django_lib/users
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

parameter for enabling and disabling password recovery + allow superuser password recovery and registration

Browse Source
This commit is contained in:
Dirk Alders 2024-11-09 13:35:16 +01:00
parent 12526f44d7
commit a50e55daf1
4 changed files with 72 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -36,6 +36,9 @@ All parameters can be added in the django ```settings.py``` or in a ```config.py
#### USERS_SELF_REGISTRATION #### USERS_SELF_REGISTRATION
This parameter can be ```True``` or ```False```. It enables or disables the self registration. This parameter can be ```True``` or ```False```. It enables or disables the self registration.
#### USERS_PASSWORD_RECOVERY
This parameter can be ```True``` or ```False```. It enables or disables the password recovery.
#### USERS_MAIL_VALIDATION #### USERS_MAIL_VALIDATION
This parameter can be ```True``` or ```False```. It enables or disables the mail validation after self registration. This parameter can be ```True``` or ```False```. It enables or disables the mail validation after self registration.

78
context.py
View File

@ -33,71 +33,73 @@ def menubar(bar, request):
def actionbar(bar, request): def actionbar(bar, request):
bar.append_entry(*login_entry_parameters(request, left=True)) bar.append_entry(*login_entry_parameters(request, left=True))
bar.append_entry(*recover_entry_parameters(request, left=True)) if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
if parameter.get(parameter.USERS_SELF_REGISTRATION): bar.append_entry(*recover_entry_parameters(request, left=True))
if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
bar.append_entry(*register_entry_parameters(request, left=True)) bar.append_entry(*register_entry_parameters(request, left=True))
def login_entry_parameters(request, left=False): def login_entry_parameters(request, left=False):
return ( return (
LOGIN_ENTRY_UID, # uid LOGIN_ENTRY_UID, # uid
_('Login'), # name _('Login'), # name
color_icon_url(request, 'login.png'), # icon color_icon_url(request, 'login.png'), # icon
url_login(request), # url url_login(request), # url
left, # left left, # left
request.path == url_login(request, True) # active request.path == url_login(request, True) # active
) )
def recover_entry_parameters(request, left=False): def recover_entry_parameters(request, left=False):
return ( return (
RECOVER_ENTRY_UID, # uid RECOVER_ENTRY_UID, # uid
_('Recover'), # name _('Recover'), # name
color_icon_url(request, 'recover.png'), # icon color_icon_url(request, 'recover.png'), # icon
url_recover(request), # url url_recover(request), # url
left, # left left, # left
request.path == url_recover(request, True) # active request.path == url_recover(request, True) # active
) )
def register_entry_parameters(request, left=False): def register_entry_parameters(request, left=False):
return ( return (
REGISTER_ENTRY_UID, # uid REGISTER_ENTRY_UID, # uid
_('Register'), # name _('Register'), # name
color_icon_url(request, 'register.png'), # icon color_icon_url(request, 'register.png'), # icon
url_register(request), # url url_register(request), # url
left, # left left, # left
request.path == url_register(request, True) # active request.path == url_register(request, True) # active
) )
def logout_entry_parameters(request): def logout_entry_parameters(request):
return ( return (
LOGOUT_ENTRY_UID, # uid LOGOUT_ENTRY_UID, # uid
_('Logout'), # name _('Logout'), # name
color_icon_url(request, 'logout.png'), # icon color_icon_url(request, 'logout.png'), # icon
url_logout(request), # url url_logout(request), # url
False, # left False, # left
False, # active False, # active
) )
def admin_entry_parameters(request): def admin_entry_parameters(request):
return ( return (
ADMIN_ENTRY_UID, # uid ADMIN_ENTRY_UID, # uid
_('Administration'), # name _('Administration'), # name
color_icon_url(request, 'admin.png'), # icon color_icon_url(request, 'admin.png'), # icon
reverse('admin:index'), # url reverse('admin:index'), # url
False, # left False, # left
False # active False # active
) )
def profile_entry_parameters(request): def profile_entry_parameters(request):
return ( return (
PROFILE_ENTRY_UID, # uid PROFILE_ENTRY_UID, # uid
request.user.username, # name request.user.username, # name
color_icon_url(request, 'user.png'), # icon color_icon_url(request, 'user.png'), # icon
url_profile(request), # url url_profile(request), # url
False, # left False, # left
request.path == url_profile(request, True) # active request.path == url_profile(request, True) # active
) )

