Ticket #6083: 6083_newforms_auth2.diff

a/django/contrib/admin/templates/admin/auth/user/add_form.html

@@ -8 +8 @@
-<fieldset class="module aligned">
-
-<div class="form-row">
-
+
+
-  <label for="id_username" class="required">{% trans 'Username' %}:</label> {{ form.username }}
-username_
+form.username.
-</div>
-
-<div class="form-row">
-
+
+
-  <label for="id_password1" class="required">{% trans 'Password' %}:</label> {{ form.password1 }}
-</div>
-
-<div class="form-row">
-
+
+
-  <label for="id_password2" class="required">{% trans 'Password (again)' %}:</label> {{ form.password2 }}
-  <p class="help">{% trans 'Enter the same password as above, for verification.' %}</p>
-</div>

a/django/contrib/admin/templates/admin/auth/user/change_password.html

@@ -18 +18 @@
-<form action="{{ form_url }}" method="post" id="{{ opts.module_name }}_form">{% block form_top %}{% endblock %}
-<div>
-{% if is_popup %}<input type="hidden" name="_popup" value="1" />{% endif %}
-_dict
+s
-    <p class="errornote">
-_dict
+s
-    </p>
-{% endif %}
-
@@ -29 +29 @@
-<fieldset class="module aligned">
-
-<div class="form-row">
-
+
+
-  <label for="id_password1" class="required">{% trans 'Password' %}:</label> {{ form.password1 }}
-</div>
-
-<div class="form-row">
-
+
+
-  <label for="id_password2" class="required">{% trans 'Password (again)' %}:</label> {{ form.password2 }}
-  <p class="help">{% trans 'Enter the same password as above, for verification.' %}</p>
-</div>

a/django/contrib/auth/admin.py

@@ -27 +27 @@
-    def add_view(self, request):
-        if not self.has_change_permission(request):
-            raise PermissionDenied
-        manipulator = UserCreationForm()
-        if request.method == 'POST':
-
-
-
-
+
+
+
-                msg = _('The %(name)s "%(obj)s" was added successfully.') % {'name': 'user', 'obj': new_user}
-                if "_addanother" in request.POST:
-                    request.user.message_set.create(message=msg)
@@ -41 +39 @@
-                    request.user.message_set.create(message=msg + ' ' + ugettext("You may edit it again below."))
-                    return HttpResponseRedirect('../%s/' % new_user.id)
-        else:
-
-
+
-        return render_to_response('admin/auth/user/add_form.html', {
-            'title': _('Add user'),
-            'form': form,

a/django/contrib/auth/forms.py

@@ -3 +3 @@
-from django.contrib.sites.models import Site
-from django.template import Context, loader
-from django.core import validators
-old
+newforms as 
-from django.utils.translation import ugettext as _
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-        try:
-field_data
+username
-        except User.DoesNotExist:
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-oldforms.Manipulator
+forms.Form
-    """
-    Base class for authenticating users. Extend this to get a form that accepts
-    username/password logins.
-    """
-
+
+
+
+
-        """
-manipulator
+form
-        enabled. Note that the request (a HttpRequest object) must have set a
-        cookie with the key TEST_COOKIE_NAME and value TEST_COOKIE_VALUE before
-or
+ion
-        """
-        self.request = request
-        self.fields = [
-            oldforms.TextField(field_name="username", length=15, max_length=30, is_required=True,
-                validator_list=[self.isValidUser, self.hasCookiesEnabled]),
-            oldforms.PasswordField(field_name="password", length=15, max_length=30, is_required=True),
-        ]
-        self.user_cache = None
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-    def get_user_id(self):
-        if self.user_cache:
-            return self.user_cache.id
-        return None
-
+
-    def get_user(self):
-        return self.user_cache
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-        if len(self.users_cache) == 0:
-validators.ValidationError, _("That e-mail address doesn't have an associated user account. Are you sure you've registered?"
-
+forms.ValidationError(_("That e-mail address doesn't have an associated user account. Are you sure you've registered?")
+
-    def save(self, domain_override=None, email_template_name='registration/password_reset_email.html'):
-
+
+
+
-        from django.core.mail import send_mail
-        for user in self.users_cache:
-            new_pass = User.objects.make_random_password()
@@ -103 +122 @@
-                'domain': domain,
-                'site_name': site_name,
-                'user': user,
-
-
+
+
+
-
-
-
-
+
+
+
+
+
+
+
+
+
-        self.user = user
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-        self.user = user
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

