--- a/app/django/contrib/auth/forms.py Tue Oct 14 12:36:55 2008 +0000
+++ b/app/django/contrib/auth/forms.py Tue Oct 14 16:00:59 2008 +0000
@@ -1,65 +1,92 @@
from django.contrib.auth.models import User
from django.contrib.auth import authenticate
+from django.contrib.auth.tokens import default_token_generator
from django.contrib.sites.models import Site
from django.template import Context, loader
-from django.core import validators
-from django import oldforms
-from django.utils.translation import ugettext as _
+from django import forms
+from django.utils.translation import ugettext_lazy as _
+from django.utils.http import int_to_base36
+
+class UserCreationForm(forms.ModelForm):
+ """
+ A form that creates a user, with no privileges, from the given username and password.
+ """
+ username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^\w+$',
+ help_text = _("Required. 30 characters or fewer. Alphanumeric characters only (letters, digits and underscores)."),
+ error_message = _("This value must contain only letters, numbers and underscores."))
+ password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
+ password2 = forms.CharField(label=_("Password confirmation"), widget=forms.PasswordInput)
+
+ class Meta:
+ model = User
+ fields = ("username",)
-class UserCreationForm(oldforms.Manipulator):
- "A form that creates a user, with no privileges, from the given username and password."
- def __init__(self):
- self.fields = (
- oldforms.TextField(field_name='username', length=30, max_length=30, is_required=True,
- validator_list=[validators.isAlphaNumeric, self.isValidUsername]),
- oldforms.PasswordField(field_name='password1', length=30, max_length=60, is_required=True),
- oldforms.PasswordField(field_name='password2', length=30, max_length=60, is_required=True,
- validator_list=[validators.AlwaysMatchesOtherField('password1', _("The two password fields didn't match."))]),
- )
+ def clean_username(self):
+ username = self.cleaned_data["username"]
+ try:
+ User.objects.get(username=username)
+ except User.DoesNotExist:
+ return username
+ raise forms.ValidationError(_("A user with that username already exists."))
+
+ def clean_password2(self):
+ password1 = self.cleaned_data.get("password1", "")
+ password2 = self.cleaned_data["password2"]
+ if password1 != password2:
+ raise forms.ValidationError(_("The two password fields didn't match."))
+ return password2
- def isValidUsername(self, field_data, all_data):
- try:
- User.objects.get(username=field_data)
- except User.DoesNotExist:
- return
- raise validators.ValidationError, _('A user with that username already exists.')
+ def save(self, commit=True):
+ user = super(UserCreationForm, self).save(commit=False)
+ user.set_password(self.cleaned_data["password1"])
+ if commit:
+ user.save()
+ return user
- def save(self, new_data):
- "Creates the user."
- return User.objects.create_user(new_data['username'], '', new_data['password1'])
+class UserChangeForm(forms.ModelForm):
+ username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^\w+$',
+ help_text = _("Required. 30 characters or fewer. Alphanumeric characters only (letters, digits and underscores)."),
+ error_message = _("This value must contain only letters, numbers and underscores."))
+
+ class Meta:
+ model = User
-class AuthenticationForm(oldforms.Manipulator):
+class AuthenticationForm(forms.Form):
"""
Base class for authenticating users. Extend this to get a form that accepts
username/password logins.
"""
- def __init__(self, request=None):
+ username = forms.CharField(label=_("Username"), max_length=30)
+ password = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
+
+ def __init__(self, request=None, *args, **kwargs):
"""
- If request is passed in, the manipulator will validate that cookies are
+ If request is passed in, the form will validate that cookies are
enabled. Note that the request (a HttpRequest object) must have set a
cookie with the key TEST_COOKIE_NAME and value TEST_COOKIE_VALUE before
- running this validator.
+ running this validation.