5
parameter.py
View File

@ -4,6 +4,8 @@ from django.utils.translation import gettext as _
import importlib import importlib
USERS_SELF_REGISTRATION = "USERS_SELF_REGISTRATION" USERS_SELF_REGISTRATION = "USERS_SELF_REGISTRATION"
USERS_PASSWORD_RECOVERY = 'USERS_PASSWORD_RECOVERY'
USERS_MAIL_VALIDATION = "USERS_MAIL_VALIDATION" USERS_MAIL_VALIDATION = "USERS_MAIL_VALIDATION"
USERS_ADMIN_ACTIVATION = "USERS_ADMIN_ACTIVATION" USERS_ADMIN_ACTIVATION = "USERS_ADMIN_ACTIVATION"
@ -12,11 +14,13 @@ USERS_PROFILE_ADDITIONS = "USERS_PROFILE_ADDITIONS"
DEFAULTS = { DEFAULTS = {
USERS_SELF_REGISTRATION: False, USERS_SELF_REGISTRATION: False,
USERS_PASSWORD_RECOVERY: False,
USERS_MAIL_VALIDATION: True, USERS_MAIL_VALIDATION: True,
USERS_ADMIN_ACTIVATION: True, USERS_ADMIN_ACTIVATION: True,
USERS_PROFILE_ADDITIONS: {}, USERS_PROFILE_ADDITIONS: {},
} }
def __get_object_by_name__(object_name): def __get_object_by_name__(object_name):
class_data = object_name.split(".") class_data = object_name.split(".")
module_path = ".".join(class_data[:-1]) module_path = ".".join(class_data[:-1])
@ -25,6 +29,7 @@ def __get_object_by_name__(object_name):
module = importlib.import_module(module_path) module = importlib.import_module(module_path)
return getattr(module, class_str) return getattr(module, class_str)
def get(key): def get(key):
# take data from config, settings or defaults # take data from config, settings or defaults
try: try:

43
views.py
View File

@ -59,30 +59,36 @@ def profile(request):
) )
return render(request, 'users/profile.html', context=context) return render(request, 'users/profile.html', context=context)
def recover(request): def recover(request):
context = Context(request) # needs to be executed first because of time mesurement context = Context(request) # needs to be executed first because of time mesurement
context_adaption(context, request, _('Password Recovery')) if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
if not request.POST: context_adaption(context, request, _('Password Recovery'))
form = PasswordRecoverForm(request) if not request.POST:
else: form = PasswordRecoverForm(request)
username = request.POST.get("username")
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
pass # hide non existing user (just do nothing)
else: else:
profile = get_userprofile(user) username = request.POST.get("username")
if profile.mail_validated: try:
emails.send_recover_mail(user, request) user = User.objects.get(username=username)
# except User.DoesNotExist:
messages.info(request, _("If the user exists, you will get a reover email.")) pass # hide non existing user (just do nothing)
return redirect("users-login") else:
context['form'] = form profile = get_userprofile(user)
return render(request, 'users/recover.html', context) if profile.mail_validated:
emails.send_recover_mail(user, request)
#
messages.info(request, _("If the user exists, you will get a reover email."))
return redirect("users-login")
context['form'] = form
return render(request, 'users/recover.html', context)
else:
messages.info(request, _("Password recovery is deactivated. Contact your system administrator."))
return redirect('users-login')
def register(request): def register(request):
context = Context(request) # needs to be executed first because of time mesurement context = Context(request) # needs to be executed first because of time mesurement
if parameter.get(parameter.USERS_SELF_REGISTRATION): if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
context_adaption(context, request, _('Register')) context_adaption(context, request, _('Register'))
if not request.POST: if not request.POST:
form = UserRegistrationForm() form = UserRegistrationForm()
@ -251,7 +257,6 @@ def activate(request, pk):
def recover_token(request, uidb64, token): def recover_token(request, uidb64, token):
context = Context(request) # needs to be executed first because of time mesurement context = Context(request) # needs to be executed first because of time mesurement
print(settings.PASSWORD_RESET_TIMEOUT)
try: try:
uid = force_str(urlsafe_base64_decode(uidb64)) uid = force_str(urlsafe_base64_decode(uidb64))
except (TypeError, ValueError, OverflowError, User.DoesNotExist): except (TypeError, ValueError, OverflowError, User.DoesNotExist):