diff options
| author | coderick14 | 2017-05-17 15:40:18 +0530 |
|---|---|---|
| committer | coderick14 | 2017-05-17 15:41:00 +0530 |
| commit | fe407193c200e03070928c1e2c1a6e067d32893d (patch) | |
| tree | 1c492aa814754b5db5d644c769f5382306217298 /password | |
| parent | 9a1393e8470d855762e699abca9911b9cdae6a7d (diff) | |
| download | SBHS-2018-Rpi-fe407193c200e03070928c1e2c1a6e067d32893d.tar.gz SBHS-2018-Rpi-fe407193c200e03070928c1e2c1a6e067d32893d.tar.bz2 SBHS-2018-Rpi-fe407193c200e03070928c1e2c1a6e067d32893d.zip | |
Upgrade to Django 1.11
- Database integration yet to be tested
Diffstat (limited to 'password')
| -rw-r--r-- | password/__init__.py | 0 | ||||
| -rw-r--r-- | password/admin.py | 3 | ||||
| -rw-r--r-- | password/models.py | 3 | ||||
| -rw-r--r-- | password/tests.py | 3 | ||||
| -rw-r--r-- | password/urls.py | 10 | ||||
| -rw-r--r-- | password/views.py | 83 |
6 files changed, 102 insertions, 0 deletions
diff --git a/password/__init__.py b/password/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/password/__init__.py diff --git a/password/admin.py b/password/admin.py new file mode 100644 index 0000000..8c38f3f --- /dev/null +++ b/password/admin.py @@ -0,0 +1,3 @@ +from django.contrib import admin + +# Register your models here. diff --git a/password/models.py b/password/models.py new file mode 100644 index 0000000..71a8362 --- /dev/null +++ b/password/models.py @@ -0,0 +1,3 @@ +from django.db import models + +# Create your models here. diff --git a/password/tests.py b/password/tests.py new file mode 100644 index 0000000..7ce503c --- /dev/null +++ b/password/tests.py @@ -0,0 +1,3 @@ +from django.test import TestCase + +# Create your tests here. diff --git a/password/urls.py b/password/urls.py new file mode 100644 index 0000000..8409b6c --- /dev/null +++ b/password/urls.py @@ -0,0 +1,10 @@ +from django.conf.urls import url + +from . import views + +urlpatterns = [ + url(r'^$', views.new, name='password_index'), + url(r'^link/?$', views.email, name='password_link'), + url(r'^edit/(.*)/?$', views.edit, name='password_edit'), + url(r'^update/(.*)/?$', views.update, name='password_update'), +]
\ No newline at end of file diff --git a/password/views.py b/password/views.py new file mode 100644 index 0000000..c0323a3 --- /dev/null +++ b/password/views.py @@ -0,0 +1,83 @@ +from django.shortcuts import render, redirect +from sbhs_server.tables.models import Account +from django.contrib import messages +from sbhs_server.helpers import simple_encrypt +from pages.views import index as INDEX_PAGE +import datetime + +# Create your views here. + +def new(req): + return render(req, 'password/new.html') + +def password_token(username): + return simple_encrypt.encrypt(username + ",,," + str(datetime.datetime.now())) + +def email(req): + email = req.POST.get("email") + + account = Account.objects.filter(email=email) + + if len(account) == 1: + account[0].send_password_link(password_token(account[0].username)) + messages.add_message(req, messages.SUCCESS, "Password reset link has been sent to your email address.") + return redirect(INDEX_PAGE) + +def validate_token(req, token): + try: + data = simple_encrypt.decrypt(token) + except: + messages.add_message(req, messages.ERROR, "Invalid link") + return redirect(INDEX_PAGE), False + + data = data.split(",,,") + if len(data) != 2: + messages.add_message(req, messages.ERROR, "Invalid link") + return redirect(INDEX_PAGE), False + + return data, True + +def edit(req, token): + data, flag = validate_token(req, token) + if not flag: + return data + + timediff = datetime.datetime.now() - datetime.datetime.strptime(data[1], "%Y-%m-%d %H:%M:%S.%f") + + if timediff.total_seconds() < 7200: + return render(req, "password/edit.html", {"token": token}) + else: + messages.add_message(req, messages.ERROR, "The reset link is expired.") + return redirect(INDEX_PAGE) + +def update(req, token): + data, flag = validate_token(req, token) + if not flag: + return data + + timediff = datetime.datetime.now() - datetime.datetime.strptime(data[1], "%Y-%m-%d %H:%M:%S.%f") + + if timediff.total_seconds() < 7200: + username = data[0] + account = Account.objects.filter(username=username) + if len(account) == 1: + error = "" + if req.POST.get("email") != account[0].email: + error = "Invalid email" + if req.POST.get("password") != req.POST.get("confirm"): + error = "Passwords do not match" + + if error != "": + messages.add_message(req, messages.ERROR, error) + return redirect(INDEX_PAGE) + + account[0].set_password(req.POST.get("password")) + account[0].save() + messages.add_message(req, messages.SUCCESS, "Password changed successfully") + return redirect(INDEX_PAGE) + else: + messages.add_message(req, messages.ERROR, "Invalid link") + return redirect(INDEX_PAGE) + else: + messages.add_message(req, messages.ERROR, "The reset link is expired.") + return redirect(INDEX_PAGE)
\ No newline at end of file |