"""
self.request = request
- self.fields = [
- oldforms.TextField(field_name="username", length=15, max_length=30, is_required=True,
- validator_list=[self.isValidUser, self.hasCookiesEnabled]),
- oldforms.PasswordField(field_name="password", length=15, max_length=30, is_required=True),
- ]
self.user_cache = None
+ super(AuthenticationForm, self).__init__(*args, **kwargs)
+
+ def clean(self):
+ username = self.cleaned_data.get('username')
+ password = self.cleaned_data.get('password')
- def hasCookiesEnabled(self, field_data, all_data):
- if self.request and not self.request.session.test_cookie_worked():
- raise validators.ValidationError, _("Your Web browser doesn't appear to have cookies enabled. Cookies are required for logging in.")
+ if username and password:
+ self.user_cache = authenticate(username=username, password=password)
+ if self.user_cache is None:
+ raise forms.ValidationError(_("Please enter a correct username and password. Note that both fields are case-sensitive."))
+ elif not self.user_cache.is_active:
+ raise forms.ValidationError(_("This account is inactive."))
- def isValidUser(self, field_data, all_data):
- username = field_data
- password = all_data.get('password', None)
- self.user_cache = authenticate(username=username, password=password)
- if self.user_cache is None:
- raise validators.ValidationError, _("Please enter a correct username and password. Note that both fields are case-sensitive.")
- elif not self.user_cache.is_active:
- raise validators.ValidationError, _("This account is inactive.")
+ # TODO: determine whether this should move to its own method.
+ if self.request:
+ if not self.request.session.test_cookie_worked():
+ raise forms.ValidationError(_("Your Web browser doesn't appear to have cookies enabled. Cookies are required for logging in."))
+
+ return self.cleaned_data
def get_user_id(self):
if self.user_cache:
@@ -69,27 +96,25 @@
def get_user(self):
return self.user_cache
-class PasswordResetForm(oldforms.Manipulator):
- "A form that lets a user request a password reset"
- def __init__(self):
- self.fields = (
- oldforms.EmailField(field_name="email", length=40, is_required=True,
- validator_list=[self.isValidUserEmail]),
- )
+class PasswordResetForm(forms.Form):
+ email = forms.EmailField(label=_("E-mail"), max_length=75)
- def isValidUserEmail(self, new_data, all_data):
- "Validates that a user exists with the given e-mail address"
- self.users_cache = list(User.objects.filter(email__iexact=new_data))
+ def clean_email(self):
+ """
+ Validates that a user exists with the given e-mail address.
+ """
+ email = self.cleaned_data["email"]
+ self.users_cache = User.objects.filter(email__iexact=email)
if len(self.users_cache) == 0:
- raise validators.ValidationError, _("That e-mail address doesn't have an associated user account. Are you sure you've registered?")
+ raise forms.ValidationError(_("That e-mail address doesn't have an associated user account. Are you sure you've registered?"))
- def save(self, domain_override=None, email_template_name='registration/password_reset_email.html'):
- "Calculates a new password randomly and sends it to the user"
+ def save(self, domain_override=None, email_template_name='registration/password_reset_email.html',
+ use_https=False, token_generator=default_token_generator):
+ """
+ Generates a one-use only link for resetting password and sends to the user
+ """
from django.core.mail import send_mail
for user in self.users_cache:
- new_pass = User.objects.make_random_password()
- user.set_password(new_pass)
- user.save()
if not domain_override:
current_site = Site.objects.get_current()
site_name = current_site.name
@@ -98,47 +123,84 @@
site_name = domain = domain_override
t = loader.get_template(email_template_name)
c = {
- 'new_password': new_pass,
'email': user.email,
'domain': domain,
'site_name': site_name,
+ 'uid': int_to_base36(user.id),
'user': user,
- }
- send_mail(_('Password reset on %s') % site_name, t.render(Context(c)), None, [user.email])
+ 'token': token_generator.make_token(user),
+ 'protocol': use_https and 'https' or 'http',
+ }
+ send_mail(_("Password reset on %s") % site_name,
+ t.render(Context(c)), None, [user.email])
-class PasswordChangeForm(oldforms.Manipulator):
- "A form that lets a user change his password."
