Commit 81d77f223a756d885be5c9b5871f452b29be6c1f
1 parent
e12f5b27
Exists in
dev
Adding 'forgotten password' feature
Showing
4 changed files
with
101 additions
and
34 deletions
Show diff stats
src/core/pyros_django/user_manager/templates/user_manager/forgotten_password.html
0 → 100644
... | ... | @@ -0,0 +1,24 @@ |
1 | +{% extends "user_manager/base_home.html" %} | |
2 | +{% block content %} | |
3 | + | |
4 | +<div class="text-center" style="width: 80%; margin: 0 auto"> | |
5 | + Forgot your password? Please enter the email address you used to register | |
6 | + with us and we will send you a temparorary password to log in. <br> | |
7 | + We recommend you to change it as soon as possible on your profile page.<br> | |
8 | + </h3> | |
9 | +</div> | |
10 | +<br/> | |
11 | + | |
12 | +<form action="" method="POST" class="text-center"> | |
13 | + {% csrf_token %} | |
14 | + {{form}} | |
15 | + <input type="submit" value="Send email" /><br> | |
16 | +</form><br/> | |
17 | +{% if message %} | |
18 | + {{ message }} | |
19 | +{% endif %} | |
20 | +<div class="text-center"> | |
21 | + <a href="{% url 'user_signin' %}">Return to sign in page</a> | |
22 | +</div> | |
23 | + | |
24 | +{% endblock%} | |
0 | 25 | \ No newline at end of file | ... | ... |
src/core/pyros_django/user_manager/templates/user_manager/home_login.html
... | ... | @@ -29,6 +29,7 @@ |
29 | 29 | </div> |
30 | 30 | <div class="row"> |
31 | 31 | <input class="btn btn-primary" type="submit" value="Log In" /> |
32 | + <a href="{% url "forgotten_password" %}" class="btn btn-primary">Forgot your password ?</a> | |
32 | 33 | <a href="{% url "create_user" %}" class="btn btn-primary">Subscription form</a> |
33 | 34 | </div> |
34 | 35 | </div> | ... | ... |
src/core/pyros_django/user_manager/urls.py
... | ... | @@ -7,6 +7,7 @@ from .forms import UserPasswordResetForm |
7 | 7 | urlpatterns = [ |
8 | 8 | path('users', views.users, name="users"), |
9 | 9 | url(r'^create$', views.create_user, name="create_user"), |
10 | + url(r'^forgotten_password$', views.forgotten_password, name="forgotten_password"), | |
10 | 11 | url(r'^creation_validate$', views.user_signup_validation, name="user_signup_validation"), |
11 | 12 | url(r'^login$', views.login_validation, name="login_validation"), |
12 | 13 | url(r'^profile$', views.profile, name="profile"), | ... | ... |
src/core/pyros_django/user_manager/views.py
... | ... | @@ -4,12 +4,13 @@ from django.contrib.auth.decorators import login_required |
4 | 4 | from dashboard.decorator import level_required |
5 | 5 | from django.shortcuts import get_object_or_404 |
6 | 6 | from dashboard.forms import UserForm |
7 | -from .forms import PyrosUserCreationForm | |
7 | +from .forms import PyrosUserCreationForm,UserPasswordResetForm | |
8 | 8 | from django.core.mail import send_mail |
9 | 9 | from common.models import ScientificProgram, PyrosUser,UserLevel, SP_Period, SP_Period_User |
10 | 10 | from django.urls import reverse |
11 | 11 | from django.http import HttpResponseRedirect,HttpResponse |
12 | - | |
12 | +from obsconfig.configpyros import ConfigPyros | |
13 | +from django.conf import settings as pyros_settings | |
13 | 14 | |
14 | 15 | LOGGED_PAGE = "../../dashboard/templates/dashboard/index.html" |
15 | 16 | |
... | ... | @@ -35,6 +36,25 @@ def create_user(request): |
35 | 36 | form = PyrosUserCreationForm() |
36 | 37 | return (render(request, "user_manager/home_user_creation.html", locals())) |
37 | 38 | |
39 | +def forgotten_password(request): | |
