From 8ebd294ceec7b2fa3a916146fdfc3d36c8521ea0 Mon Sep 17 00:00:00 2001 From: lucienshema Date: Thu, 10 Apr 2025 10:59:36 +0200 Subject: [PATCH] added customized reset passowrd form --- my_eudr_app/auth_views.py | 95 +++++++++++++++---- my_eudr_app/forms.py | 12 +++ .../templates/auth/password_reset.html | 21 +++- 3 files changed, 108 insertions(+), 20 deletions(-) create mode 100644 my_eudr_app/forms.py diff --git a/my_eudr_app/auth_views.py b/my_eudr_app/auth_views.py index 6ef0bcc..1987af1 100644 --- a/my_eudr_app/auth_views.py +++ b/my_eudr_app/auth_views.py @@ -22,6 +22,8 @@ from rest_framework.permissions import IsAuthenticated from django.db.models import Q +from my_eudr_app.forms import CustomPasswordResetForm + @swagger_auto_schema(method='post', request_body=openapi.Schema(type=openapi.TYPE_OBJECT, properties={ 'first_name': openapi.Schema(type=openapi.TYPE_STRING, description='First Name'), @@ -338,8 +340,7 @@ def logout_view(request): # password_reset_form = PasswordResetForm(request.POST) # if password_reset_form.is_valid(): # data = password_reset_form.cleaned_data['email'] -# # associated_users = User.objects.filter(email=data) -# associated_users = User.objects.filter(Q(email=data) | Q(username=data)) +# associated_users = User.objects.filter(email=data) # if associated_users.exists(): # for user in associated_users: # subject = "TerraTrav Validation Portal - Password Reset Requested" @@ -368,26 +369,81 @@ def logout_view(request): # password_reset_form = PasswordResetForm() # return render(request, "auth/password_reset.html", {"form": password_reset_form}) +### Fixed the issues raised from Burundi ### + +# @api_view(['GET', 'POST']) +# def password_reset_request(request): +# if request.method == "GET": +# password_reset_form = PasswordResetForm() +# return render(request, "auth/password_reset.html", {"form": password_reset_form}) + +# if request.method == "POST": +# password_reset_form = PasswordResetForm(request.POST) +# if password_reset_form.is_valid(): +# data = password_reset_form.cleaned_data['email'] +# # Match users where either email or username equals the entered email +# associated_users = User.objects.filter(Q(email=data) | Q(username=data)) + +# if associated_users.exists(): +# for user in associated_users: +# # Use email if available, otherwise use username as fallback +# recipient = user.email if user.email else user.username + +# subject = "TerraTrav Validation Portal - Password Reset Requested" +# email_template_name = "auth/password_reset_email.html" +# c = { +# "email": recipient, +# "domain": request.get_host(), +# "site_name": "TerraTrac Validation Portal", +# "uid": urlsafe_base64_encode(force_bytes(user.pk)), +# "user": user, +# "token": default_token_generator.make_token(user), +# "protocol": 'https' if request.is_secure() else 'http', +# } +# email = render_to_string(email_template_name, c) + +# send_mail( +# subject, +# message=email, +# html_message=email, +# from_email=settings.DEFAULT_FROM_EMAIL, +# recipient_list=[recipient] +# ) + +# messages.success( +# request, 'A link to reset your password has been sent to your email address.') +# return redirect(reverse('password_reset')) +# else: +# messages.error( +# request, 'No user found with this email address or username.') +# return redirect(reverse('password_reset')) + +# password_reset_form = PasswordResetForm() +# return render(request, "auth/password_reset.html", {"form": password_reset_form}) + + +## adding the changes to the password reset request view to ensure that it works with both email and username depending on what the user submits to the form ## + @api_view(['GET', 'POST']) def password_reset_request(request): if request.method == "GET": - password_reset_form = PasswordResetForm() + password_reset_form = CustomPasswordResetForm() return render(request, "auth/password_reset.html", {"form": password_reset_form}) if request.method == "POST": - password_reset_form = PasswordResetForm(request.POST) + password_reset_form = CustomPasswordResetForm(request.POST) if password_reset_form.is_valid(): - data = password_reset_form.cleaned_data['email'] - # Match users where either email or username equals the entered email - associated_users = User.objects.filter(Q(email=data) | Q(username=data)) + identifier = password_reset_form.cleaned_data['email'] # Could be username or email + # Try to find user where input matches username or email + associated_users = User.objects.filter(Q(username=identifier) | Q(email=identifier)) - if associated_users.exists(): + if associated_users.exists(): # Ensure user exists for user in associated_users: # Use email if available, otherwise use username as fallback - recipient = user.email if user.email else user.username - subject = "TerraTrav Validation Portal - Password Reset Requested" email_template_name = "auth/password_reset_email.html" + recipient = user.email if user.email else user.username + print(f"Recipient: {recipient}") # Debugging line c = { "email": recipient, "domain": request.get_host(), @@ -404,21 +460,22 @@ def password_reset_request(request): message=email, html_message=email, from_email=settings.DEFAULT_FROM_EMAIL, - recipient_list=[recipient] + recipient_list=[user.email] ) - messages.success( - request, 'A link to reset your password has been sent to your email address.') - return redirect(reverse('password_reset')) - else: - messages.error( - request, 'No user found with this email address or username.') - return redirect(reverse('password_reset')) + messages.success( + request, 'A password reset link has been sent to the user\'s registered email.') + return redirect(reverse('password_reset')) + else: + messages.error( + request, 'No user found with that username or email, or no email is set for that user.') + return redirect(reverse('password_reset')) - password_reset_form = PasswordResetForm() + password_reset_form = CustomPasswordResetForm() return render(request, "auth/password_reset.html", {"form": password_reset_form}) + @swagger_auto_schema(method='get', security=[], tags=["User Management"], operation_summary="Endpoint that allows a user to reset their password") # @api_view(['GET']) diff --git a/my_eudr_app/forms.py b/my_eudr_app/forms.py new file mode 100644 index 0000000..4f91785 --- /dev/null +++ b/my_eudr_app/forms.py @@ -0,0 +1,12 @@ +from django import forms +from django.contrib.auth.forms import PasswordResetForm + +class CustomPasswordResetForm(PasswordResetForm): + email = forms.CharField( + label="Username or Email", + max_length=254, + widget=forms.TextInput(attrs={ + 'class': 'form-control', + 'placeholder': 'Enter your username or email', + }) + ) \ No newline at end of file diff --git a/my_eudr_app/templates/auth/password_reset.html b/my_eudr_app/templates/auth/password_reset.html index 7d0a418..f37038c 100644 --- a/my_eudr_app/templates/auth/password_reset.html +++ b/my_eudr_app/templates/auth/password_reset.html @@ -98,12 +98,31 @@

TerraTrac Reset Password

{% endfor %} {% endif %} -
+ {% comment %} {% csrf_token %} {{ form.as_p }} + +
{% endcomment %} + +
+ {% csrf_token %} + +
+ + {{ form.email }} + {% if form.email.errors %} +
+ {{ form.email.errors }} +
+ {% endif %} +
+
+

Get Back to Login