parameter for enabling and disabling password recovery + allow superuser password recovery and registration

2024-11-09 13:35:16 +01:00 · 2024-11-09 13:35:16 +01:00 · a50e55daf1
commit a50e55daf1
parent 12526f44d7
4 changed files with 72 additions and 57 deletions
--- a/README.md
+++ b/README.md
@ -36,6 +36,9 @@ All parameters can be added in the django ```settings.py``` or in a ```config.py
 #### USERS_SELF_REGISTRATION
 This parameter can be ```True``` or ```False```. It enables or disables the self registration.

+#### USERS_PASSWORD_RECOVERY
+This parameter can be ```True``` or ```False```. It enables or disables the password recovery.
+
 #### USERS_MAIL_VALIDATION
 This parameter can be ```True``` or ```False```. It enables or disables the mail validation after self registration.

--- a/context.py
+++ b/context.py
@ -33,8 +33,9 @@ def menubar(bar, request):

 def actionbar(bar, request):
    bar.append_entry(*login_entry_parameters(request, left=True))
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
        bar.append_entry(*recover_entry_parameters(request, left=True))
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
        bar.append_entry(*register_entry_parameters(request, left=True))


@ -59,6 +60,7 @@ def recover_entry_parameters(request, left=False):
        request.path == url_recover(request, True)      # active
    )

+
 def register_entry_parameters(request, left=False):
    return (
        REGISTER_ENTRY_UID,                             # uid
--- a/parameter.py
+++ b/parameter.py
@ -4,6 +4,8 @@ from django.utils.translation import gettext as _
 import importlib

 USERS_SELF_REGISTRATION = "USERS_SELF_REGISTRATION"
+USERS_PASSWORD_RECOVERY = 'USERS_PASSWORD_RECOVERY'
+
 USERS_MAIL_VALIDATION = "USERS_MAIL_VALIDATION"
 USERS_ADMIN_ACTIVATION = "USERS_ADMIN_ACTIVATION"

@ -12,11 +14,13 @@ USERS_PROFILE_ADDITIONS = "USERS_PROFILE_ADDITIONS"

 DEFAULTS = {
    USERS_SELF_REGISTRATION: False,
+    USERS_PASSWORD_RECOVERY: False,
    USERS_MAIL_VALIDATION: True,
    USERS_ADMIN_ACTIVATION: True,
    USERS_PROFILE_ADDITIONS: {},
 }

+
 def __get_object_by_name__(object_name):
    class_data = object_name.split(".")
    module_path = ".".join(class_data[:-1])
@ -25,6 +29,7 @@ def __get_object_by_name__(object_name):
    module = importlib.import_module(module_path)
    return getattr(module, class_str)

+
 def get(key):
    # take data from config, settings or defaults
    try:
--- a/views.py
+++ b/views.py
@ -59,8 +59,10 @@ def profile(request):
    )
    return render(request, 'users/profile.html', context=context)

+
 def recover(request):
    context = Context(request)      # needs to be executed first because of time mesurement
+    if parameter.get(parameter.USERS_PASSWORD_RECOVERY) or request.user.is_superuser:
        context_adaption(context, request, _('Password Recovery'))
        if not request.POST:
            form = PasswordRecoverForm(request)
@ -79,10 +81,14 @@ def recover(request):
            return redirect("users-login")
        context['form'] = form
        return render(request, 'users/recover.html', context)
+    else:
+        messages.info(request, _("Password recovery is deactivated. Contact your system administrator."))
+        return redirect('users-login')
+

 def register(request):
    context = Context(request)      # needs to be executed first because of time mesurement
-    if parameter.get(parameter.USERS_SELF_REGISTRATION):
+    if parameter.get(parameter.USERS_SELF_REGISTRATION) or request.user.is_superuser:
        context_adaption(context, request, _('Register'))
        if not request.POST:
            form = UserRegistrationForm()
@ -251,7 +257,6 @@ def activate(request, pk):

 def recover_token(request, uidb64, token):
    context = Context(request)      # needs to be executed first because of time mesurement
-    print(settings.PASSWORD_RESET_TIMEOUT)
    try:
        uid = force_str(urlsafe_base64_decode(uidb64))
    except (TypeError, ValueError, OverflowError, User.DoesNotExist):