Support for changing / setting password

f806b46e · Michal Čihař · 39e4be94 · f806b46e · f806b46e · f806b46e
Commit f806b46e authored Oct 09, 2013 by Michal Čihař
5 changed files
--- a/accounts/forms.py
+++ b/accounts/forms.py
@@ -267,3 +267,61 @@ class RegistrationForm(forms.Form):
        if self.cleaned_data['content'] != '':
            raise forms.ValidationError('Invalid value')
        return ''
+
+
+class PasswordForm(forms.Form):
+    '''
+    Form for setting password.
+    '''
+    password1 = forms.CharField(
+        widget=forms.PasswordInput(render_value=False),
+        label=_("New password"),
+        help_text=_('At least six characters long.'),
+    )
+    password2 = forms.CharField(
+        widget=forms.PasswordInput(render_value=False),
+        label=_("New password (again)"),
+        help_text=_(
+            'Repeat the password so we can verify '
+            'you typed it in correctly.'
+        ),
+    )
+
+    def clean_password1(self):
+        '''
+        Password validation, requires length of six chars.
+        '''
+        if len(self.cleaned_data['password1']) < 6:
+            raise forms.ValidationError(
+                _(u'Password needs to have at least six characters.')
+            )
+        return self.cleaned_data['password1']
+
+    def clean(self):
+        """
+        Verify that the values entered into the two password fields
+        match. Note that an error here will end up in
+        ``non_field_errors()`` because it doesn't apply to a single
+        field.
+
+        """
+        try:
+            password1 = self.cleaned_data['password1']
+            password2 = self.cleaned_data['password2']
+
+            if password1 != password2:
+                raise forms.ValidationError(
+                    _('You must type the same password each time.')
+                )
+
+        except KeyError:
+            pass
+
+        return self.cleaned_data
+
+
+class PasswordChangeForm(forms.Form):
+    password = forms.CharField(
+        widget=forms.PasswordInput(render_value=False),
+        label=_("Current password"),
+    )
--- a/accounts/urls.py
+++ b/accounts/urls.py
@@ -28,18 +28,6 @@ from accounts.views import RegistrationTemplateView

 urlpatterns = patterns(
    '',
-    url(
-        r'^password/change/$',
-        auth_views.password_change,
-        {'extra_context': {'title': _('Change password')}},
-        name='auth_password_change'
-    ),
-    url(
-        r'^password/change/done/$',
-        auth_views.password_change_done,
-        {'extra_context': {'title': _('Password changed')}},
-        name='auth_password_change_done'
-    ),
    url(
        r'^password/reset/$',
        auth_views.password_reset,

--- a/accounts/views.py
+++ b/accounts/views.py
@@ -31,7 +31,7 @@ from django.contrib.auth.views import login, logout
 from django.views.generic import TemplateView
 from urllib import urlencode

-from accounts.forms import RegistrationForm
+from accounts.forms import RegistrationForm, PasswordForm, PasswordChangeForm
 from social.backends.utils import load_backends
 from social.apps.django_app.utils import BACKENDS
 from social.apps.django_app.views import complete
@@ -282,8 +282,55 @@ def register(request):
    )


+@login_required
 def password(request):
+    '''
+    Password change / set form.
+    '''
+
+    do_change = False
+
    if request.user.has_usable_password():
-        print 'US'
+        if request.method == 'POST':
+            change_form = PasswordChangeForm(request.POST)
+            if change_form.is_valid():
+                password = change_form.cleaned_data['password']
+                if request.user.check_password(password):
+                    do_change = True
+                else:
+                    messages.error(
+                        request,
+                        _('You have entered invalid password.')
+                    )
+        else:
+            change_form = PasswordChangeForm()
    else:
-        print 'UNUS'
+        do_change = True
+        change_form = None
+
+    if request.method == 'POST':
+        form = PasswordForm(request.POST)
+        if form.is_valid() and do_change:
+            request.user.set_password(
+                form.cleaned_data['password1']
+            )
+            request.user.save()
+            messages.info(
+                request,
+                _('Your password has been changed.')
+            )
+            return redirect('profile')
+    else:
+        form = PasswordForm()
+
+    return render_to_response(
+        'accounts/password.html',
+        RequestContext(
+            request,
+            {
+                'title': _('Change password'),
+                'change_form': change_form,
+                'form': form,
+            }
+        )
+    )
--- a/weblate/html/accounts/password.html
+++ b/weblate/html/accounts/password.html
+{% extends "base.html" %}
+{% load i18n %}
+
+{% block content %}
+
+<p>{% trans "Please enter your new password twice so we can verify you typed it in correctly." %}</p>
+
+<form action="" method="post">{% csrf_token %}
+<table>
+{{ change_form.as_table }}
+{{ form.as_table }}
+</table>
+<input type="submit" value="{% trans 'Change my password' %}" class="button" />
+</form>
+
+{% endblock %}
--- a/weblate/html/profile.html
+++ b/weblate/html/profile.html
@@ -46,6 +46,8 @@
 </div>
 <div id="auth">

+<p><a href="{% url 'password' %}" class="button">{% if request.user.has_usable_password %}{% trans "Change password" %}{% else %}{% trans "Set password" %}{% endif %}</a></p>
+
 <p>{% trans "You can manage third party identities which are associated to this account." %}</p>
 <p>{% trans "Currently associated:" %}</p>
 <table>
@@ -63,9 +65,6 @@
 <td>{{ assoc.uid }}</th>
 <td>
 <a href="{% url 'social:disconnect_individual' assoc.provider assoc.id %}" class="disconnect button">{% trans "Disconnect" %}</a>
-{% if assoc.provider == 'email' %}
-<a href="{% url 'django.contrib.auth.views.password_change' %}" class="button">{% trans "Change password" %}</a>
-{% endif %}
 </td>

 </tr>