From 19266d35eebf9720243b5bfb6c71b1f6947b1244 Mon Sep 17 00:00:00 2001 From: eric Date: Fri, 22 Sep 2017 14:50:35 -0400 Subject: [PATCH 1/5] remove social_auth_reset_password --- .../registration/password_change_form.html | 13 ------------- libraryauth/urls.py | 1 - libraryauth/views.py | 6 ------ 3 files changed, 20 deletions(-) diff --git a/frontend/templates/registration/password_change_form.html b/frontend/templates/registration/password_change_form.html index 7fc4e63c..72ac9457 100644 --- a/frontend/templates/registration/password_change_form.html +++ b/frontend/templates/registration/password_change_form.html @@ -4,25 +4,12 @@ {% block doccontent %} {% if request.user.is_authenticated %} - {% if not request.user.has_usable_password %} -
- Because you registered using your account on another site (such as Google), you'll need to reset your password before you can change it. -
-
{% csrf_token %} - - - -

- -
- {% else %}
{% csrf_token %} {{ form.as_p }}

- {% endif %} {% else %}
You must be logged in to change your password.
Log in
 diff --git a/libraryauth/urls.py b/libraryauth/urls.py index e3746b9d..3a5eef23 100644 --- a/libraryauth/urls.py +++ b/libraryauth/urls.py @@ -55,7 +55,6 @@ urlpatterns = [ template_name='registration/welcome.html', extra_context={'suppress_search_box': True,} ) ), - url(r'^socialauth/reset_password/$', views.social_auth_reset_password, name="social_auth_reset_password"), url(r'^socialauth/', include('social.apps.django_app.urls', namespace='social')), url('accounts/', include('email_change.urls')), url(r'^accounts/', include('registration.backends.model_activation.urls')), diff --git a/libraryauth/views.py b/libraryauth/views.py index 466dcd7b..1ae3ef19 100644 --- a/libraryauth/views.py +++ b/libraryauth/views.py @@ -266,11 +266,5 @@ def edit_user(request, redirect_to=None): return HttpResponseRedirect(redirect_to if redirect_to else reverse('home')) # Redirect after POST return render(request,'registration/user_change_form.html', {'form': form}) -@login_required -def social_auth_reset_password(request): - if not request.user.has_usable_password(): - request.user.set_password('%010x' % random.randrange(16**10)) - request.user.save() - return password_reset(request) From c3fd4347a5a3d4464a653635b3b36a31b0fa8e0c Mon Sep 17 00:00:00 2001 From: eric Date: Fri, 22 Sep 2017 14:53:32 -0400 Subject: [PATCH 2/5] use single quotes --- libraryauth/urls.py | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/libraryauth/urls.py b/libraryauth/urls.py index 3a5eef23..f6357102 100644 --- a/libraryauth/urls.py +++ b/libraryauth/urls.py @@ -20,23 +20,23 @@ class ExtraContextTemplateView(TemplateView): return context urlpatterns = [ - url(r"^libraryauth/(?P\d+)/join/$", views.join_library, name="join_library"), - url(r"^libraryauth/(?P\d+)/deny/$", TemplateView.as_view(template_name='libraryauth/denied.html'), name="bad_library"), - url(r"^libraryauth/(?P\d+)/users/$", views.library, {'template':'libraryauth/users.html'}, name="library_users"), - url(r"^libraryauth/(?P\d+)/admin/$", login_required(views.UpdateLibraryView.as_view()), name="library_admin"), - url(r"^libraryauth/(?P\d+)/login/$", views.login_as_library, name="library_login"), - url(r"^libraryauth/create/$", login_required(views.CreateLibraryView.as_view()), name="library_create"), - url(r"^libraryauth/list/$", ExtraContextTemplateView.as_view( + url(r'^libraryauth/(?P\d+)/join/$', views.join_library, name='join_library'), + url(r'^libraryauth/(?P\d+)/deny/$', TemplateView.as_view(template_name='libraryauth/denied.html'), name='bad_library'), + url(r'^libraryauth/(?P\d+)/users/$', views.library, {'template':'libraryauth/users.html'}, name='library_users'), + url(r'^libraryauth/(?P\d+)/admin/$', login_required(views.UpdateLibraryView.as_view()), name='library_admin'), + url(r'^libraryauth/(?P\d+)/login/$', views.login_as_library, name='library_login'), + url(r'^libraryauth/create/$', login_required(views.CreateLibraryView.as_view()), name='library_create'), + url(r'^libraryauth/list/$', ExtraContextTemplateView.as_view( template_name='libraryauth/list.html', extra_context={'libraries_to_show':'approved'} - ), name="library_list"), - url(r"^libraryauth/unapproved/$", ExtraContextTemplateView.as_view( + ), name='library_list'), + url(r'^libraryauth/unapproved/$', ExtraContextTemplateView.as_view( template_name='libraryauth/list.html', extra_context={'libraries_to_show':'new'} - ), name="new_libraries"), + ), name='new_libraries'), url(r'^accounts/register/$', views.CustomRegistrationView.as_view(), name='registration_register'), url(r'^accounts/superlogin/$', views.superlogin, name='superlogin'), - url(r"^accounts/superlogin/welcome/$", ExtraContextTemplateView.as_view( + url(r'^accounts/superlogin/welcome/$', ExtraContextTemplateView.as_view( template_name='registration/welcome.html', extra_context={'suppress_search_box': True,} ) ), @@ -50,8 +50,8 @@ urlpatterns = [ {'template_name': 'registration/activation_complete.html'}), url(r'^accounts/login-error/$', superlogin, {'template_name': 'registration/from_error.html'}), - url(r'^accounts/edit/$', views.edit_user, name="edit_user"), - url(r"^accounts/login/welcome/$", ExtraContextTemplateView.as_view( + url(r'^accounts/edit/$', views.edit_user, name='edit_user'), + url(r'^accounts/login/welcome/$', ExtraContextTemplateView.as_view( template_name='registration/welcome.html', extra_context={'suppress_search_box': True,} ) ), From d968a800ae7e2e659001e83c72cc78b7d986a205 Mon Sep 17 00:00:00 2001 From: eric Date: Fri, 22 Sep 2017 16:02:43 -0400 Subject: [PATCH 3/5] don't require old password if social auth --- frontend/templates/email_change/base.html | 2 +- frontend/templates/join_library.html | 2 +- frontend/templates/manage_account.html | 2 +- frontend/templates/registration/user_change_form.html | 2 +- libraryauth/forms.py | 11 +++++++++-- libraryauth/urls.py | 7 +++++-- libraryauth/views.py | 10 ++++++++-- 7 files changed, 26 insertions(+), 10 deletions(-) diff --git a/frontend/templates/email_change/base.html b/frontend/templates/email_change/base.html index feaa0405..640746b6 100644 --- a/frontend/templates/email_change/base.html +++ b/frontend/templates/email_change/base.html @@ -9,7 +9,7 @@

Other Account Tools

    -
  • Want to change your password?
    • +
  • Want to change your password?
  • ... or manage your pledges and payment info?
  • ... or change your username?
  • ... or manage your contact preferences?
    • diff --git a/frontend/templates/join_library.html b/frontend/templates/join_library.html index e8753fe3..eb136e0a 100644 --- a/frontend/templates/join_library.html +++ b/frontend/templates/join_library.html @@ -6,7 +6,7 @@