/dev/null

@@ -1 @@
-"""
->>> from models import User, AnonymousUser
->>> u = User.objects.create_user('testuser', 'test@example.com', 'testpw')
->>> u.has_usable_password()
-True
->>> u.check_password('bad')
-False
->>> u.check_password('testpw')
-True
->>> u.set_unusable_password()
->>> u.save()
->>> u.check_password('testpw')
-False
->>> u.has_usable_password()
-False
->>> u2 = User.objects.create_user('testuser2', 'test2@example.com')
->>> u2.has_usable_password()
-False
-
->>> u.is_authenticated()
-True
->>> u.is_staff
-False
->>> u.is_active
-True
-
->>> a = AnonymousUser()
->>> a.is_authenticated()
-False
->>> a.is_staff
-False
->>> a.is_active
-False
->>> a.groups.all()
-[]
->>> a.user_permissions.all()
-[]
-"""

/dev/null

@@ +1 @@
+from django.contrib.auth.tests.basic import BASIC_TESTS
+from django.contrib.auth.tests.forms import FORM_TESTS, PasswordResetFormTestCase
+
+__test__ = {
+    'BASIC_TESTS': BASIC_TESTS,
+    'PASSWORDRESET_TESTS': PasswordResetFormTestCase,
+    'FORM_TESTS': FORM_TESTS,
+}

/dev/null

@@ +1 @@
+
+BASIC_TESTS = """
+>>> from django.contrib.auth.models import User, AnonymousUser
+>>> u = User.objects.create_user('testuser', 'test@example.com', 'testpw')
+>>> u.has_usable_password()
+True
+>>> u.check_password('bad')
+False
+>>> u.check_password('testpw')
+True
+>>> u.set_unusable_password()
+>>> u.save()
+>>> u.check_password('testpw')
+False
+>>> u.has_usable_password()
+False
+>>> u2 = User.objects.create_user('testuser2', 'test2@example.com')
+>>> u2.has_usable_password()
+False
+
+>>> u.is_authenticated()
+True
+>>> u.is_staff
+False
+>>> u.is_active
+True
+
+>>> a = AnonymousUser()
+>>> a.is_authenticated()
+False
+>>> a.is_staff
+False
+>>> a.is_active
+False
+>>> a.groups.all()
+[]
+>>> a.user_permissions.all()
+[]
+"""