40 | + form = UserPasswordResetForm() | |
41 | + message="" | |
42 | + if request.POST: | |
43 | + password = PyrosUser.objects.make_random_password() | |
44 | + user = PyrosUser.objects.get(email=request.POST["email"]) | |
45 | + if user != None: | |
46 | + user.set_password(password) | |
47 | + user.save() | |
48 | + send_mail( | |
49 | + '[PyROS CC] Registration', | |
50 | + f"Hello,\nYou recently took steps to reset the password for your PyROS account. A temporary password has been assigned, please log in with the following password: '{password}'. \n\nCordially,\n\nPyROS Control Center'", | |
51 | + '', | |
52 | + [request.POST['email']], | |
53 | + fail_silently=False, | |
54 | + ) | |
55 | + message="The email has been send !" | |
56 | + return render(request, 'user_manager/forgotten_password.html',{"form":form,"message":message}) | |
57 | + | |
38 | 58 | def user_signup_validation(request): |
39 | 59 | ''' |
40 | 60 | View called to validate the user creation (form submitted) |
... | ... | @@ -50,6 +70,7 @@ def user_signup_validation(request): |
50 | 70 | message = "Account creation successful ! Login to continue" |
51 | 71 | success = True |
52 | 72 | if request.user.is_authenticated: |
73 | + | |
53 | 74 | if request.POST.get("next"): |
54 | 75 | return redirect(request.POST.get('next')) |
55 | 76 | else: |
... | ... | @@ -70,6 +91,10 @@ def login_validation(request): |
70 | 91 | View called when the user log in (form submitted) |
71 | 92 | ''' |
72 | 93 | if request.user.is_authenticated: |
94 | + config = ConfigPyros(pyros_settings.PATH_TO_OBSCONF_FILE) | |
95 | + observatory_name = config.get_obs_name() | |
96 | + first_unit_name = config.get_units_name()[0] | |
97 | + request.session["obsname"] = observatory_name+" "+first_unit_name | |
73 | 98 | if request.POST.get("next"): |
74 | 99 | return redirect(request.POST.get('next')) |
75 | 100 | # initiate variable session for telling which role the user is using if this user has multiple roles |
... | ... | @@ -80,6 +105,10 @@ def login_validation(request): |
80 | 105 | if request.POST: |
81 | 106 | email = request.POST.get('email') |
82 | 107 | password = request.POST.get('password') |
108 | + try: | |
109 | + is_user_active = PyrosUser.objects.get(username=email).is_active | |
110 | + except: | |
111 | + is_user_active = None | |
83 | 112 | user = authenticate(username=email, password=password) |
84 | 113 | if user is not None: |
85 | 114 | success = False |
... | ... | @@ -95,9 +124,13 @@ def login_validation(request): |
95 | 124 | return redirect(request.POST.get('next')) |
96 | 125 | return(render(request, LOGGED_PAGE, {'USER_LEVEL': request.user.get_priority(), 'base_template' : "base.html", 'weather_img': "normal", 'success' : success})) |
97 | 126 | else: |
98 | - message = "Your account is not active, please contact the site administrator." | |
127 | + message = "Your account is not active, please contact the Unit-PI." | |
99 | 128 | else: |
100 | - message = "Your email and/or password were incorrect." | |
129 | + if is_user_active != None and not is_user_active: | |
130 | + message = "Your account is not active, please contact the Unit-PI." | |
131 | + elif is_user_active or is_user_active == None: | |
132 | + message = "Your email and/or password were incorrect." | |
133 | + | |
101 | 134 | else: |
102 | 135 | message = "An unexpected error has occurred" |
103 | 136 | error = True |
... | ... | @@ -126,6 +159,10 @@ def user_logout(request): |
