authentik/passbook/core/views/user.py

"""passbook core user views"""
from django.contrib import messages
from django.contrib.auth import logout, update_session_auth_hash
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.messages.views import SuccessMessageMixin
from django.forms.utils import ErrorList
from django.shortcuts import redirect, reverse
from django.urls import reverse_lazy
from django.utils.translation import gettext as _
from django.views.generic import DeleteView, FormView, UpdateView

from passbook.core.forms.users import PasswordChangeForm, UserDetailForm
from passbook.factors.password.exceptions import PasswordPolicyInvalid
from passbook.lib.config import CONFIG


class UserSettingsView(SuccessMessageMixin, LoginRequiredMixin, UpdateView):
    """Update User settings"""

    template_name = "user/settings.html"
    form_class = UserDetailForm

    success_message = _("Successfully updated user.")
    success_url = reverse_lazy("passbook_core:user-settings")

    def get_object(self):
        return self.request.user


class UserDeleteView(LoginRequiredMixin, DeleteView):
    """Delete user account"""

    template_name = "generic/delete.html"

    def get_object(self):
        return self.request.user

    def get_success_url(self):
        messages.success(self.request, _("Successfully deleted user."))
        logout(self.request)
        return reverse("passbook_core:auth-login")


class UserChangePasswordView(LoginRequiredMixin, FormView):
    """View for users to update their password"""

    form_class = PasswordChangeForm
    template_name = "login/form_with_user.html"

    def form_valid(self, form: PasswordChangeForm):
        try:
            # user.set_password checks against Policies so we don't need to manually do it here
            self.request.user.set_password(form.cleaned_data.get("password"))
            self.request.user.save()
            update_session_auth_hash(self.request, self.request.user)
            messages.success(self.request, _("Successfully changed password"))
        except PasswordPolicyInvalid as exc:
            # Manually inject error into form
            # pylint: disable=protected-access
            errors = form._errors.setdefault("password_repeat", ErrorList(""))
            # pylint: disable=protected-access
            errors = form._errors.setdefault("password", ErrorList())
            for error in exc.messages:
                errors.append(error)
            return self.form_invalid(form)
        return redirect("passbook_core:overview")

    def get_context_data(self, **kwargs):
        kwargs["config"] = CONFIG.y("passbook")
        kwargs["title"] = _("Change Password")
        kwargs["primary_action"] = _("Change")
        return super().get_context_data(**kwargs)
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`"""passbook core user views"""`
			`from django.contrib import messages`
add password change view 2019-02-23 19:56:41 +00:00			`from django.contrib.auth import logout, update_session_auth_hash`
fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00			`from django.contrib.auth.mixins import LoginRequiredMixin`
switch from first_name and last_name to name 2019-02-27 14:09:05 +00:00			`from django.contrib.messages.views import SuccessMessageMixin`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`from django.forms.utils import ErrorList`
add password change view 2019-02-23 19:56:41 +00:00			`from django.shortcuts import redirect, reverse`
switch from first_name and last_name to name 2019-02-27 14:09:05 +00:00			`from django.urls import reverse_lazy`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`from django.utils.translation import gettext as _`
add password change view 2019-02-23 19:56:41 +00:00			`from django.views.generic import DeleteView, FormView, UpdateView`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00
add password change view 2019-02-23 19:56:41 +00:00			`from passbook.core.forms.users import PasswordChangeForm, UserDetailForm`
*(minor): small refactor 2019-10-07 14:33:48 +00:00			`from passbook.factors.password.exceptions import PasswordPolicyInvalid`
add password change view 2019-02-23 19:56:41 +00:00			`from passbook.lib.config import CONFIG`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00

fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00			`class UserSettingsView(SuccessMessageMixin, LoginRequiredMixin, UpdateView):`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`"""Update User settings"""`
add unittests, woo 2019-02-26 09:57:05 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "user/settings.html"`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`form_class = UserDetailForm`

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`success_message = _("Successfully updated user.")`
			`success_url = reverse_lazy("passbook_core:user-settings")`
switch from first_name and last_name to name 2019-02-27 14:09:05 +00:00
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`def get_object(self):`
			`return self.request.user`

fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00
			`class UserDeleteView(LoginRequiredMixin, DeleteView):`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`"""Delete user account"""`

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/delete.html"`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00
			`def get_object(self):`
			`return self.request.user`

			`def get_success_url(self):`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`messages.success(self.request, _("Successfully deleted user."))`
core: add user settings and user delete 2018-12-10 15:58:35 +00:00			`logout(self.request)`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`return reverse("passbook_core:auth-login")`
add password change view 2019-02-23 19:56:41 +00:00
fix UserChangePasswordView not requiring Login 2019-03-11 10:25:59 +00:00
			`class UserChangePasswordView(LoginRequiredMixin, FormView):`
add password change view 2019-02-23 19:56:41 +00:00			`"""View for users to update their password"""`

			`form_class = PasswordChangeForm`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "login/form_with_user.html"`
add password change view 2019-02-23 19:56:41 +00:00
			`def form_valid(self, form: PasswordChangeForm):`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`try:`
use HTML5 autocomplete values to better handle password managers 2019-03-02 22:19:58 +00:00			`# user.set_password checks against Policies so we don't need to manually do it here`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`self.request.user.set_password(form.cleaned_data.get("password"))`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`self.request.user.save()`
			`update_session_auth_hash(self.request, self.request.user)`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`messages.success(self.request, _("Successfully changed password"))`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`except PasswordPolicyInvalid as exc:`
			`# Manually inject error into form`
			`# pylint: disable=protected-access`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`errors = form._errors.setdefault("password_repeat", ErrorList(""))`
implement password policy checking on signup and password change closes #8 2019-02-26 14:40:58 +00:00			`# pylint: disable=protected-access`
			`errors = form._errors.setdefault("password", ErrorList())`
			`for error in exc.messages:`
			`errors.append(error)`
			`return self.form_invalid(form)`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`return redirect("passbook_core:overview")`
add password change view 2019-02-23 19:56:41 +00:00
			`def get_context_data(self, **kwargs):`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`kwargs["config"] = CONFIG.y("passbook")`
			`kwargs["title"] = _("Change Password")`
			`kwargs["primary_action"] = _("Change")`
add password change view 2019-02-23 19:56:41 +00:00			`return super().get_context_data(**kwargs)`