Change password now possible

c883e359 · Jean-Sébastien Caux · e6a3bb87 · c883e359 · c883e359 · c883e359
Commit c883e359 authored 9 years ago by Jean-Sébastien Caux
--- a/contributors/forms.py
+++ b/contributors/forms.py
@@ -23,6 +23,16 @@ class RegistrationForm(forms.Form):
    password = forms.CharField(label='password', widget=forms.PasswordInput())
    password_verif = forms.CharField(label='verify pwd', widget=forms.PasswordInput())
+class UpdatePersonalDataForm(forms.Form):
+    title = forms.ChoiceField(choices=TITLE_CHOICES)
+    first_name = forms.CharField(label='First name', max_length=100)
+    last_name = forms.CharField(label='Last name', max_length=100)
+    email = forms.EmailField(label='email')
+    orcid_id = forms.CharField(label="ORCID id", max_length=20, required=False)
+    affiliation = forms.CharField(label='Affiliation', max_length=300)
+    address = forms.CharField(label='Address', max_length=1000, required=False)
+    personalwebpage = forms.URLField(label='Personal web page', required=False)
 class VetRegistrationForm(forms.Form):
    promote_to_rank_1 = forms.BooleanField(required=False)
    refusal_reason = forms.ChoiceField(choices=REGISTRATION_REFUSAL_CHOICES, required=False)
@@ -32,4 +42,8 @@ class AuthenticationForm(forms.Form):
    username = forms.CharField(label='username', max_length=100)
    password = forms.CharField(label='password', widget=forms.PasswordInput())
+class PasswordChangeForm(forms.Form):
+    password_prev = forms.CharField(label='Existing password', widget=forms.PasswordInput())
+    password_new = forms.CharField(label='New password', widget=forms.PasswordInput())
+    password_verif = forms.CharField(label='Reenter new password', widget=forms.PasswordInput())
--- a/contributors/templates/contributors/change_password.html
+++ b/contributors/templates/contributors/change_password.html
+{% extends 'scipost/base.html' %}
+{% block pagetitle %}: change password{% endblock pagetitle %}
+{% block bodysup %}
+<section>
+  <h1>Change your SciPost password</h1>
+  <form action="{% url 'contributors:change_password' %}" method="post">
+    {% csrf_token %}
+    <table>
+      <ul>
+	{{ form.as_table }}
+      </ul>
+    </table>
+    <input type="submit" value="Change" />
+  </form>
+  {% if errormessage %}
+  <p>{{ errormessage }}</p>
+  {% endif %}
+</section>
+{% endblock bodysup %}
--- a/contributors/templates/contributors/change_password_ack.html
+++ b/contributors/templates/contributors/change_password_ack.html
+{% extends 'scipost/base.html' %}
+{% block pagetitle %}: password changed{% endblock pagetitle %}
+{% block bodysup %}
+<section>
+  <h1>Your SciPost password has been successfully changed</h1>
+</section>
+{% endblock bodysup %}
--- a/contributors/templates/contributors/personal_page.html
+++ b/contributors/templates/contributors/personal_page.html
@@ -62,6 +62,9 @@
 {% if contributor.rank > 0 %}
 <section>
  <h1>Your SciPost Account</h1>
+  <ul>
+    <li><a href="{% url 'contributors:change_password' %}">Change your password</a></li>
+  </ul>
  <hr>
  <div class="row">
    <div class="col-3">

--- a/contributors/urls.py
+++ b/contributors/urls.py
@@ -12,4 +12,6 @@ urlpatterns = [
    url(r'^login$', views.login_view, name='login'),
    url(r'^logout$', views.logout_view, name='logout'),
    url(r'^personal_page$', views.personal_page, name='personal_page'),
+    url(r'^change_password$', views.change_password, name='change_password'),
+    url(r'^change_password_ack$', views.change_password_ack, name='change_password_ack'),
 ]
--- a/contributors/views.py
+++ b/contributors/views.py
@@ -156,4 +156,25 @@ def personal_page(request):
        context = {'form': form}
        return render(request, 'contributors/login.html', context)
+@csrf_protect
+def change_password(request):
+    if request.user.is_authenticated and request.method == 'POST':
+        form = PasswordChangeForm(request.POST)
+        if form.is_valid():
+            # verify existing password:
+            if not request.user.check_password(form.cleaned_data['password_prev']):
+                return render(request, 'contributors/change_password.html', {'form': form, 'errormessage': 'The currently existing password you entered is incorrect'})
+            # check for mismatching new passwords
+            if form.cleaned_data['password_new'] != form.cleaned_data['password_verif']:
+                return render(request, 'contributors/change_password.html', {'form': form, 'errormessage': 'Your new password entries must match'})
+            # otherwise simply change the pwd:
+            request.user.set_password(form.cleaned_data['password_new'])
+            request.user.save()
+            return render(request, 'contributors/change_password_ack.html')
+    else:
+        form = PasswordChangeForm()
+    return render (request, 'contributors/change_password.html', {'form': form})
+@csrf_protect
+def change_password_ack(request):
+    return render (request, 'contributors/change_password_ack.html')