parameter for enabling and disabling password recovery + allow superuser password recovery and registration

README.md

@@ -36,6 +36,9 @@ All parameters can be added in the django ```settings.py``` or in a ```config.py
 #### USERS_SELF_REGISTRATION
 This parameter can be ```True``` or ```False```. It enables or disables the self registration.
 
+#### USERS_PASSWORD_RECOVERY
+This parameter can be ```True``` or ```False```. It enables or disables the password recovery.
+
 #### USERS_MAIL_VALIDATION
 This parameter can be ```True``` or ```False```. It enables or disables the mail validation after self registration.
 

context.py

@@ -33,8 +33,9 @@ def menubar(bar, request):
 
 def actionbar(bar, request):
     bar.append_entry(*login_entry_parameters(request, left=True))
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
         bar.append_entry(*recover_entry_parameters(request, left=True))
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
         bar.append_entry(*register_entry_parameters(request, left=True))
 
 
@@ -59,6 +60,7 @@ def recover_entry_parameters(request, left=False):
         request.path == url_recover(request, True)      # active
     )
 
+
 def register_entry_parameters(request, left=False):
     return (
         REGISTER_ENTRY_UID,                             # uid

parameter.py

@@ -4,6 +4,8 @@ from django.utils.translation import gettext as _
 import importlib
 
 USERS_SELF_REGISTRATION = "USERS_SELF_REGISTRATION"
+USERS_PASSWORD_RECOVERY = 'USERS_PASSWORD_RECOVERY'
+
 USERS_MAIL_VALIDATION = "USERS_MAIL_VALIDATION"
 USERS_ADMIN_ACTIVATION = "USERS_ADMIN_ACTIVATION"
 
@@ -12,11 +14,13 @@ USERS_PROFILE_ADDITIONS = "USERS_PROFILE_ADDITIONS"
 
 DEFAULTS = {
     USERS_SELF_REGISTRATION: False,
+    USERS_PASSWORD_RECOVERY: False,
     USERS_MAIL_VALIDATION: True,
     USERS_ADMIN_ACTIVATION: True,
     USERS_PROFILE_ADDITIONS: {},
 }
 
+
 def __get_object_by_name__(object_name):
     class_data = object_name.split(".")
     module_path = ".".join(class_data[:-1])
@@ -25,6 +29,7 @@ def __get_object_by_name__(object_name):
     module = importlib.import_module(module_path)
     return getattr(module, class_str)
 
+
 def get(key):
     # take data from config, settings or defaults
     try:

views.py

@@ -59,8 +59,10 @@ def profile(request):
     )
     return render(request, 'users/profile.html', context=context)
 
+
 def recover(request):
     context = Context(request)      # needs to be executed first because of time mesurement
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
         context_adaption(context, request, _('Password Recovery'))
         if not request.POST:
             form = PasswordRecoverForm(request)
@@ -79,10 +81,14 @@ def recover(request):
             return redirect("users-login")
         context['form'] = form
         return render(request, 'users/recover.html', context)
+    else:
+        messages.info(request, _("Password recovery is deactivated. Contact your system administrator."))
+        return redirect('users-login')
+
 
 def register(request):
     context = Context(request)      # needs to be executed first because of time mesurement
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
         context_adaption(context, request, _('Register'))
         if not request.POST:
             form = UserRegistrationForm()
@@ -251,7 +257,6 @@ def activate(request, pk):
 
 def recover_token(request, uidb64, token):
     context = Context(request)      # needs to be executed first because of time mesurement
-    print(settings.PASSWORD_RESET_TIMEOUT)
     try:
         uid = force_str(urlsafe_base64_decode(uidb64))
     except (TypeError, ValueError, OverflowError, User.DoesNotExist):