Browse Source

parameter for enabling and disabling password recovery + allow superuser password recovery and registration

master
Dirk Alders 2 months ago
parent
commit
a50e55daf1
4 changed files with 72 additions and 57 deletions
  1. 3
    0
      README.md
  2. 40
    38
      context.py
  3. 5
    0
      parameter.py
  4. 24
    19
      views.py

+ 3
- 0
README.md View File

@@ -36,6 +36,9 @@ All parameters can be added in the django ```settings.py``` or in a ```config.py
36 36
 #### USERS_SELF_REGISTRATION
37 37
 This parameter can be ```True``` or ```False```. It enables or disables the self registration.
38 38
 
39
+#### USERS_PASSWORD_RECOVERY
40
+This parameter can be ```True``` or ```False```. It enables or disables the password recovery.
41
+
39 42
 #### USERS_MAIL_VALIDATION
40 43
 This parameter can be ```True``` or ```False```. It enables or disables the mail validation after self registration.
41 44
 

+ 40
- 38
context.py View File

@@ -33,71 +33,73 @@ def menubar(bar, request):
33 33
 
34 34
 def actionbar(bar, request):
35 35
     bar.append_entry(*login_entry_parameters(request, left=True))
36
-    bar.append_entry(*recover_entry_parameters(request, left=True))
37
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
36
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
37
+        bar.append_entry(*recover_entry_parameters(request, left=True))
38
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
38 39
         bar.append_entry(*register_entry_parameters(request, left=True))
39 40
 
40 41
 
41 42
 def login_entry_parameters(request, left=False):
42 43
     return (
43
-        LOGIN_ENTRY_UID,                            # uid
44
-        _('Login'),                                 # name
45
-        color_icon_url(request, 'login.png'),       # icon
46
-        url_login(request),                         # url
47
-        left,                                       # left
48
-        request.path == url_login(request, True)    # active
44
+        LOGIN_ENTRY_UID,                                # uid
45
+        _('Login'),                                     # name
46
+        color_icon_url(request, 'login.png'),           # icon
47
+        url_login(request),                             # url
48
+        left,                                           # left
49
+        request.path == url_login(request, True)        # active
49 50
     )
50 51
 
51 52
 
52 53
 def recover_entry_parameters(request, left=False):
53 54
     return (
54
-        RECOVER_ENTRY_UID,                          # uid
55
-        _('Recover'),                               # name
56
-        color_icon_url(request, 'recover.png'),     # icon
57
-        url_recover(request),                       # url
58
-        left,                                       # left
59
-        request.path == url_recover(request, True)  # active
55
+        RECOVER_ENTRY_UID,                              # uid
56
+        _('Recover'),                                   # name
57
+        color_icon_url(request, 'recover.png'),         # icon
58
+        url_recover(request),                           # url
59
+        left,                                           # left
60
+        request.path == url_recover(request, True)      # active
60 61
     )
61 62
 
63
+
62 64
 def register_entry_parameters(request, left=False):
63 65
     return (
64
-        REGISTER_ENTRY_UID,                         # uid
65
-        _('Register'),                              # name
66
-        color_icon_url(request, 'register.png'),    # icon
67
-        url_register(request),                      # url
68
-        left,                                       # left
69
-        request.path == url_register(request, True) # active
66
+        REGISTER_ENTRY_UID,                             # uid
67
+        _('Register'),                                  # name
68
+        color_icon_url(request, 'register.png'),        # icon
69
+        url_register(request),                          # url
70
+        left,                                           # left
71
+        request.path == url_register(request, True)     # active
70 72
     )
71 73
 
72 74
 
73 75
 def logout_entry_parameters(request):
74 76
     return (
75
-        LOGOUT_ENTRY_UID,                           # uid
76
-        _('Logout'),                                # name
77
-        color_icon_url(request, 'logout.png'),      # icon
78
-        url_logout(request),                        # url
79
-        False,                                      # left
80
-        False,                                      # active
77
+        LOGOUT_ENTRY_UID,                               # uid
78
+        _('Logout'),                                    # name
79
+        color_icon_url(request, 'logout.png'),          # icon
80
+        url_logout(request),                            # url
81
+        False,                                          # left
82
+        False,                                          # active
81 83
     )
82 84
 
83 85
 
84 86
 def admin_entry_parameters(request):
85 87
     return (
86
-        ADMIN_ENTRY_UID,                            # uid
87
-        _('Administration'),                        # name
88
-        color_icon_url(request, 'admin.png'),       # icon
89
-        reverse('admin:index'),                     # url
90
-        False,                                      # left
91
-        False                                       # active
88
+        ADMIN_ENTRY_UID,                                # uid
89
+        _('Administration'),                            # name
90
+        color_icon_url(request, 'admin.png'),           # icon
91
+        reverse('admin:index'),                         # url
92
+        False,                                          # left
93
+        False                                           # active
92 94
     )
93 95
 