/dev/null

@@ +1 @@
+
+from django.core import mail
+from django.test import TestCase
+from django.contrib.auth.models import User
+from django.contrib.auth.forms import PasswordResetForm
+
+class PasswordResetFormTestCase(TestCase):
+    def testValidUser(self):
+        data = {
+            'email': 'nonexistent@example.com',
+        }
+        form = PasswordResetForm(data)
+        self.assertEqual(form.is_valid(), False)
+        self.assertEqual(form["email"].errors, [u"That e-mail address doesn't have an associated user account. Are you sure you've registered?"])
+    
+    def testEmail(self):
+        # TODO: remove my email address from the test ;)
+        User.objects.create_user('atestuser', 'atestuser@example.com', 'test789')
+        data = {
+            'email': 'atestuser@example.com',
+        }
+        form = PasswordResetForm(data)
+        self.assertEqual(form.is_valid(), True)
+        # TODO: look at why using contrib.sites breaks other tests
+        form.save(domain_override="example.com")
+        self.assertEqual(len(mail.outbox), 1)
+        self.assertEqual(mail.outbox[0].subject, u'Password reset on example.com')
+        # TODO: test mail body. need to figure out a way to get the password in plain text
+        # self.assertEqual(mail.outbox[0].body, '')
+
+FORM_TESTS = """
+>>> from django.contrib.auth.models import User
+>>> from django.contrib.auth.forms import UserCreationForm, AuthenticationForm
+>>> from django.contrib.auth.forms import PasswordChangeForm
+
+The user already exists.
+
+>>> user = User.objects.create_user("jsmith", "jsmith@example.com", "test123")
+>>> data = {
+...     'username': 'jsmith',
+...     'password1': 'test123',
+...     'password2': 'test123',
+... }
+>>> form = UserCreationForm(data)
+>>> form.is_valid()
+False
+>>> form["username"].errors
+[u'A user with that username already exists.']
+
+The username contains invalid data.
+
+>>> data = {
+...     'username': 'jsmith@example.com',
+...     'password1': 'test123',
+...     'password2': 'test123',
+... }
+>>> form = UserCreationForm(data)
+>>> form.is_valid()
+False
+>>> form["username"].errors
+[u'This value must contain only letters, numbers and underscores.']
+
+The verification password is incorrect.
+
+>>> data = {
+...     'username': 'jsmith2',
+...     'password1': 'test123',
+...     'password2': 'test',
+... }
+>>> form = UserCreationForm(data)
+>>> form.is_valid()
+False
+>>> form["password2"].errors
+[u"The two password fields didn't match."]
+
+The success case.
+
+>>> data = {
+...     'username': 'jsmith2',
+...     'password1': 'test123',
+...     'password2': 'test123',
+... }
+>>> form = UserCreationForm(data)
+>>> form.is_valid()
+True
+>>> form.save()
+<User: jsmith2>
+
+The user submits an invalid username.
+
+>>> data = {
+...     'username': 'jsmith_does_not_exist',
+...     'password': 'test123',
+... }
+
+>>> form = AuthenticationForm(None, data)
+>>> form.is_valid()
+False
+>>> form.non_field_errors()
+[u'Please enter a correct username and password. Note that both fields are case-sensitive.']
+
+The user is inactive.
+
+>>> data = {
+...     'username': 'jsmith',
+...     'password': 'test123',
+... }
+>>> user.is_active = False
+>>> user.save()
+>>> form = AuthenticationForm(None, data)
+>>> form.is_valid()
+False
+>>> form.non_field_errors()
+[u'This account is inactive.']
+
+>>> user.is_active = True
+>>> user.save()
+
+The success case
+
+>>> form = AuthenticationForm(None, data)
+>>> form.is_valid()
+True
+>>> form.non_field_errors()
+[]
+
+The old password is incorrect.
+
+>>> data = {
+...     'old_password': 'test',
+...     'new_password1': 'abc123',
+...     'new_password2': 'abc123',
+... }
+>>> form = PasswordChangeForm(user, data)
+>>> form.is_valid()
+False
+>>> form["old_password"].errors
+[u'Your old password was entered incorrectly. Please enter it again.']
+
+The two new passwords do not match.
+
+>>> data = {
+...     'old_password': 'test123',
+...     'new_password1': 'abc123',
+...     'new_password2': 'abc',
+... }
+>>> form = PasswordChangeForm(user, data)
+>>> form.is_valid()
+False
+>>> form["new_password2"].errors
+[u"The two password fields didn't match."]
+
+The success case.
+
+>>> data = {
+...     'old_password': 'test123',
+...     'new_password1': 'abc123',
+...     'new_password2': 'abc123',
+... }
+>>> form = PasswordChangeForm(user, data)
+>>> form.is_valid()
+True
+
+"""

