authentik/passbook/core/views/user.py

"""passbook core user views"""
from django.contrib import messages
from django.contrib.auth import logout, update_session_auth_hash
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.messages.views import SuccessMessageMixin
from django.forms.utils import ErrorList
from django.shortcuts import redirect, reverse
from django.urls import reverse_lazy
from django.utils.translation import gettext as _
from django.views.generic import DeleteView, FormView, UpdateView

from passbook.core.exceptions import PasswordPolicyInvalid
from passbook.core.forms.users import PasswordChangeForm, UserDetailForm
from passbook.lib.config import CONFIG


class UserSettingsView(SuccessMessageMixin, LoginRequiredMixin, UpdateView):
    """Update User settings"""

    template_name = 'user/settings.html'
    form_class = UserDetailForm

    success_message = _('Successfully updated user.')
    success_url = reverse_lazy('passbook_core:user-settings')

    def get_object(self):
        return self.request.user


class UserDeleteView(LoginRequiredMixin, DeleteView):
    """Delete user account"""

    template_name = 'generic/delete.html'

    def get_object(self):
        return self.request.user

    def get_success_url(self):
        messages.success(self.request, _('Successfully deleted user.'))
        logout(self.request)
        return reverse('passbook_core:auth-login')


class UserChangePasswordView(LoginRequiredMixin, FormView):
    """View for users to update their password"""

    form_class = PasswordChangeForm
    template_name = 'login/form_with_user.html'

    def form_valid(self, form: PasswordChangeForm):
        try:
            # user.set_password checks against Policies so we don't need to manually do it here
            self.request.user.set_password(form.cleaned_data.get('password'))
            self.request.user.save()
            update_session_auth_hash(self.request, self.request.user)
            messages.success(self.request, _('Successfully changed password'))
        except PasswordPolicyInvalid as exc:
            # Manually inject error into form
            # pylint: disable=protected-access
            errors = form._errors.setdefault("password_repeat", ErrorList(''))
            # pylint: disable=protected-access
            errors = form._errors.setdefault("password", ErrorList())
            for error in exc.messages:
                errors.append(error)
            return self.form_invalid(form)
        return redirect('passbook_core:overview')

    def get_context_data(self, **kwargs):
        kwargs['config'] = CONFIG.y('passbook')
        kwargs['is_login'] = True
        kwargs['title'] = _('Change Password')
        kwargs['primary_action'] = _('Change')
        return super().get_context_data(**kwargs)
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`"""passbook core user views"""`
			`from django.contrib import messages`
add password change view 2019-02-23 19:56:41 +00:00			`from django.contrib.auth import logout, update_session_auth_hash`
fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00			`from django.contrib.auth.mixins import LoginRequiredMixin`
switch from first_name and last_name to name 2019-02-27 14:09:05 +00:00			`from django.contrib.messages.views import SuccessMessageMixin`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`from django.forms.utils import ErrorList`
add password change view 2019-02-23 19:56:41 +00:00			`from django.shortcuts import redirect, reverse`
switch from first_name and last_name to name 2019-02-27 14:09:05 +00:00			`from django.urls import reverse_lazy`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`from django.utils.translation import gettext as _`
add password change view 2019-02-23 19:56:41 +00:00			`from django.views.generic import DeleteView, FormView, UpdateView`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`from passbook.core.exceptions import PasswordPolicyInvalid`
add password change view 2019-02-23 19:56:41 +00:00			`from passbook.core.forms.users import PasswordChangeForm, UserDetailForm`
			`from passbook.lib.config import CONFIG`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00

fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00			`class UserSettingsView(SuccessMessageMixin, LoginRequiredMixin, UpdateView):`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`"""Update User settings"""`
add unittests, woo 2019-02-26 09:57:05 +00:00
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`template_name = 'user/settings.html'`
			`form_class = UserDetailForm`

switch from first_name and last_name to name 2019-02-27 14:09:05 +00:00			`success_message = _('Successfully updated user.')`
			`success_url = reverse_lazy('passbook_core:user-settings')`

core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`def get_object(self):`
			`return self.request.user`

fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00
			`class UserDeleteView(LoginRequiredMixin, DeleteView):`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`"""Delete user account"""`

			`template_name = 'generic/delete.html'`

			`def get_object(self):`
			`return self.request.user`

			`def get_success_url(self):`
			`messages.success(self.request, _('Successfully deleted user.'))`
			`logout(self.request)`
			`return reverse('passbook_core:auth-login')`
add password change view 2019-02-23 19:56:41 +00:00
fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00
			`class UserChangePasswordView(LoginRequiredMixin, FormView):`
add password change view 2019-02-23 19:56:41 +00:00			`"""View for users to update their password"""`

			`form_class = PasswordChangeForm`
			`template_name = 'login/form_with_user.html'`

			`def form_valid(self, form: PasswordChangeForm):`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`try:`
use HTML5 autocomplete values to better handle password managers 2019-03-02 22:19:58 +00:00			`# user.set_password checks against Policies so we don't need to manually do it here`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`self.request.user.set_password(form.cleaned_data.get('password'))`
			`self.request.user.save()`
			`update_session_auth_hash(self.request, self.request.user)`
			`messages.success(self.request, _('Successfully changed password'))`
			`except PasswordPolicyInvalid as exc:`
			`# Manually inject error into form`
			`# pylint: disable=protected-access`
			`errors = form._errors.setdefault("password_repeat", ErrorList(''))`
			`# pylint: disable=protected-access`
			`errors = form._errors.setdefault("password", ErrorList())`
			`for error in exc.messages:`
			`errors.append(error)`
			`return self.form_invalid(form)`
add password change view 2019-02-23 19:56:41 +00:00			`return redirect('passbook_core:overview')`

			`def get_context_data(self, **kwargs):`
config(minor): CONFIG.get -> CONFIG.y 2019-09-30 16:04:04 +00:00			`kwargs['config'] = CONFIG.y('passbook')`
add password change view 2019-02-23 19:56:41 +00:00			`kwargs['is_login'] = True`
			`kwargs['title'] = _('Change Password')`
			`kwargs['primary_action'] = _('Change')`
			`return super().get_context_data(**kwargs)`