126 | 159 | ''' |
127 | 160 | |
128 | 161 | logout(request) |
162 | + config = ConfigPyros(pyros_settings.PATH_TO_OBSCONF_FILE) | |
163 | + observatory_name = config.get_obs_name() | |
164 | + first_unit_name = config.get_units_name()[0] | |
165 | + request.session["obsname"] = observatory_name+" "+first_unit_name | |
129 | 166 | return(render(request, LOGGED_PAGE, {'USER_LEVEL' : "Visitor", 'base_template' : 'base_unlogged.html', 'weather_img': "red"})) |
130 | 167 | |
131 | 168 | def user_signin(request): |
... | ... | @@ -133,12 +170,14 @@ def user_signin(request): |
133 | 170 | |
134 | 171 | |
135 | 172 | @login_required |
136 | -@level_required("Admin") | |
173 | +@level_required("Admin","Unit-PI") | |
137 | 174 | def delete_user(request,pk): |
138 | 175 | user_to_be_deleted = get_object_or_404(PyrosUser,pk=pk) |
139 | - if request.method == "POST": | |
176 | + if request.user != user_to_be_deleted and request.method == "POST": | |
140 | 177 | user_to_be_deleted.delete() |
141 | 178 | return HttpResponseRedirect(reverse('users')) |
179 | + else: | |
180 | + return HttpResponseRedirect(reverse("user_detail",kwargs={"pk":pk})) | |
142 | 181 | |
143 | 182 | |
144 | 183 | @login_required |
... | ... | @@ -147,54 +186,56 @@ def users(request): |
147 | 186 | current_user = request.user |
148 | 187 | pyros_users_with_roles = [] |
149 | 188 | pyros_users_without_roles = None |
189 | + common_scientific_programs = None | |
150 | 190 | if request.session.get("role"): |
151 | 191 | role = request.session.get("role") |
152 | 192 | else: |
153 | 193 | role = current_user.get_priority() |
154 | - | |
155 | 194 | if role in "Admin,Unit-PI,Unit board": |
156 | 195 | pyros_users_with_roles = PyrosUser.objects.exclude(user_level__name="Visitor").order_by("-id") |
157 | 196 | pyros_users_without_roles = PyrosUser.objects.filter(user_level__name="Visitor").order_by("-id") |
158 | 197 | else: |
159 | 198 | sp_of_current_user = SP_Period_User.objects.filter(user=current_user) |
160 | - pyros_user_with_roles = [] | |
199 | + common_scientific_programs = sp_of_current_user | |
161 | 200 | for sp in sp_of_current_user: |
162 | 201 | for user in SP_Period_User.objects.filter(SP_Period=sp.SP_Period).exclude(user=current_user).values_list("user",flat=True): |
163 | 202 | pyros_users_with_roles.append(PyrosUser.objects.get(id=user)) |
164 | 203 | nb_of_scientific_program = ScientificProgram.objects.count() |
165 | 204 | # need the negative to calculate in the template for adjusting correctly the information display |
166 | 205 | negative_nb_scientific_program = -nb_of_scientific_program |
167 | - return render(request, 'user_manager/users_management.html', {'pyros_users_with_roles': pyros_users_with_roles,"pyros_users_without_roles":pyros_users_without_roles,"nb_of_scientific_program": nb_of_scientific_program,"negative_nb_scientific_program":negative_nb_scientific_program}) # return the initial view (the users management's one) | |
206 | + return render(request, 'user_manager/users_management.html', {'pyros_users_with_roles': pyros_users_with_roles,"pyros_users_without_roles":pyros_users_without_roles,"nb_of_scientific_program": nb_of_scientific_program,"negative_nb_scientific_program":negative_nb_scientific_program,"common_scientific_programs":common_scientific_programs}) | |
168 | 207 | |
169 | 208 | @login_required |
170 | 209 | @level_required("Admin","Unit-PI","Unit board") |
171 | 210 | def change_activate(request, pk, current_user_id): |
