_V*8@sddlmZddlmZddlmZmZmZddlm Z m Z ddl m Z ddl mZddlmZddlmZdd lmZdd lmZdd lmZdd lmZmZdd lmZddlmZddl m!Z!ddl"m#Z#m$Z%Gdddej&Z'Gdddej(Z)Gdddej*Z+Gdddej*Z,Gdddej-Z.Gdddej-Z/Gdddej-Z0Gdd d e0Z1Gd!d"d"ej-Z2d#S)$)unicode_literals)forms) authenticateget_user_modelpassword_validation)UNUSABLE_PASSWORD_PREFIXidentify_hasher)User)default_token_generator)get_current_site)EmailMultiAlternatives)flatatt)loader) force_bytes) format_htmlformat_html_join)urlsafe_base64_encode) mark_safe)capfirst)ugettext ugettext_lazyc@seZdZddZdS)ReadOnlyPasswordHashWidgetcCs|}|j|}| s+|jtrDtdtd}niyt|}Wn(tk r~tdtd}Yn/Xtdddd|j|j D}t dt ||S) Nz%szNo password set.z5Invalid password format or unknown hashing algorithm.z{}: {} css'|]\}}t||fVqdS)N)r).0keyvaluer;/tmp/pip-build-ghmbqnp_/Django/django/contrib/auth/forms.py (sz4ReadOnlyPasswordHashWidget.render..z{}) Z build_attrs startswithrrrr ValueErrorrZ safe_summaryitemsrr )selfnamerattrsencodedZ final_attrssummaryZhasherrrrrenders   z!ReadOnlyPasswordHashWidget.renderN)__name__ __module__ __qualname__r'rrrrrs rcs@eZdZeZfddZddZddZS)ReadOnlyPasswordHashFieldcs-|jddtt|j||dS)NrequiredF) setdefaultsuperr+__init__)r"argskwargs) __class__rrr/2sz"ReadOnlyPasswordHashField.__init__cCs|S)Nr)r"datainitialrrr bound_data6sz$ReadOnlyPasswordHashField.bound_datacCsdS)NFr)r"r4r3rrr has_changed;sz%ReadOnlyPasswordHashField.has_changed)r(r)r*rwidgetr/r5r6rr)r2rr+/s  r+cseZdZdZiedd6ZejdeddejZ ejdeddejded Z Gd d d Z d d Z dfddZ S)UserCreationFormzc A form that creates a user, with no privileges, from the given username and password. z%The two password fields didn't match.password_mismatchlabelPasswordr7zPassword confirmation help_textz4Enter the same password as before, for verification.c@seZdZeZdZdS)zUserCreationForm.MetausernameN)zusername)r(r)r*r modelfieldsrrrrMetaMs r@cCs|jjd}|jjd}|r[|r[||kr[tj|jdddn|jjd|j_tj|jjd|j|S)N password1 password2r9coder=) cleaned_datagetrValidationErrorerror_messagesinstancer=rvalidate_password)r"rArBrrrclean_password2Qs  z UserCreationForm.clean_password2TcsFtt|jdd}|j|jd|rB|jn|S)NcommitFrA)r.r8save set_passwordrD)r"rKuser)r2rrrL]s  zUserCreationForm.save)r(r)r*__doc___rGr CharField PasswordInputrArBr@rJrLrr)r2rr8?s    r8csbeZdZededdedZGdddZfddZd d ZS) UserChangeFormr:r;r<zRaw passwords are not stored, so there is no way to see this user's password, but you can change the password using this form.c@seZdZeZdZdS)zUserChangeForm.Meta__all__N)r(r)r*r r>r?rrrrr@ks r@csStt|j|||jjd}|dk rO|jjd|_ndS)NZuser_permissions content_type)r.rSr/r?rEZquerysetZselect_related)r"r0r1f)r2rrr/os zUserChangeForm.__init__cCs |jdS)Npassword)r4)r"rrrclean_passworduszUserChangeForm.clean_password) r(r)r*r+rPrWr@r/rXrr)r2rrSes rScseZdZdZejddZejdeddejZ iedd6ed d 6Z d fd d Z ddZ ddZ ddZddZS)AuthenticationFormzs Base class for authenticating users. Extend this to get a form that accepts username/password logins. max_lengthr:r;r7z^Please enter a correct %(username)s and password. Note that both fields may be case-sensitive. invalid_loginzThis account is inactive.inactiveNcs||_d|_tt|j||t}|jj|j|_ |j dj dkrt |j j |j d_ ndS)z The 'request' parameter is set for custom auth use by subclasses. The form data comes in via the standard 'data' kwarg. Nr=)request user_cacher.rYr/rZ_meta get_fieldZUSERNAME_FIELDusername_fieldr?r:r verbose_name)r"r^r0r1Z UserModel)r2rrr/s   zAuthenticationForm.__init__cCs|jjd}|jjd}|r|rtd|d||_|jdkrtj|jddddi|jjd6q|j |jn|jS)Nr=rWr\rCparams) rDrErr_rrFrGrarbconfirm_login_allowed)r"r=rWrrrcleans    zAuthenticationForm.cleancCs,|js(tj|jdddndS)a Controls whether the given User may log in. This is a policy setting, independent of end-user authentication. This default behavior is to allow login by active users, and reject login by inactive users. If the given user cannot log in, this method should raise a ``forms.ValidationError``. If the given user may log in, this method should return None. r]rCN) is_activerrFrG)r"rNrrrrds  z(AuthenticationForm.confirm_login_allowedcCs|jr|jjSdS)N)r_id)r"rrr get_user_ids  zAuthenticationForm.get_user_idcCs|jS)N)r_)r"rrrget_userszAuthenticationForm.get_user)r(r)r*rOrrQr=rPrRrWrGr/rerdrhrirr)r2rrY|s !    