Enabled the check for existing account, disabled when we started using self-service http password reset, but hadn't started creating accounts yet. Refactored the two confirm*() methods in ietfauth/views.py; they need the same processing, only the templates to use differ.

- Legacy-Id: 4583
2012-07-04 05:12:20 +00:00 · 2012-07-04 05:12:20 +00:00 · 73f00aa920
parent fbf89cdcff
commit 73f00aa920
2 changed files with 12 additions and 20 deletions
--- a/ietf/ietfauth/forms.py
+++ b/ietf/ietfauth/forms.py
@ -44,8 +44,8 @@ class RegistrationForm(forms.Form):
        email = self.cleaned_data.get('email', '')
        if not email:
            return email
-#         if User.objects.filter(username=email).count():
-#             raise forms.ValidationError(_('Email already in use'))
+        if User.objects.filter(username=email).count():
+            raise forms.ValidationError(_('An account with the email address you provided already exists.'))
        return email


@ -80,7 +80,7 @@ class PasswordForm(forms.Form):

    def __init__(self, *args, **kwargs):
        self.username = kwargs.pop('username')
-        self.update_user = kwargs.pop('update_user', False)
+        self.update_user = User.objects.filter(username=self.username).count() > 0
        super(PasswordForm, self).__init__(*args, **kwargs)

    def clean_password2(self):
--- a/ietf/ietfauth/views.py
+++ b/ietf/ietfauth/views.py
@ -114,8 +114,8 @@ def create_account(request):
                              context_instance=RequestContext(request))


-def confirm_account(request, username, date, realm, registration_hash):
-    valid = hashlib.md5('%s%s%s%s' % (settings.SECRET_KEY, date, username, realm)).hexdigest() == registration_hash
+def process_confirmation(request, username, date, realm, hash):
+    valid = hashlib.md5('%s%s%s%s' % (settings.SECRET_KEY, date, username, realm)).hexdigest() == hash
    if not valid:
        raise Http404
    request_date = datetime.date(int(date[:4]), int(date[4:6]), int(date[6:]))
@ -125,11 +125,14 @@ def confirm_account(request, username, date, realm, registration_hash):
    if request.method == 'POST':
        form = PasswordForm(request.POST, username=username)
        if form.is_valid():
-            form.save()
-            # TODO: Add the user in the htdigest file
+            form.save()                 # Also updates the httpd password file
            success = True
    else:
        form = PasswordForm(username=username)
+    return form, username, success
+
+def confirm_account(request, username, date, realm, hash):
+    form, username, success = process_confirmation(request, username, date, realm, hash)
    return render_to_response('registration/confirm.html',
                              {'form': form, 'email': username, 'success': success},
                              context_instance=RequestContext(request))
@ -151,19 +154,8 @@ def password_reset_view(request):
                              context_instance=RequestContext(request))


-def confirm_password_reset(request, username, date, realm, reset_hash):
-    valid = hashlib.md5('%s%s%s%s' % (settings.SECRET_KEY, date, username, realm)).hexdigest() == reset_hash
-    if not valid:
-        raise Http404
-    success = False
-    if request.method == 'POST':
-        form = PasswordForm(request.POST, update_user=True, username=username)
-        if form.is_valid():
-            form.save()
-            # TODO: Update the user in the htdigest file
-            success = True
-    else:
-        form = PasswordForm(username=username)
+def confirm_password_reset(request, username, date, realm, hash):
+    form, username, success = process_confirmation(request, username, date, realm, hash)
    return render_to_response('registration/change_password.html',
                              {'form': form,
                               'success': success,