172 | - try : | |
173 | - user = get_object_or_404(PyrosUser, pk=pk) | |
174 | - user.is_active = not user.is_active | |
175 | - text_mail = "" | |
176 | - text_object = "" | |
177 | - if (user.first_time == False and user.is_active == True): | |
178 | - user.first_time = True | |
179 | - text_mail = "Hi,\n\nCongratulations, your registration has been approved by the PI. Welcome to the PyROS Control Center.\nIn order to submit observation sequences, you need to be associated to a scientific program.\n\nCordially,\n\nPyROS Control Center" | |
180 | - text_object = "[PyROS CC] Welcome" | |
181 | - user.validator = get_object_or_404(PyrosUser,pk=current_user_id) | |
182 | - send_mail(text_object, text_mail, '', [user.email], fail_silently=False,) | |
183 | - | |
184 | - # We're not sending an email if the account has been desactivated or re-activated | |
185 | - # elif (user.is_active == True): | |
186 | - # text_mail = "Hi,\n\nYour account on the PyROS Control Center have been re-activated.\n\nCordially,\n\nPyROS Control Center" | |
187 | - # text_object = "[PyROS CC] Re-activation" | |
188 | - # else : | |
189 | - # text_mail = "Hi,\n\nYour account on the PyROS Control Center have benn desactivated. Please contact the PI for futher information.\n\nCordially,\n\nPyROS Control Center" | |
190 | - # text_object = "[PyROS CC] Desactivation" | |
191 | - | |
192 | - user.save() | |
193 | - | |
194 | - return redirect('user_detail', pk=pk) | |
195 | - except PyrosUser.DoesNotExist: | |
196 | - return redirect('user_detail', pk=pk) | |
211 | + if PyrosUser.objects.get(id=current_user_id).get_roles_str() in ["Admin","Unit-PI","Unit board"]: | |
212 | + try : | |
213 | + user = get_object_or_404(PyrosUser, pk=pk) | |
214 | + user.is_active = not user.is_active | |
215 | + text_mail = "" | |
216 | + text_object = "" | |
217 | + if (user.first_time == False and user.is_active == True): | |
218 | + user.first_time = True | |
219 | + text_mail = "Hi,\n\nCongratulations, your registration has been approved by the PI. Welcome to the PyROS Control Center.\nIn order to submit observation sequences, you need to be associated to a scientific program.\n\nCordially,\n\nPyROS Control Center" | |
220 | + text_object = "[PyROS CC] Welcome" | |
221 | + user.validator = get_object_or_404(PyrosUser,pk=current_user_id) | |
222 | + send_mail(text_object, text_mail, '', [user.email], fail_silently=False,) | |
197 | 223 | |
224 | + # We're not sending an email if the account has been desactivated or re-activated | |
225 | + # elif (user.is_active == True): | |
226 | + # text_mail = "Hi,\n\nYour account on the PyROS Control Center have been re-activated.\n\nCordially,\n\nPyROS Control Center" | |
227 | + # text_object = "[PyROS CC] Re-activation" | |
228 | + # else : | |
229 | + # text_mail = "Hi,\n\nYour account on the PyROS Control Center have benn desactivated. Please contact the PI for futher information.\n\nCordially,\n\nPyROS Control Center" | |
230 | + # text_object = "[PyROS CC] Desactivation" | |
231 | + | |
232 | + user.save() | |
233 | + | |
234 | + return redirect('user_detail', pk=pk) | |
235 | + except PyrosUser.DoesNotExist: | |
236 | + return redirect('user_detail', pk=pk) | |
237 | + else: | |
238 | + return redirect("user_detail",pk=pk) | |
198 | 239 | @login_required |
199 | 240 | @level_required("Admin","Observer","Management","Operator","Unit-PI","TAC","Unit board") |
200 | 241 | def user_detail_view(request,pk): | ... | ... |