSAGES/django.po | 50 ++++++++++++----- users/templates/users/email_passwd_request | 15 ----- users/urls.py | 1 - users/views.py | 65 +--------------------- 5 files changed, 58 insertions(+), 92 deletions(-) delete mode 100644 users/templates/users/email_passwd_request diff --git a/users/admin.py b/users/admin.py index c043ea3..05db80a 100644 --- a/users/admin.py +++ b/users/admin.py @@ -3,7 +3,9 @@ # SPDX-License-Identifier: GPL-3.0-or-later from django.contrib import admin +from django.contrib import messages from django.contrib.auth.admin import UserAdmin as BaseUserAdmin +from django.contrib.auth.forms import PasswordResetForm from django.core.urlresolvers import reverse from django.utils.html import format_html from django.utils.translation import ugettext_lazy as _ @@ -72,6 +74,23 @@ class UserAdmin(VersionAdmin, BaseUserAdmin): }), ) + def save_model(self, request, obj, form, change): + """ + On creation, send a password init mail + """ + super().save_model(request, obj, form, change) + + if not change: + # Virtually fill the password reset form + password_reset = PasswordResetForm(data={'email': obj.email}) + if password_reset.is_valid(): + password_reset.save(request=request, + use_https=request.is_secure()) + messages.success(request, _("An email to set the password" + " was sent.")) + else: + messages.error(request, _("The email is invalid.")) + def is_adherent(self, obj): """ Get current membership year and check if user is there diff --git a/users/locale/fr/LC_MESSAGES/django.po b/users/locale/fr/LC_MESSAGES/django.po index 8adfbd5..7823a41 100644 --- a/users/locale/fr/LC_MESSAGES/django.po +++ b/users/locale/fr/LC_MESSAGES/django.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2019-08-08 13:02+0200\n" +"POT-Creation-Date: 2019-08-09 23:09+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -13,30 +13,50 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -#: admin.py:34 +#: admin.py:32 msgid "adherent status" msgstr "statut adhérent" -#: admin.py:39 +#: admin.py:37 msgid "Yes" msgstr "" -#: admin.py:55 +#: admin.py:54 msgid "Personal info" msgstr "" -#: admin.py:57 +#: admin.py:56 msgid "Permissions" msgstr "" -#: admin.py:60 +#: admin.py:59 msgid "Important dates" msgstr "" -#: admin.py:75 +#: admin.py:89 +msgid "An email to set the password was sent." +msgstr "Un mail pour initialiser le mot de passe a été envoyé." + +#: admin.py:92 +msgid "The email is invalid." +msgstr "L'adresse mail est invalide." + +#: admin.py:111 +msgid "Adhere" +msgstr "Adhérer" + +#: admin.py:114 msgid "is adherent" msgstr "statut adhérent" +#: admin.py:122 +msgid "Register borrowed item" +msgstr "Enregistrer emprunt" + +#: admin.py:125 +msgid "actions" +msgstr "actions" + #: models.py:18 msgid "phone number" msgstr "numéro de téléphone" @@ -53,18 +73,22 @@ msgstr "emprunts maximal" msgid "Maximal amount of simultaneous borrowed item authorized." msgstr "Nombre maximal d'objets empruntés en même temps." -#: models.py:35 +#: models.py:36 msgid "comment" msgstr "commentaire" -#: models.py:36 +#: models.py:37 msgid "Promotion..." msgstr "" -#: models.py:96 -msgid "right" +#: templates/users/user.html:40 +msgid "Change password" msgstr "" -#: models.py:97 -msgid "rights" +#: templates/users/user.html:49 +msgid "Save" msgstr "" + +#: views.py:40 +msgid "Edit user profile" +msgstr "Editer le profil utilisateur" diff --git a/users/templates/users/email_passwd_request b/users/templates/users/email_passwd_request deleted file mode 100644 index 7a8d900..0000000 --- a/users/templates/users/email_passwd_request +++ /dev/null @@ -1,15 +0,0 @@ -Bonjour {{ name }}, - -Vous trouverez ci-dessous une url permetant d'initialiser ou de reinitialiser votre -compte {{ site_name }}. Celui-ci vous permet de gérer l'ensemble de vos emprunts, -consulter les ouvrages disponibles, et les services proposés par la {{ asso }}. - - {{ url }} - -Contactez les administrateurs si vous n'êtes pas à l'origine de cette requête. - -Ce lien expirera dans {{ expire_in }}. - -Cordialement, - -L'équipe de {{ asso }} {{ asso_mail }}. diff --git a/users/urls.py b/users/urls.py index 0a44a03..00fb9e5 100644 --- a/users/urls.py +++ b/users/urls.py @@ -10,5 +10,4 @@ app_name = 'users' urlpatterns = [ url(r'^edit_info/$', views.edit_info, name='edit-info'), url(r'^adherer/(?P[0-9]+)$', views.adherer, name='adherer'), - url(r'^process/(?P[a-z0-9]{32})/$', views.process, name='process'), ] diff --git a/users/views.py b/users/views.py index f095e9d..12ccfd5 100644 --- a/users/views.py +++ b/users/views.py @@ -4,21 +4,14 @@ from django.contrib import messages from django.contrib.auth.decorators import login_required, permission_required -from django.core.mail import send_mail -from django.core.urlresolvers import reverse from django.db import transaction -from django.shortcuts import get_object_or_404, redirect, render -from django.template import loader +from django.shortcuts import redirect, render from django.template.context_processors import csrf -from django.utils import timezone from django.utils.translation import ugettext_lazy as _ from reversion import revisions as reversion -from med.settings import ASSO_EMAIL, ASSO_NAME, EMAIL_FROM, \ - REQ_EXPIRE_STR from users.forms import BaseInfoForm -from users.forms import PassForm -from users.models import Adhesion, Request, User +from users.models import Adhesion, User def form(ctx, template, request): @@ -27,41 +20,6 @@ def form(ctx, template, request): return render(request, template, c) -def password_change_action(u_form, user, request, req=False): - """ Fonction qui effectue le changeemnt de mdp bdd""" - if u_form.cleaned_data['passwd1'] != u_form.cleaned_data['passwd2']: - messages.error(request, "Les 2 mots de passe différent") - return form({'userform': u_form}, 'users/user.html', request) - user.set_password(u_form.cleaned_data['passwd1']) - with transaction.atomic(), reversion.create_revision(): - user.save() - reversion.set_comment("Réinitialisation du mot de passe") - messages.success(request, "Le mot de passe a changé") - if req: - req.delete() - return redirect("/") - return redirect("/") - - -def reset_passwd_mail(req, request): - """ - Envoie un mail de réinitialisation de mot de passe - """ - t = loader.get_template('users/email_passwd_request') - c = { - 'name': str(req.user.first_name) + ' ' + str(req.user.last_name), - 'asso': ASSO_NAME, - 'asso_mail': ASSO_EMAIL, - 'site_name': 'Mediatek', - 'url': request.build_absolute_uri( - reverse('users:process', kwargs={'token': req.token})), - 'expire_in': REQ_EXPIRE_STR, - } - send_mail('Votre compte Mediatek', t.render(c), - EMAIL_FROM, [req.user.email], fail_silently=False) - return - - @login_required def edit_info(request): """ @@ -99,22 +57,3 @@ def adherer(request, userid): reversion.set_comment("Adhesion de %s" % users) messages.success(request, "Adhesion effectuee") return redirect("/") - - -def process(request, token): - valid_reqs = Request.objects.filter(expires_at__gt=timezone.now()) - req = get_object_or_404(valid_reqs, token=token) - - if req.type == Request.PASSWD: - return process_passwd(request, req) - else: - messages.error(request, "Entrée incorrecte, contactez un admin") - redirect("/") - - -def process_passwd(request, req): - u_form = PassForm(request.POST or None) - user = req.user - if u_form.is_valid(): - return password_change_action(u_form, user, request, req=req) - return form({'form': u_form}, 'users/user.html', request)