94 96
 
95 97
 def profile_entry_parameters(request):
96 98
     return (
97
-        PROFILE_ENTRY_UID,                          # uid
98
-        request.user.username,                      # name
99
-        color_icon_url(request, 'user.png'),        # icon
100
-        url_profile(request),                       # url
101
-        False,                                      # left
102
-        request.path == url_profile(request, True)  # active
99
+        PROFILE_ENTRY_UID,                              # uid
100
+        request.user.username,                          # name
101
+        color_icon_url(request, 'user.png'),            # icon
102
+        url_profile(request),                           # url
103
+        False,                                          # left
104
+        request.path == url_profile(request, True)      # active
103 105
     )

+ 5
- 0
parameter.py View File

@@ -4,6 +4,8 @@ from django.utils.translation import gettext as _
4 4
 import importlib
5 5
 
6 6
 USERS_SELF_REGISTRATION = "USERS_SELF_REGISTRATION"
7
+USERS_PASSWORD_RECOVERY = 'USERS_PASSWORD_RECOVERY'
8
+
7 9
 USERS_MAIL_VALIDATION = "USERS_MAIL_VALIDATION"
8 10
 USERS_ADMIN_ACTIVATION = "USERS_ADMIN_ACTIVATION"
9 11
 
@@ -12,11 +14,13 @@ USERS_PROFILE_ADDITIONS = "USERS_PROFILE_ADDITIONS"
12 14
 
13 15
 DEFAULTS = {
14 16
     USERS_SELF_REGISTRATION: False,
17
+    USERS_PASSWORD_RECOVERY: False,
15 18
     USERS_MAIL_VALIDATION: True,
16 19
     USERS_ADMIN_ACTIVATION: True,
17 20
     USERS_PROFILE_ADDITIONS: {},
18 21
 }
19 22
 
23
+
20 24
 def __get_object_by_name__(object_name):
21 25
     class_data = object_name.split(".")
22 26
     module_path = ".".join(class_data[:-1])
@@ -25,6 +29,7 @@ def __get_object_by_name__(object_name):
25 29
     module = importlib.import_module(module_path)
26 30
     return getattr(module, class_str)
27 31
 
32
+
28 33
 def get(key):
29 34
     # take data from config, settings or defaults
30 35
     try:

+ 24
- 19
views.py View File

@@ -59,30 +59,36 @@ def profile(request):
59 59
     )
60 60
     return render(request, 'users/profile.html', context=context)
61 61
 
62
+
62 63
 def recover(request):
63 64
     context = Context(request)      # needs to be executed first because of time mesurement
64
-    context_adaption(context, request, _('Password Recovery'))
65
-    if not request.POST:
66
-        form = PasswordRecoverForm(request)
67
-    else:
68
-        username = request.POST.get("username")
69
-        try:
70
-            user = User.objects.get(username=username)
71
-        except User.DoesNotExist:
72
-            pass # hide non existing user (just do nothing)
65
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
66
+        context_adaption(context, request, _('Password Recovery'))
67
+        if not request.POST:
68
+            form = PasswordRecoverForm(request)
73 69
         else:
74
-            profile = get_userprofile(user)
75
-            if profile.mail_validated:
76
-                emails.send_recover_mail(user, request)
77
-        #
78
-        messages.info(request, _("If the user exists, you will get a reover email."))
79
-        return redirect("users-login")
80
-    context['form'] = form
81
-    return render(request, 'users/recover.html', context)
70
+            username = request.POST.get("username")
71
+            try:
72
+                user = User.objects.get(username=username)
73
+            except User.DoesNotExist:
74
+                pass  # hide non existing user (just do nothing)
75
+            else:
76
+                profile = get_userprofile(user)
77
+                if profile.mail_validated:
78
+                    emails.send_recover_mail(user, request)
79
+            #
80
+            messages.info(request, _("If the user exists, you will get a reover email."))
81
+            return redirect("users-login")
82
+        context['form'] = form
83
+        return render(request, 'users/recover.html', context)
84
+    else:
85
+        messages.info(request, _("Password recovery is deactivated. Contact your system administrator."))
86
+        return redirect('users-login')
87
+
82 88
 
83 89
 def register(request):
84 90
     context = Context(request)      # needs to be executed first because of time mesurement
85
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
91
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
86 92
         context_adaption(context, request, _('Register'))
87 93
         if not request.POST:
88 94
             form = UserRegistrationForm()
@@ -251,7 +257,6 @@ def activate(request, pk):
251 257
 
252 258
 def recover_token(request, uidb64, token):
253 259
     context = Context(request)      # needs to be executed first because of time mesurement
254
-    print(settings.PASSWORD_RESET_TIMEOUT)
255 260
     try:
256 261
         uid = force_str(urlsafe_base64_decode(uidb64))
257 262
     except (TypeError, ValueError, OverflowError, User.DoesNotExist):

Loading…
Cancel
Save