secure email_change view
This commit is contained in:
parent
f6651ba004
commit
01fcbaf67e
|
@ -37,4 +37,19 @@ class UserProfileForm(forms.ModelForm):
|
||||||
and field_name != 'email' ]
|
and field_name != 'email' ]
|
||||||
|
|
||||||
class EmailChangeForm(forms.Form):
|
class EmailChangeForm(forms.Form):
|
||||||
|
password = forms.CharField(label=_("Password"),
|
||||||
|
widget=forms.PasswordInput)
|
||||||
email = forms.EmailField(label=_('New email'))
|
email = forms.EmailField(label=_('New email'))
|
||||||
|
|
||||||
|
def __init__(self, user, *args, **kwargs):
|
||||||
|
self.user = user
|
||||||
|
super(EmailChangeForm, self).__init__(*args, **kwargs)
|
||||||
|
|
||||||
|
def clean_password(self):
|
||||||
|
password = self.cleaned_data["password"]
|
||||||
|
if not self.user.check_password(password):
|
||||||
|
raise forms.ValidationError(
|
||||||
|
_('Incorrect password.'),
|
||||||
|
code='password_incorrect',
|
||||||
|
)
|
||||||
|
return password
|
||||||
|
|
|
@ -131,6 +131,13 @@ class EmailChangeView(FormView):
|
||||||
body_template = 'profiles/email_change_body.txt'
|
body_template = 'profiles/email_change_body.txt'
|
||||||
success_url = '../..'
|
success_url = '../..'
|
||||||
|
|
||||||
|
def get_form_kwargs(self):
|
||||||
|
kwargs = super(EmailChangeView, self).get_form_kwargs()
|
||||||
|
kwargs.update({
|
||||||
|
'user': self.request.user,
|
||||||
|
})
|
||||||
|
return kwargs
|
||||||
|
|
||||||
def form_valid(self, form):
|
def form_valid(self, form):
|
||||||
email = form.cleaned_data['email']
|
email = form.cleaned_data['email']
|
||||||
site = get_current_site(self.request)
|
site = get_current_site(self.request)
|
||||||
|
@ -160,7 +167,7 @@ class EmailChangeView(FormView):
|
||||||
'link contained inside.'))
|
'link contained inside.'))
|
||||||
return super(EmailChangeView, self).form_valid(form)
|
return super(EmailChangeView, self).form_valid(form)
|
||||||
|
|
||||||
email_change = EmailChangeView.as_view()
|
email_change = prevent_access_to_transient_users(EmailChangeView.as_view())
|
||||||
|
|
||||||
class EmailChangeVerifyView(TemplateView):
|
class EmailChangeVerifyView(TemplateView):
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
|
|
Loading…
Reference in New Issue