rYc @speZdZejdedddZdddZdd Zdd d d e ddddd d Z dS)PasswordResetFormr:ZEmailrZr[Nc Cstj||}dj|j}tj||}t||||g} |dk rtj||} | j| dn| jdS)zP Sends a django.core.mail.EmailMultiAlternatives to `to_email`. rNz text/html)rZrender_to_stringjoin splitlinesr Zattach_alternativesend) r"subject_template_nameemail_template_namecontext from_emailZto_emailhtml_email_template_namesubjectbodyZ email_messageZ html_emailrrr send_mails zPasswordResetForm.send_mailcCs/tjjd|dd}dd|DS)aGiven an email, return matching user(s) who should receive a reset. This allows subclasses to more easily customize the default policies that prevent inactive users and users with unusable passwords from resetting their password. Z email__iexactrfTcss!|]}|jr|VqdS)N)Zhas_usable_password)rurrrrsz.PasswordResetForm.get_users..)rZ_default_managerfilter)r"emailZ active_usersrrr get_usersszPasswordResetForm.get_usersz'registration/password_reset_subject.txtz®istration/password_reset_email.htmlFc  Cs|jd} x|j| D]} |sJt|} | j} | j}n |} }i| jd6|d6| d6tt| jd6| d6|j | d6|rdndd 6}| d k r|j | n|j ||||| jd |qWd S) ze Generates a one-use only link for resetting password and sends to the user. rxdomain site_nameuidrNtokenhttpshttpprotocolNrr) rDryr r#rzrxrrpkZ make_tokenupdateru)r"Zdomain_overridernroZ use_httpsZtoken_generatorrqr^rrZextra_email_contextrxrNZ current_siter{rzrprrrrLs(        zPasswordResetForm.save) r(r)r*rZ EmailFieldrPrxruryr rLrrrrrjs   rjcseZdZdZiedd6Zejdeddejde j Z ejdeddejZ fd d Z d d Zd ddZS)SetPasswordFormza A form that lets a user change set their password without entering the old password z%The two password fields didn't match.r9r:z New passwordr7r<zNew password confirmationcs&||_tt|j||dS)N)rNr.rr/)r"rNr0r1)r2rrr/s zSetPasswordForm.__init__cCsu|jjd}|jjd}|r^|r^||kr^tj|jdddq^ntj||j|S)N new_password1 new_password2r9rC)rDrErrFrGrrIrN)r"rArBrrrclean_new_password2s   z#SetPasswordForm.clean_new_password2TcCs:|jd}|jj||r3|jjn|jS)Nr)rDrNrMrL)r"rKrWrrrrL$s  zSetPasswordForm.save)r(r)r*rOrPrGrrQrRr"password_validators_help_text_htmlrrr/rrLrr)r2rrs    rc@sqeZdZdZeejiedd6Zej deddej Z ddd gZ d d Z d S) PasswordChangeFormz[ A form that lets a user change their password by entering their old password. zAYour old password was entered incorrectly. Please enter it again.password_incorrectr:z Old passwordr7 old_passwordrrcCsB|jd}|jj|s>tj|jdddn|S)zC Validates that the old_password field is correct. rrrC)rDrNZcheck_passwordrrFrG)r"rrrrclean_old_password:s    z%PasswordChangeForm.clean_old_passwordN)r(r)r*rOdictrrGrPrrQrRrZ field_orderrrrrrr,s   rcseZdZdZiedd6ZdZejdeddej de j Z ejded dej ded Z fd d Zd dZdddZfddZeeZS)AdminPasswordChangeFormzN A form used to change the password of a user in the admin interface. z%The two password fields didn't match.r9r,r:r;r7r<zPassword (again)z4Enter the same password as before, for verification.cs&||_tt|j||dS)N)rNr.rr/)r"rNr0r1)r2rrr/Zs z AdminPasswordChangeForm.__init__cCsu|jjd}|jjd}|r^|r^||kr^tj|jdddq^ntj||j|S)NrArBr9rC)rDrErrFrGrrIrN)r"rArBrrrrJ^s   z'AdminPasswordChangeForm.clean_password2TcCs:|jd}|jj||r3|jjn|jS)z) Saves the new password. rA)rDrNrMrL)r"rKrWrrrrLjs  zAdminPasswordChangeForm.savecsCtt|j}x'|jjD]}||kr"gSq"WdgS)NrW)r.r changed_datar?keys)r"r3r#)r2rr_get_changed_datats  z)AdminPasswordChangeForm._get_changed_data)r(r)r*rOrPrGZrequired_css_classrrQrRrrrArBr/rJrLrpropertyrrr)r2rrGs"         rN)3 __future__rZdjangorZdjango.contrib.authrrrZdjango.contrib.auth.hashersrrZdjango.contrib.auth.modelsr Zdjango.contrib.auth.tokensr Zdjango.contrib.sites.shortcutsr Zdjango.core.mailr Zdjango.forms.utilsr Zdjango.templaterZdjango.utils.encodingrZdjango.utils.htmlrrZdjango.utils.httprZdjango.utils.safestringrZdjango.utils.textrZdjango.utils.translationrrrPZWidgetrZFieldr+Z ModelFormr8rSZFormrYrjrrrrrrrs0&IA&