    Other Account Management Tools

      -
    • Want to change your password?
      • +
    • Want to change your password?
    • ... or manage your contact preferences?
    • ... or change your email address?
    • ... or change your username?
      • diff --git a/frontend/templates/manage_account.html b/frontend/templates/manage_account.html index 3beb4506..f3181444 100644 --- a/frontend/templates/manage_account.html +++ b/frontend/templates/manage_account.html @@ -104,7 +104,7 @@ You can complete your last transaction by change your password? +
    • Want to change your password?
    • ... or manage your contact preferences?
    • ... or change your email address?
    • ... or change your username?
      • diff --git a/frontend/templates/registration/user_change_form.html b/frontend/templates/registration/user_change_form.html index 2bdc49ee..39178cce 100644 --- a/frontend/templates/registration/user_change_form.html +++ b/frontend/templates/registration/user_change_form.html @@ -17,7 +17,7 @@

      Other Account Tools

        -
      • Want to change your password?
        • +
      • Want to change your password?
      • ... or manage your pledges and payment info?
      • ... or change your email address?
      • ... or manage your contact preferences?
        • diff --git a/libraryauth/forms.py b/libraryauth/forms.py index cc22b65e..a0a84d16 100644 --- a/libraryauth/forms.py +++ b/libraryauth/forms.py @@ -1,6 +1,6 @@ import logging from django import forms -from django.contrib.auth.forms import AuthenticationForm +from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm from django.contrib.auth.models import User from django.utils.translation import ugettext_lazy as _ from registration.forms import RegistrationForm @@ -57,7 +57,6 @@ class RegistrationFormNoDisposableEmail(RegistrationForm): if is_disposable(self.cleaned_data['email']): raise forms.ValidationError(_("Please supply a permanent email address.")) return self.cleaned_data['email'] - class AuthForm(AuthenticationForm): def __init__(self, request=None, *args, **kwargs): @@ -67,6 +66,14 @@ class AuthForm(AuthenticationForm): else: super(AuthForm, self).__init__(*args, **kwargs) +class SocialAwarePasswordChangeForm(PasswordChangeForm): + def clean_old_password(self): + if self.user.has_usable_password(): + return super(SocialAwarePasswordChangeForm,self).clean_old_password() + else: + return self.cleaned_data["old_password"] + + class NewLibraryForm(forms.ModelForm): username = forms.RegexField( label=_("Library Username"), diff --git a/libraryauth/urls.py b/libraryauth/urls.py index f6357102..1208cab5 100644 --- a/libraryauth/urls.py +++ b/libraryauth/urls.py @@ -1,6 +1,5 @@ from django.conf.urls import patterns, url, include -from django.core.urlresolvers import reverse -#from django.views.generic.simple import direct_to_template +from django.core.urlresolvers import reverse_lazy from django.views.generic.base import TemplateView from django.contrib.auth.decorators import login_required from . import views, models, forms @@ -55,6 +54,10 @@ urlpatterns = [ template_name='registration/welcome.html', extra_context={'suppress_search_box': True,} ) ), + url(r'^accounts/password/change/$', + views.social_aware_password_change, + {'post_change_redirect': reverse_lazy('auth_password_change_done')}, + name='libraryauth_password_change'), url(r'^socialauth/', include('social.apps.django_app.urls', namespace='social')), url('accounts/', include('email_change.urls')), url(r'^accounts/', include('registration.backends.model_activation.urls')), diff --git a/libraryauth/views.py b/libraryauth/views.py index 1ae3ef19..d7d3b498 100644 --- a/libraryauth/views.py +++ b/libraryauth/views.py @@ -3,14 +3,16 @@ import random from django.conf import settings from django.core.urlresolvers import reverse from django.shortcuts import get_object_or_404, render -from django.contrib.auth.views import login, password_reset - +from django.contrib.auth.forms import SetPasswordForm +from django.contrib.auth.views import login, password_reset, password_change from django.contrib.auth import login as login_to_user from django.contrib.auth import load_backend from django.contrib.auth.decorators import login_required from django.http import HttpResponseRedirect from django.views.generic.edit import FormView, CreateView, UpdateView, SingleObjectMixin + from registration.backends.model_activation.views import RegistrationView + from . import backends from .models import Library from .forms import AuthForm, LibraryForm, NewLibraryForm, RegistrationFormNoDisposableEmail, UserData @@ -54,6 +56,10 @@ def superlogin(request, extra_context={}, **kwargs): request.session["add_wishlist"]=request.GET["add"] return login(request, extra_context=extra_context, authentication_form=AuthForm, **kwargs) +def social_aware_password_change(request, **kwargs): + if request.user.has_usable_password(): + return password_change(request, **kwargs) + return password_change(request, password_change_form=SetPasswordForm, **kwargs) class Authenticator: request=None From 4aa968a5236b9f3d0e6a3c6349e4d4cca025ea54 Mon Sep 17 00:00:00 2001 From: eric Date: Fri, 22 Sep 2017 16:54:16 -0400 Subject: [PATCH 4/5] change behavior of reset password - send email even if password is unusable - tell user if there's no user with that email --- frontend/templates/gift_login.html | 2 +- .../registration/activation_complete.html | 2 +- .../templates/registration/from_pledge.html | 2 +- frontend/templates/registration/login.html | 2 +- libraryauth/forms.py | 23 +++++++++++++------ libraryauth/urls.py | 7 ++++++ 6 files changed, 27 insertions(+), 11 deletions(-) diff --git a/frontend/templates/gift_login.html b/frontend/templates/gift_login.html index 11329116..5db402db 100644 --- a/frontend/templates/gift_login.html +++ b/frontend/templates/gift_login.html @@ -22,7 +22,7 @@ Make sure the username box has your username, not your email -- some brow
        -Forgot your password? Need an account? Other questions? +Forgot your password? Need an account? Other questions?

