# Portions Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies). # All rights reserved. Contact: Pasi Eronen # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # * Neither the name of the Nokia Corporation and/or its # subsidiary(-ies) nor the names of its contributors may be used # to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Copyright The IETF Trust 2007, All Rights Reserved import datetime import hashlib #import json from django.conf import settings from django.template import RequestContext from django.http import Http404 #, HttpResponse, HttpResponseRedirect from django.shortcuts import render_to_response #from django.contrib.auth import REDIRECT_FIELD_NAME, authenticate, login from django.contrib.auth.decorators import login_required #from django.contrib.auth.models import User #from django.utils.http import urlquote #from django.utils.translation import ugettext as _ from django.core.exceptions import ValidationError from ietf.group.models import Role from ietf.ietfauth.forms import RegistrationForm, PasswordForm, RecoverPasswordForm, TestEmailForm, PersonForm from ietf.person.models import Person, Email def index(request): return render_to_response('registration/index.html', context_instance=RequestContext(request)) # def url_login(request, user, passwd): # user = authenticate(username=user, password=passwd) # redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '') # if user is not None: # if user.is_active: # login(request, user) # return HttpResponseRedirect('/accounts/loggedin/?%s=%s' % (REDIRECT_FIELD_NAME, urlquote(redirect_to))) # return HttpResponse("Not authenticated?", status=500) # @login_required # def ietf_login(request): # if not request.user.is_authenticated(): # return HttpResponse("Not authenticated?", status=500) # # redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '') # request.session.set_test_cookie() # return HttpResponseRedirect('/accounts/loggedin/?%s=%s' % (REDIRECT_FIELD_NAME, urlquote(redirect_to))) # def ietf_loggedin(request): # if not request.session.test_cookie_worked(): # return HttpResponse("You need to enable cookies") # request.session.delete_test_cookie() # redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '') # if not redirect_to or '//' in redirect_to or ' ' in redirect_to: # redirect_to = settings.LOGIN_REDIRECT_URL # return HttpResponseRedirect(redirect_to) @login_required def profile(request): roles = [] person = None try: person = request.user.person except Person.DoesNotExist: return render_to_response('registration/missing_person.html', context_instance=RequestContext(request)) if request.method == 'POST': form = PersonForm(request.POST, instance=person) success = False new_emails = None error = None if form.is_valid(): try: form.save() success = True new_emails = form.new_emails except Exception as e: error = e return render_to_response('registration/confirm_profile_update.html', { 'success': success, 'new_emails': new_emails, 'error': error} , context_instance=RequestContext(request)) else: roles = Role.objects.filter(person=person,group__state='active').order_by('name__name','group__name') emails = Email.objects.filter(person=person).order_by('-active','-time') person_form = PersonForm(instance=person) return render_to_response('registration/edit_profile.html', { 'user': request.user, 'emails': emails, 'person': person, 'roles': roles, 'person_form': person_form } , context_instance=RequestContext(request)) def confirm_new_email(request, username, date, email, hash): valid = hashlib.md5('%s%s%s%s' % (settings.SECRET_KEY, date, email, username)).hexdigest() == hash if not valid: raise Http404 request_date = datetime.date(int(date[:4]), int(date[4:6]), int(date[6:])) if datetime.date.today() > (request_date + datetime.timedelta(days=settings.DAYS_TO_EXPIRE_REGISTRATION_LINK)): raise Http404 success = False person = None error = None new_email = None try: # First, check whether this address exists (to give a more sensible # error when a duplicate is created). existing_email = Email.objects.get(address=email) print existing_email existing_person = existing_email.person print existing_person error = {'address': ["Email address '%s' is already assigned to user '%s' (%s)" % (email, existing_person.user, existing_person.name)]} except Exception: try: person = Person.objects.get(user__username=username) new_email = Email(address=email, person=person, active=True, time=datetime.datetime.now()) new_email.full_clean() new_email.save() success = True except Person.DoesNotExist: error = {'person': ["No such user: %s" % (username)]} except ValidationError as e: error = e.message_dict return render_to_response('registration/confirm_new_email.html', { 'username': username, 'email': email, 'success': success, 'error': error, 'record': new_email}, context_instance=RequestContext(request)) def create_account(request): success = False if request.method == 'POST': form = RegistrationForm(request.POST) if form.is_valid(): form.request = request form.save() success = True else: form = RegistrationForm() return render_to_response('registration/create.html', {'form': form, 'success': success}, context_instance=RequestContext(request)) def process_confirmation(request, username, date, realm, hash): valid = hashlib.md5('%s%s%s%s' % (settings.SECRET_KEY, date, username, realm)).hexdigest() == hash if not valid: raise Http404 request_date = datetime.date(int(date[:4]), int(date[4:6]), int(date[6:])) if datetime.date.today() > (request_date + datetime.timedelta(days=settings.DAYS_TO_EXPIRE_REGISTRATION_LINK)): raise Http404 success = False if request.method == 'POST': form = PasswordForm(request.POST, username=username) if form.is_valid(): form.save() # Also updates the httpd password file success = True else: form = PasswordForm(username=username) return form, username, success def confirm_account(request, username, date, realm, hash): form, username, success = process_confirmation(request, username, date, realm, hash) return render_to_response('registration/confirm.html', {'form': form, 'email': username, 'success': success}, context_instance=RequestContext(request)) def password_reset_view(request): success = False if request.method == 'POST': form = RecoverPasswordForm(request.POST) if form.is_valid(): form.request = request form.save() success = True else: form = RecoverPasswordForm() return render_to_response('registration/password_reset.html', {'form': form, 'success': success}, context_instance=RequestContext(request)) def confirm_password_reset(request, username, date, realm, hash): form, username, success = process_confirmation(request, username, date, realm, hash) return render_to_response('registration/change_password.html', {'form': form, 'success': success, 'username': username}, context_instance=RequestContext(request)) # def ajax_check_username(request): # username = request.GET.get('username', '') # error = False # if User.objects.filter(username=username).count(): # error = _('This email address is already registered') # return HttpResponse(json.dumps({'error': error}), content_type='text/plain') def test_email(request): """Set email address to which email generated in the system will be sent.""" if settings.SERVER_MODE == "production": raise Http404 # Note that the cookie set here is only used when running in # "test" mode, normally you run the server in "development" mode, # in which case email is sent out as usual; for development, you # can easily start a little email debug server with Python, see # the instructions in utils/mail.py. cookie = None if request.method == "POST": form = TestEmailForm(request.POST) if form.is_valid(): cookie = form.cleaned_data['email'] else: form = TestEmailForm(initial=dict(email=request.COOKIES.get('testmailcc'))) r = render_to_response('ietfauth/testemail.html', dict(form=form, cookie=cookie if cookie != None else request.COOKIES.get("testmailcc", "") ), context_instance=RequestContext(request)) if cookie != None: r.set_cookie("testmailcc", cookie) return r