diff --git a/envipath/settings.py b/envipath/settings.py index 18dd8681..baf7aa8a 100644 --- a/envipath/settings.py +++ b/envipath/settings.py @@ -141,13 +141,15 @@ USE_TZ = True DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' -# EMAIL -EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' -EMAIL_USE_TLS = True -EMAIL_HOST = 'mail.gandi.net' -EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] -EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] -EMAIL_PORT = 587 +if DEBUG: + EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' +else: + EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' + EMAIL_USE_TLS = True + EMAIL_HOST = 'mail.gandi.net' + EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] + EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] + EMAIL_PORT = 587 AUTH_USER_MODEL = "epdb.User" ADMIN_APPROVAL_REQUIRED = os.environ.get('ADMIN_APPROVAL_REQUIRED', 'False') == 'True' @@ -342,8 +344,12 @@ FLAGS = { 'APPLICABILITY_DOMAIN': APPLICABILITY_DOMAIN_ENABLED, } +# path of the URL are checked via "startswith" +# -> /password_reset/done is covered as well LOGIN_EXEMPT_URLS = [ '/api/legacy/', '/o/token/', '/o/userinfo/', + '/password_reset/', + '/reset/' ] diff --git a/epdb/urls.py b/epdb/urls.py index 220a8229..a73779f2 100644 --- a/epdb/urls.py +++ b/epdb/urls.py @@ -1,21 +1,36 @@ from django.urls import path, re_path +from django.contrib.auth import views as auth_views from . import views as v -# from sesame.views import LoginView UUID = '[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}' urlpatterns = [ - # Sesame - # path("login/", v.EmailLoginView.as_view(), name="email_login"), - # path("login/auth/", LoginView.as_view(), name="login"), - # Home re_path(r'^$', v.index, name='index'), + # Login re_path(r'^login', v.login, name='login'), re_path(r'^logout', v.logout, name='logout'), + # Built In views + path('password_reset/', auth_views.PasswordResetView.as_view( + template_name='static/password_reset_form.html' + ), name='password_reset'), + + path('password_reset/done/', auth_views.PasswordResetDoneView.as_view( + template_name='static/password_reset_done.html' + ), name='password_reset_done'), + + path('reset///', auth_views.PasswordResetConfirmView.as_view( + template_name='static/password_reset_confirm.html' + ), name='password_reset_confirm'), + + path('reset/done/', auth_views.PasswordResetCompleteView.as_view( + template_name='static/password_reset_complete.html' + ), name='password_reset_complete'), + + # Top level urls re_path(r'^package$', v.packages, name='packages'), re_path(r'^compound$', v.compounds, name='compounds'), @@ -78,5 +93,6 @@ urlpatterns = [ re_path(r'^depict$', v.depict, name='depict'), + # OAuth Stuff path("o/userinfo/", v.userinfo, name="oauth_userinfo"), ] diff --git a/epdb/views.py b/epdb/views.py index d9e94acf..da98412f 100644 --- a/epdb/views.py +++ b/epdb/views.py @@ -48,7 +48,7 @@ def login(request): if request.method == 'GET': context['title'] = 'enviPath' context['next'] = request.GET.get('next', '') - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) elif request.method == 'POST': is_login = bool(request.POST.get('login', False)) @@ -67,17 +67,17 @@ def login(request): if not temp_user.is_active: context['message'] = "User account is not activated yet!" - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) email = temp_user.email except get_user_model().DoesNotExist: context['message'] = "Login failed!" - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) try: user = authenticate(username=email, password=password) except Exception as e: context['message'] = "Login failed!" - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) if user is not None: login(request, user) @@ -88,7 +88,7 @@ def login(request): return redirect(s.SERVER_URL) else: context['message'] = "Login failed!" - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) elif is_register: username = request.POST.get('username') @@ -98,19 +98,19 @@ def login(request): if password != rpassword or password == '': context['message'] = "Registration failed, provided passwords differ!" - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) try: u = UserManager.create_user(username, email, password) except Exception: context['message'] = "Registration failed! Couldn't create User Account." - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) if s.ADMIN_APPROVAL_REQUIRED: context['message'] = "Your account has been created! An admin will activate it soon!" else: context['message'] = "Account has been created! You'll receive a mail to activate your account shortly." - return render(request, 'login.html', context) + return render(request, 'static/login.html', context) else: return HttpResponseBadRequest() else: diff --git a/templates/login.html b/templates/login.html deleted file mode 100644 index 47e548d9..00000000 --- a/templates/login.html +++ /dev/null @@ -1,203 +0,0 @@ -{% load static %} - - - - - - enviPath - Login - - - - - - - - - - -
-
- - -
- -
-
-
- {% if message %} - - {% else %} - - {% endif %} -
- - - - - - - - diff --git a/templates/static/login.html b/templates/static/login.html new file mode 100644 index 00000000..2038c932 --- /dev/null +++ b/templates/static/login.html @@ -0,0 +1,54 @@ +{% extends "static/static_base.html" %} + +{% block content %} + {% if message %} + + {% else %} + + {% endif %} +
+
+
+
+ {% csrf_token %} +
+ +
+ +
+ +
+ +
+ +
+
+ Forgot your password? +
+
+
+
+ +
+ +
+
+ +
+
+
+
+{% endblock %} diff --git a/templates/static/password_reset_complete.html b/templates/static/password_reset_complete.html new file mode 100644 index 00000000..ae200424 --- /dev/null +++ b/templates/static/password_reset_complete.html @@ -0,0 +1,5 @@ +{% extends "static/static_base.html" %} + +{% block content %} +

Your password has been reset successfully. Login

+{% endblock %} diff --git a/templates/static/password_reset_confirm.html b/templates/static/password_reset_confirm.html new file mode 100644 index 00000000..8fe4c00b --- /dev/null +++ b/templates/static/password_reset_confirm.html @@ -0,0 +1,31 @@ +{% extends "static/static_base.html" %} + +{% block content %} +
+
+
+

Enter new password

+
+ {% csrf_token %} +

+ + +

+ + {{ form.new_password1.help_text|safe }} + +

+ + + {{ form.new_password2.help_text|safe }} +

+ +
+
+
+
+{% endblock %} \ No newline at end of file diff --git a/templates/static/password_reset_done.html b/templates/static/password_reset_done.html new file mode 100644 index 00000000..130ea651 --- /dev/null +++ b/templates/static/password_reset_done.html @@ -0,0 +1,7 @@ +{% extends "static/static_base.html" %} + +{% block content %} + +{% endblock %} \ No newline at end of file diff --git a/templates/static/password_reset_form.html b/templates/static/password_reset_form.html new file mode 100644 index 00000000..e32f63c9 --- /dev/null +++ b/templates/static/password_reset_form.html @@ -0,0 +1,23 @@ +{% extends "static/static_base.html" %} + +{% block content %} +
+
+
+
+ {% csrf_token %} + + +
+ +
+ +
+
+
+
+
+
+{% endblock %} diff --git a/templates/static/static_base.html b/templates/static/static_base.html new file mode 100644 index 00000000..174d7d85 --- /dev/null +++ b/templates/static/static_base.html @@ -0,0 +1,64 @@ +{% load static %} + + + + + + enviPath - Login + + + + + + + + + + +
+
+ +
+{% block content %} +{% endblock content %} +
+ + + + +