        diff --git a/frontend/templates/registration/activation_complete.html b/frontend/templates/registration/activation_complete.html index dcd0d39c..1b5e86bc 100644 --- a/frontend/templates/registration/activation_complete.html +++ b/frontend/templates/registration/activation_complete.html @@ -11,7 +11,7 @@

      -Forgot your password? +Forgot your password?
      {% else %}
      diff --git a/frontend/templates/registration/from_pledge.html b/frontend/templates/registration/from_pledge.html index c2ec7418..a4a57f8c 100644 --- a/frontend/templates/registration/from_pledge.html +++ b/frontend/templates/registration/from_pledge.html @@ -71,7 +71,7 @@ function put_un_in_cookie(){
      diff --git a/frontend/templates/registration/login.html b/frontend/templates/registration/login.html index d89992a6..f81aca4e 100644 --- a/frontend/templates/registration/login.html +++ b/frontend/templates/registration/login.html @@ -28,7 +28,7 @@ Make sure the username box has your username, not your email -- some brow
      -Forgot your password? Need an account? Other questions? +Forgot your password? Need an account? Other questions?

      diff --git a/libraryauth/forms.py b/libraryauth/forms.py index a0a84d16..5bf76838 100644 --- a/libraryauth/forms.py +++ b/libraryauth/forms.py @@ -1,6 +1,7 @@ import logging from django import forms -from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm +from django.contrib.auth import get_user_model +from django.contrib.auth.forms import AuthenticationForm, PasswordResetForm from django.contrib.auth.models import User from django.utils.translation import ugettext_lazy as _ from registration.forms import RegistrationForm @@ -66,12 +67,20 @@ class AuthForm(AuthenticationForm): else: super(AuthForm, self).__init__(*args, **kwargs) -class SocialAwarePasswordChangeForm(PasswordChangeForm): - def clean_old_password(self): - if self.user.has_usable_password(): - return super(SocialAwarePasswordChangeForm,self).clean_old_password() - else: - return self.cleaned_data["old_password"] +class SocialAwarePasswordResetForm(PasswordResetForm): + def get_users(self, email): + """ + Send the reset form even if the user password is not usable + """ + active_users = get_user_model()._default_manager.filter( + email__iexact=email, is_active=True) + return active_users + + def clean_email(self): + email = self.cleaned_data['email'] + if not get_user_model().objects.filter(email__iexact=email, is_active=True).exists(): + raise forms.ValidationError("There aren't ungluers with that email address!") + return email class NewLibraryForm(forms.ModelForm): diff --git a/libraryauth/urls.py b/libraryauth/urls.py index 1208cab5..a14b3cd3 100644 --- a/libraryauth/urls.py +++ b/libraryauth/urls.py @@ -2,6 +2,7 @@ from django.conf.urls import patterns, url, include from django.core.urlresolvers import reverse_lazy from django.views.generic.base import TemplateView from