a/django/contrib/auth/views.py

@@ -1 +1 @@
-from django.contrib.auth.forms import AuthenticationForm
-from django.contrib.auth.forms import PasswordResetForm, PasswordChangeForm, AdminPasswordChangeForm
-from django.core.exceptions import PermissionDenied
-from django import oldforms
-from django.shortcuts import render_to_response, get_object_or_404
-from django.template import RequestContext
-from django.contrib.sites.models import Site, RequestSite
@@ -14 +13 @@
-
-def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
-    "Displays the login form and handles the login action."
-    manipulator = AuthenticationForm(request)
-    redirect_to = request.REQUEST.get(redirect_field_name, '')
-POST
-errors = manipulator.get_validation_errors(
-not errors
+method == "POST"
+form = AuthenticationForm(request, 
+form.is_valid()
-            # Light security check -- make sure redirect_to isn't garbage.
-            if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
-                from django.conf import settings
-                redirect_to = settings.LOGIN_REDIRECT_URL
-            from django.contrib.auth import login
-manipulator
+form
-            request.session.delete_test_cookie()
-            return HttpResponseRedirect(redirect_to)
-    else:
-errors = {}
+form = AuthenticationForm(request)
-    request.session.set_test_cookie()
-
-    if Site._meta.installed:
-        current_site = Site.objects.get_current()
-    else:
-        current_site = RequestSite(request)
-
-    return render_to_response(template_name, {
-oldforms.FormWrapper(manipulator, request.POST, errors)
+form
-        redirect_field_name: redirect_to,
-        'site_name': current_site.name,
-    }, context_instance=RequestContext(request))
@@ -68 +64 @@
-
-def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html',
-        email_template_name='registration/password_reset_email.html'):
-
-
-
-
-
-
+
+
+
-            if is_admin_site:
-                form.save(domain_override=request.META['HTTP_HOST'])
-            else:
-                form.save(email_template_name=email_template_name)
-            return HttpResponseRedirect('%sdone/' % request.path)
-
-
+
+
+
+
+
-
-def password_reset_done(request, template_name='registration/password_reset_done.html'):
-    return render_to_response(template_name, context_instance=RequestContext(request))
-
-def password_change(request, template_name='registration/password_change_form.html'):
-
-
-
-
-
-
-
+
+
+
+
-            return HttpResponseRedirect('%sdone/' % request.path)
-
-
+
+
+
+
+
-password_change = login_required(password_change)
-
-def password_change_done(request, template_name='registration/password_change_done.html'):
-    return render_to_response(template_name, context_instance=RequestContext(request))
-
+# TODO: move to admin.py in the ModelAdmin
-def user_change_password(request, id):
+    from django import oldforms
-    if not request.user.has_perm('auth.change_user'):
-        raise PermissionDenied
-    user = get_object_or_404(User, pk=id)
-    manipulator = AdminPasswordChangeForm(user)
-    if request.method == 'POST':
-
-
-
-
+
+
+
-            msg = _('Password changed successfully.')
-            request.user.message_set.create(message=msg)
-            return HttpResponseRedirect('..')
-    else:
-
-
+
-    return render_to_response('admin/auth/user/change_password.html', {
-        'title': _('Change password: %s') % escape(user.username),
-        'form': form,

a/django/contrib/comments/views/comments.py

@@ -17 +17 @@
-
-COMMENTS_PER_PAGE = 20
-
+class AuthenticationForm(oldforms.Manipulator):
+    """
+    Base class for authenticating users. Extend this to get a form that accepts
+    username/password logins.
+    """
+    def __init__(self, request=None):
+        """
+        If request is passed in, the manipulator will validate that cookies are
+        enabled. Note that the request (a HttpRequest object) must have set a
+        cookie with the key TEST_COOKIE_NAME and value TEST_COOKIE_VALUE before
+        running this validator.
+        """
+        self.request = request
+        self.fields = [
+            oldforms.TextField(field_name="username", length=15, max_length=30, is_required=True,
+                validator_list=[self.isValidUser, self.hasCookiesEnabled]),
+            oldforms.PasswordField(field_name="password", length=15, max_length=30, is_required=True),
+        ]
+        self.user_cache = None
+
+    def hasCookiesEnabled(self, field_data, all_data):
+        if self.request and not self.request.session.test_cookie_worked():
+            raise validators.ValidationError, _("Your Web browser doesn't appear to have cookies enabled. Cookies are required for logging in.")
+
+    def isValidUser(self, field_data, all_data):
+        username = field_data
+        password = all_data.get('password', None)
+        self.user_cache = authenticate(username=username, password=password)
+        if self.user_cache is None:
+            raise validators.ValidationError, _("Please enter a correct username and password. Note that both fields are case-sensitive.")
+        elif not self.user_cache.is_active:
+            raise validators.ValidationError, _("This account is inactive.")
+
+    def get_user_id(self):
+        if self.user_cache:
+            return self.user_cache.id
+        return None
+
+    def get_user(self):
+        return self.user_cache
+
-class PublicCommentManipulator(AuthenticationForm):
-    "Manipulator that handles public registered comments"
-    def __init__(self, user, ratings_required, ratings_range, num_rating_choices):

a/docs/authentication.txt

@@ -666 +666 @@
-    * ``login_url``: The URL of the login page to redirect to. This
-      will default to ``settings.LOGIN_URL`` if not supplied.
-
-
-
+
+
+
+
-
-If you don't want to use the built-in views, but want the convenience
-manipulators for this functionality, the
-authentication system provides several built-in manipulator
+forms for this functionality, the authentication
+system provides several built-in form
-
-
-
-
+
+
-
-manipulator
-for logging a 
+form for logging a
+
-
-manipulator
-for allowing a 
+form for allowing a
+
-
-
-
-
+
+
-
-manipulator
-for creating a 
+form for creating a
+
-
-Limiting access to logged-in users that pass a test
----------------------------------------------------