- def __init__(self, user):
+class SetPasswordForm(forms.Form):
+ """
+ A form that lets a user change set his/her password without
+ entering the old password
+ """
+ new_password1 = forms.CharField(label=_("New password"), widget=forms.PasswordInput)
+ new_password2 = forms.CharField(label=_("New password confirmation"), widget=forms.PasswordInput)
+
+ def __init__(self, user, *args, **kwargs):
self.user = user
- self.fields = (
- oldforms.PasswordField(field_name="old_password", length=30, max_length=30, is_required=True,
- validator_list=[self.isValidOldPassword]),
- oldforms.PasswordField(field_name="new_password1", length=30, max_length=30, is_required=True,
- validator_list=[validators.AlwaysMatchesOtherField('new_password2', _("The two 'new password' fields didn't match."))]),
- oldforms.PasswordField(field_name="new_password2", length=30, max_length=30, is_required=True),
- )
+ super(SetPasswordForm, self).__init__(*args, **kwargs)
+
+ def clean_new_password2(self):
+ password1 = self.cleaned_data.get('new_password1')
+ password2 = self.cleaned_data.get('new_password2')
+ if password1 and password2:
+ if password1 != password2:
+ raise forms.ValidationError(_("The two password fields didn't match."))
+ return password2
+
+ def save(self, commit=True):
+ self.user.set_password(self.cleaned_data['new_password1'])
+ if commit:
+ self.user.save()
+ return self.user
- def isValidOldPassword(self, new_data, all_data):
- "Validates that the old_password field is correct."
- if not self.user.check_password(new_data):
- raise validators.ValidationError, _("Your old password was entered incorrectly. Please enter it again.")
+class PasswordChangeForm(SetPasswordForm):
+ """
+ A form that lets a user change his/her password by entering
+ their old password.
+ """
+ old_password = forms.CharField(label=_("Old password"), widget=forms.PasswordInput)
- def save(self, new_data):
- "Saves the new password."
- self.user.set_password(new_data['new_password1'])
- self.user.save()
+ def clean_old_password(self):
+ """
+ Validates that the old_password field is correct.
+ """
+ old_password = self.cleaned_data["old_password"]
+ if not self.user.check_password(old_password):
+ raise forms.ValidationError(_("Your old password was entered incorrectly. Please enter it again."))
+ return old_password
+PasswordChangeForm.base_fields.keyOrder = ['old_password', 'new_password1', 'new_password2']
-class AdminPasswordChangeForm(oldforms.Manipulator):
- "A form used to change the password of a user in the admin interface."
- def __init__(self, user):
+class AdminPasswordChangeForm(forms.Form):
+ """
+ A form used to change the password of a user in the admin interface.
+ """
+ password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
+ password2 = forms.CharField(label=_("Password (again)"), widget=forms.PasswordInput)
+
+ def __init__(self, user, *args, **kwargs):
self.user = user
- self.fields = (
- oldforms.PasswordField(field_name='password1', length=30, max_length=60, is_required=True),
- oldforms.PasswordField(field_name='password2', length=30, max_length=60, is_required=True,
- validator_list=[validators.AlwaysMatchesOtherField('password1', _("The two password fields didn't match."))]),
- )
+ super(AdminPasswordChangeForm, self).__init__(*args, **kwargs)
- def save(self, new_data):
- "Saves the new password."
- self.user.set_password(new_data['password1'])
- self.user.save()
+ def clean_password2(self):
+ password1 = self.cleaned_data.get('password1')
+ password2 = self.cleaned_data.get('password2')
+ if password1 and password2:
+ if password1 != password2:
+ raise forms.ValidationError(_("The two password fields didn't match."))
+ return password2
+
+ def save(self, commit=True):
+ """
+ Saves the new password.
+ """
+ self.user.set_password(self.cleaned_data["password1"])
+ if commit:
+ self.user.save()
+ return self.user