+ def send_confirmation_email(self, subject, email, page, extra_context):
+ text_content = page.render_to_string(extra_context=extra_context)
+ from_email = 'noreply@%s' % Site.objects.get_current().domain
+
+ if page.template.mimetype == 'text/html':
+ msg = EmailMultiAlternatives(subject, striptags(text_content), from_email, [email])
+ msg.attach_alternative(text_content, 'text/html')
+ msg.send()
+ else:
+ send_mail(subject, text_content, from_email, [email])
+
+ def password_reset(self, request, extra_context=None, token_generator=password_token_generator):
+ if request.user.is_authenticated():
+ return HttpResponseRedirect(request.node.get_absolute_url())
+
+ if request.method == 'POST':
+ form = PasswordResetForm(request.POST)
+ if form.is_valid():
+ current_site = Site.objects.get_current()
+ for user in form.users_cache:
+ context = {
+ 'link': self.make_confirmation_link('password_reset_confirm', token_generator, user, request.node),
+ 'username': user.username
+ }
+ self.send_confirmation_email('Confirm password reset for account at %s' % current_site.domain, user.email, self.password_reset_confirmation_email, context)
+ messages.add_message(request, messages.SUCCESS, "An email has been sent to the address you provided with details on resetting your password.", fail_silently=True)
+ return HttpResponseRedirect('')
+ else:
+ form = PasswordResetForm()
+
+ context = self.get_context()
+ context.update(extra_context or {})
+ context.update({
+ 'form': form
+ })
+ return self.password_reset_page.render_to_response(request, extra_context=context)
+
+ def password_reset_confirm(self, request, extra_context=None, uidb36=None, token=None, token_generator=password_token_generator):
+ """
+ Checks that a given hash in a password reset link is valid. If so,
+ displays the password set form.
+ """
+ assert uidb36 is not None and token is not None
+ try:
+ uid_int = base36_to_int(uidb36)
+ except:
+ raise Http404
+
+ user = get_object_or_404(User, id=uid_int)
+
+ if token_generator.check_token(user, token):
+ if request.method == 'POST':
+ form = SetPasswordForm(user, request.POST)
+
+ if form.is_valid():
+ form.save()
+ messages.add_message(request, messages.SUCCESS, "Password reset successful.")
+ return HttpResponseRedirect(self.reverse('login', node=request.node))
+ else:
+ form = SetPasswordForm(user)
+
+ context = self.get_context()
+ context.update(extra_context or {})
+ context.update({
+ 'form': form
+ })
+ return self.password_set_page.render_to_response(request, extra_context=context)
+
+ raise Http404
+
+ def password_change(self, request, extra_context=None):
+ if request.method == 'POST':
+ form = PasswordChangeForm(request.user, request.POST)
+ if form.is_valid():
+ form.save()
+ messages.add_message(request, messages.SUCCESS, 'Password changed successfully.', fail_silently=True)
+ return HttpResponseRedirect('')
+ else:
+ form = PasswordChangeForm(request.user)
+
+ context = self.get_context()
+ context.update(extra_context or {})
+ context.update({
+ 'form': form
+ })
+ return self.password_change_page.render_to_response(request, extra_context=context)
+
+ def register(self, request, extra_context=None, token_generator=registration_token_generator):
+ if request.user.is_authenticated():
+ return HttpResponseRedirect(request.node.get_absolute_url())
+
+ if request.method == 'POST':
+ form = RegistrationForm(request.POST)
+ if form.is_valid():
+ user = form.save()
+ context = {
+ 'link': self.make_confirmation_link('register_confirm', token_generator, user, request.node)
+ }
+ current_site = Site.objects.get_current()
+ self.send_confirmation_email('Confirm account creation at %s' % current_site.name, user.email, self.register_confirmation_email, context)
+ messages.add_message(request, messages.SUCCESS, 'An email has been sent to %s with details on activating your account.' % user.email, fail_silently=True)
+ return HttpResponseRedirect(request.node.get_absolute_url())
+ else:
+ form = RegistrationForm()
+
+ context = self.get_context()
+ context.update(extra_context or {})
+ context.update({
+ 'form': form
+ })
+ return self.register_page.render_to_response(request, extra_context=context)
+
+ def register_confirm(self, request, extra_context=None, uidb36=None, token=None, token_generator=registration_token_generator):
+ """
+ Checks that a given hash in a registration link is valid and activates
+ the given account. If so, log them in and redirect to
+ self.post_register_confirm_redirect.
+ """
+ assert uidb36 is not None and token is not None
+ try:
+ uid_int = base36_to_int(uidb36)
+ except:
+ raise Http404
+
+ user = get_object_or_404(User, id=uid_int)
+ if token_generator.check_token(user, token):
+ user.is_active = True
+ true_password = user.password
+ temp_password = token_generator.make_token(user)
+ try:
+ user.set_password(temp_password)
+ user.save()
+ authenticated_user = authenticate(username=user.username, password=temp_password)
+ login(request, authenticated_user)
+ finally:
+ # if anything goes wrong, ABSOLUTELY make sure that the true password is restored.
+ user.password = true_password
+ user.save()
+ return self.post_register_confirm_redirect(request)
+
+ raise Http404
+
+ def post_register_confirm_redirect(self, request):
+ return HttpResponseRedirect(request.node.get_absolute_url())
+