move forgot password to PasswordFactor

This commit is contained in:
Jens Langhammer 2019-02-25 16:41:33 +01:00
parent c2756f15fc
commit 8b66b40f0d
6 changed files with 25 additions and 7 deletions

View file

@ -1,9 +1,11 @@
"""passbook multi-factor authentication engine""" """passbook multi-factor authentication engine"""
from logging import getLogger from logging import getLogger
from django.contrib import messages
from django.contrib.auth import authenticate from django.contrib.auth import authenticate
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.forms.utils import ErrorList from django.forms.utils import ErrorList
from django.shortcuts import redirect
from django.utils.translation import gettext as _ from django.utils.translation import gettext as _
from django.views.generic import FormView from django.views.generic import FormView
@ -21,6 +23,19 @@ class PasswordFactor(FormView, AuthenticationFactor):
form_class = PasswordFactorForm form_class = PasswordFactorForm
template_name = 'login/factors/backend.html' template_name = 'login/factors/backend.html'
def get_context_data(self, **kwargs):
kwargs['show_password_forget_notice'] = CONFIG.y('passbook.password_reset.enabled')
return super().get_context_data(**kwargs)
def get(self, request, *args, **kwargs):
if 'password-forgotten' in request.GET:
# TODO: Save nonce key in database for password reset
# TODO: Send email to user
self.authenticator.cleanup()
messages.success(request, _('Check your E-Mails for a password reset link.'))
return redirect('passbook_core:auth-login')
return super().get(request, *args, **kwargs)
def form_valid(self, form): def form_valid(self, form):
"""Authenticate against django's authentication backend""" """Authenticate against django's authentication backend"""
uid_fields = CONFIG.y('passbook.uid_fields') uid_fields = CONFIG.y('passbook.uid_fields')

View file

@ -111,7 +111,7 @@ class AuthenticationView(UserPassesTestMixin, View):
"""Show error message, user cannot login. """Show error message, user cannot login.
This should only be shown if user authenticated successfully, but is disabled/locked/etc""" This should only be shown if user authenticated successfully, but is disabled/locked/etc"""
LOGGER.debug("User invalid") LOGGER.debug("User invalid")
self._cleanup() self.cleanup()
return redirect(reverse('passbook_core:auth-denied')) return redirect(reverse('passbook_core:auth-denied'))
def _user_passed(self): def _user_passed(self):
@ -121,13 +121,13 @@ class AuthenticationView(UserPassesTestMixin, View):
login(self.request, self.pending_user, backend=backend) login(self.request, self.pending_user, backend=backend)
LOGGER.debug("Logged in user %s", self.pending_user) LOGGER.debug("Logged in user %s", self.pending_user)
# Cleanup # Cleanup
self._cleanup() self.cleanup()
next_param = self.request.GET.get('next', None) next_param = self.request.GET.get('next', None)
if next_param and is_url_absolute(next_param): if next_param and is_url_absolute(next_param):
return redirect(next_param) return redirect(next_param)
return redirect(reverse('passbook_core:overview')) return redirect(reverse('passbook_core:overview'))
def _cleanup(self): def cleanup(self):
"""Remove temporary data from session""" """Remove temporary data from session"""
session_keys = [self.SESSION_FACTOR, self.SESSION_PENDING_FACTORS, session_keys = [self.SESSION_FACTOR, self.SESSION_PENDING_FACTORS,
self.SESSION_PENDING_USER, self.SESSION_USER_BACKEND, ] self.SESSION_PENDING_USER, self.SESSION_USER_BACKEND, ]

View file

@ -2,3 +2,8 @@
{% load i18n %} {% load i18n %}
{% block beneath_form %}
{% if show_password_forget_notice %}
<a href="{% url 'passbook_core:auth-process' %}?password-forgotten">{% trans 'Forgot password?' %}</a>
{% endif %}
{% endblock %}

View file

@ -11,6 +11,8 @@
{% block above_form %} {% block above_form %}
{% endblock %} {% endblock %}
{% include 'partials/form_login.html' %} {% include 'partials/form_login.html' %}
{% block beneath_form %}
{% endblock %}
<button type="submit" class="btn btn-primary btn-block btn-lg">{% trans primary_action %}</button> <button type="submit" class="btn btn-primary btn-block btn-lg">{% trans primary_action %}</button>
</form> </form>
{% if show_sign_up_notice %} {% if show_sign_up_notice %}

View file

@ -25,9 +25,6 @@
<label class="checkbox-label"> <label class="checkbox-label">
{{ field }} {{ field.label }} {{ field }} {{ field.label }}
</label> </label>
{% if show_password_forget_notice %}
<a href="#">{% trans 'Forgot password?' %}</a>
{% endif %}
{% else %} {% else %}
<label class="col-sm-2 sr-only" {% if field.field.required %}class="required"{% endif %} for="{{ field.name }}-{{ forloop.counter0 }}"> <label class="col-sm-2 sr-only" {% if field.field.required %}class="required"{% endif %} for="{{ field.name }}-{{ forloop.counter0 }}">
{{ field.label }} {{ field.label }}

View file

@ -41,7 +41,6 @@ class LoginView(UserPassesTestMixin, FormView):
kwargs['title'] = _('Log in to your account') kwargs['title'] = _('Log in to your account')
kwargs['primary_action'] = _('Log in') kwargs['primary_action'] = _('Log in')
kwargs['show_sign_up_notice'] = CONFIG.y('passbook.sign_up.enabled') kwargs['show_sign_up_notice'] = CONFIG.y('passbook.sign_up.enabled')
kwargs['show_password_forget_notice'] = CONFIG.y('passbook.password_reset.enabled')
kwargs['sources'] = [] kwargs['sources'] = []
sources = Source.objects.filter(enabled=True).select_subclasses() sources = Source.objects.filter(enabled=True).select_subclasses()
if any(source.is_link for source in sources): if any(source.is_link for source in sources):