diff options
author | coderick14 | 2017-05-17 15:40:18 +0530 |
---|---|---|
committer | coderick14 | 2017-05-17 15:41:00 +0530 |
commit | a1e0a5502f04da68b6a9ca8508dda3f9d7e1d055 (patch) | |
tree | 20181e6b1936f50ad48d8e35720d64a37566f558 /password/views.py | |
parent | 6f4a84c1e58ff4d54aab94cbee26e995328b05b8 (diff) | |
download | SBHS-2018-Rpi-a1e0a5502f04da68b6a9ca8508dda3f9d7e1d055.tar.gz SBHS-2018-Rpi-a1e0a5502f04da68b6a9ca8508dda3f9d7e1d055.tar.bz2 SBHS-2018-Rpi-a1e0a5502f04da68b6a9ca8508dda3f9d7e1d055.zip |
Upgrade to Django 1.11
- Database integration yet to be tested
Diffstat (limited to 'password/views.py')
-rw-r--r-- | password/views.py | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/password/views.py b/password/views.py new file mode 100644 index 0000000..c0323a3 --- /dev/null +++ b/password/views.py @@ -0,0 +1,83 @@ +from django.shortcuts import render, redirect +from sbhs_server.tables.models import Account +from django.contrib import messages +from sbhs_server.helpers import simple_encrypt +from pages.views import index as INDEX_PAGE +import datetime + +# Create your views here. + +def new(req): + return render(req, 'password/new.html') + +def password_token(username): + return simple_encrypt.encrypt(username + ",,," + str(datetime.datetime.now())) + +def email(req): + email = req.POST.get("email") + + account = Account.objects.filter(email=email) + + if len(account) == 1: + account[0].send_password_link(password_token(account[0].username)) + messages.add_message(req, messages.SUCCESS, "Password reset link has been sent to your email address.") + return redirect(INDEX_PAGE) + +def validate_token(req, token): + try: + data = simple_encrypt.decrypt(token) + except: + messages.add_message(req, messages.ERROR, "Invalid link") + return redirect(INDEX_PAGE), False + + data = data.split(",,,") + if len(data) != 2: + messages.add_message(req, messages.ERROR, "Invalid link") + return redirect(INDEX_PAGE), False + + return data, True + +def edit(req, token): + data, flag = validate_token(req, token) + if not flag: + return data + + timediff = datetime.datetime.now() - datetime.datetime.strptime(data[1], "%Y-%m-%d %H:%M:%S.%f") + + if timediff.total_seconds() < 7200: + return render(req, "password/edit.html", {"token": token}) + else: + messages.add_message(req, messages.ERROR, "The reset link is expired.") + return redirect(INDEX_PAGE) + +def update(req, token): + data, flag = validate_token(req, token) + if not flag: + return data + + timediff = datetime.datetime.now() - datetime.datetime.strptime(data[1], "%Y-%m-%d %H:%M:%S.%f") + + if timediff.total_seconds() < 7200: + username = data[0] + account = Account.objects.filter(username=username) + if len(account) == 1: + error = "" + if req.POST.get("email") != account[0].email: + error = "Invalid email" + if req.POST.get("password") != req.POST.get("confirm"): + error = "Passwords do not match" + + if error != "": + messages.add_message(req, messages.ERROR, error) + return redirect(INDEX_PAGE) + + account[0].set_password(req.POST.get("password")) + account[0].save() + messages.add_message(req, messages.SUCCESS, "Password changed successfully") + return redirect(INDEX_PAGE) + else: + messages.add_message(req, messages.ERROR, "Invalid link") + return redirect(INDEX_PAGE) + else: + messages.add_message(req, messages.ERROR, "The reset link is expired.") + return redirect(INDEX_PAGE)
\ No newline at end of file |