django.contrib.auth.decorators import login_required +from django.contrib.auth.views import password_reset from . import views, models, forms from .views import superlogin @@ -58,6 +59,12 @@ urlpatterns = [ views.social_aware_password_change, {'post_change_redirect': reverse_lazy('auth_password_change_done')}, name='libraryauth_password_change'), + url(r'^password/reset/$', + password_reset, + {'post_reset_redirect': reverse_lazy('auth_password_reset_done'), + 'password_reset_form': forms.SocialAwarePasswordResetForm}, + name='libraryauth_password_reset'), + url(r'^socialauth/', include('social.apps.django_app.urls', namespace='social')), url('accounts/', include('email_change.urls')), url(r'^accounts/', include('registration.backends.model_activation.urls')), From 2651afd02fff22c9a4e56ea1895693fc1d733d06 Mon Sep 17 00:00:00 2001 From: eric Date: Fri, 22 Sep 2017 18:31:06 -0400 Subject: [PATCH 5/5] old test book not in GB anymore --- core/tests.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/core/tests.py b/core/tests.py index 2bd644d5..ac409186 100755 --- a/core/tests.py +++ b/core/tests.py @@ -119,13 +119,13 @@ class BookLoaderTests(TestCase): if not (mocking or settings.TEST_INTEGRATION): return # edition - edition = bookloader.add_by_isbn('9781594200090') + edition = bookloader.add_by_isbn('9780143034759') self.assertEqual(edition.title, u'Alexander Hamilton') - self.assertEqual(edition.publication_date, u'2004') - self.assertEqual(edition.publisher, u'Perseus Books Group') - self.assertEqual(edition.isbn_10, '1594200092') - self.assertEqual(edition.isbn_13, '9781594200090') - self.assertEqual(edition.googlebooks_id, 'y1_R-rjdcb0C') + self.assertEqual(edition.publication_date, u'2005') + self.assertEqual(edition.publisher, u'Penguin') + self.assertEqual(edition.isbn_10, '0143034758') + self.assertEqual(edition.isbn_13, '9780143034759') + self.assertEqual(edition.googlebooks_id, '4iafgTEhU3QC') # authors self.assertEqual(edition.authors.all().count(), 1) @@ -133,12 +133,12 @@ class BookLoaderTests(TestCase): # work self.assertTrue(edition.work) - self.assertEqual(edition.work.googlebooks_id, 'y1_R-rjdcb0C') - self.assertEqual(edition.work.first_isbn_13(), '9781594200090') + self.assertEqual(edition.work.googlebooks_id, '4iafgTEhU3QC') + self.assertEqual(edition.work.first_isbn_13(), '9780143034759') # test duplicate pubname ed2 = Edition.objects.create(work=edition.work) - ed2.set_publisher(u'Perseus Books Group') + ed2.set_publisher(u'Penguin') # publisher names old_pub_name = edition.publisher_name @@ -149,7 +149,7 @@ class BookLoaderTests(TestCase): self.assertEqual(edition.work.publishers().count(), 1) old_pub_name.publisher = pub old_pub_name.save() - edition.set_publisher(u'Perseus Books Group') + edition.set_publisher(u'Penguin') self.assertEqual(edition.publisher, u'test publisher name') # Perseus has been aliased def test_language_locale_mock(self):