mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-11-26 19:41:11 +00:00
Updates reset password flow to use validators
This commit is contained in:
parent
1bb0a9d998
commit
3846b201bd
3 changed files with 39 additions and 13 deletions
|
@ -1,7 +1,7 @@
|
|||
""" Forms for the landing pages """
|
||||
from django import forms
|
||||
from django.contrib.auth.password_validation import validate_password
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.forms import PasswordInput
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
from bookwyrm import models
|
||||
|
@ -15,7 +15,7 @@ class LoginForm(CustomForm):
|
|||
fields = ["localname", "password"]
|
||||
help_texts = {f: None for f in fields}
|
||||
widgets = {
|
||||
"password": PasswordInput(),
|
||||
"password": forms.PasswordInput(),
|
||||
}
|
||||
|
||||
|
||||
|
@ -24,7 +24,7 @@ class RegisterForm(CustomForm):
|
|||
model = models.User
|
||||
fields = ["localname", "email", "password"]
|
||||
help_texts = {f: None for f in fields}
|
||||
widgets = {"password": PasswordInput()}
|
||||
widgets = {"password": forms.PasswordInput()}
|
||||
|
||||
def clean(self):
|
||||
"""Check if the username is taken"""
|
||||
|
@ -49,3 +49,28 @@ class InviteRequestForm(CustomForm):
|
|||
class Meta:
|
||||
model = models.InviteRequest
|
||||
fields = ["email", "answer"]
|
||||
|
||||
|
||||
class PasswordResetForm(CustomForm):
|
||||
confirm_password = forms.CharField(widget=forms.PasswordInput)
|
||||
|
||||
class Meta:
|
||||
model = models.User
|
||||
fields = ["password"]
|
||||
widgets = {
|
||||
"password": forms.PasswordInput(),
|
||||
}
|
||||
|
||||
def clean(self):
|
||||
"""Make sure the passwords match and are valid"""
|
||||
cleaned_data = super().clean()
|
||||
new_password = cleaned_data.get("password")
|
||||
confirm_password = self.data.get("confirm_password")
|
||||
|
||||
if new_password != confirm_password:
|
||||
self.add_error("confirm_password", _("Password does not match"))
|
||||
|
||||
try:
|
||||
validate_password(new_password)
|
||||
except ValidationError as err:
|
||||
self.add_error("password", err)
|
||||
|
|
|
@ -26,7 +26,8 @@
|
|||
{% trans "Password:" %}
|
||||
</label>
|
||||
<div class="control">
|
||||
<input type="password" name="password" maxlength="128" class="input" required="" id="id_new_password" aria-describedby="form_errors">
|
||||
{{ form.password }}
|
||||
{% include 'snippets/form_errors.html' with errors_list=form.password.errors id="desc_current_password" %}
|
||||
</div>
|
||||
</div>
|
||||
<div class="field">
|
||||
|
@ -34,7 +35,8 @@
|
|||
{% trans "Confirm password:" %}
|
||||
</label>
|
||||
<div class="control">
|
||||
<input type="password" name="confirm-password" maxlength="128" class="input" required="" id="id_confirm_password" aria-describedby="form_errors">
|
||||
{{ form.confirm_password }}
|
||||
{% include 'snippets/form_errors.html' with errors_list=form.confirm_password.errors id="desc_confirm_password" %}
|
||||
</div>
|
||||
</div>
|
||||
<div class="field is-grouped">
|
||||
|
|
|
@ -5,7 +5,7 @@ from django.shortcuts import redirect
|
|||
from django.template.response import TemplateResponse
|
||||
from django.views import View
|
||||
|
||||
from bookwyrm import models
|
||||
from bookwyrm import forms, models
|
||||
from bookwyrm.emailing import password_reset_email
|
||||
|
||||
|
||||
|
@ -57,7 +57,8 @@ class PasswordReset(View):
|
|||
except models.PasswordReset.DoesNotExist:
|
||||
raise PermissionDenied()
|
||||
|
||||
return TemplateResponse(request, "landing/password_reset.html", {"code": code})
|
||||
data = {"code": code, "form": forms.PasswordResetForm()}
|
||||
return TemplateResponse(request, "landing/password_reset.html", data)
|
||||
|
||||
def post(self, request, code):
|
||||
"""allow a user to change their password through an emailed token"""
|
||||
|
@ -68,14 +69,12 @@ class PasswordReset(View):
|
|||
return TemplateResponse(request, "landing/password_reset.html", data)
|
||||
|
||||
user = reset_code.user
|
||||
|
||||
new_password = request.POST.get("password")
|
||||
confirm_password = request.POST.get("confirm-password")
|
||||
|
||||
if new_password != confirm_password:
|
||||
data = {"errors": ["Passwords do not match"]}
|
||||
form = forms.PasswordResetForm(request.POST, instance=user)
|
||||
if not form.is_valid():
|
||||
data = {"code": code, "form": form}
|
||||
return TemplateResponse(request, "landing/password_reset.html", data)
|
||||
|
||||
new_password = form.cleaned_data["password"]
|
||||
user.set_password(new_password)
|
||||
user.save(broadcast=False, update_fields=["password"])
|
||||
login(request, user)
|
||||
|
|
Loading…
Reference in a new issue