If the user hasn't verified their email or account inactive give a special warning
This commit is contained in:
parent
73fffbb8b0
commit
a85a21103b
@ -208,12 +208,27 @@ def forgot_password(request):
|
|||||||
{'email': request.POST['username']})
|
{'email': request.POST['username']})
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
user['fp_verification_key'] = unicode(uuid.uuid4())
|
if user['email_verified'] and user['status'] == 'active':
|
||||||
user['fp_token_expire'] = datetime.datetime.now() + \
|
user['fp_verification_key'] = unicode(uuid.uuid4())
|
||||||
datetime.timedelta(days=10)
|
user['fp_token_expire'] = datetime.datetime.now() + \
|
||||||
user.save()
|
datetime.timedelta(days=10)
|
||||||
|
user.save()
|
||||||
|
|
||||||
|
send_fp_verification_email(user, request)
|
||||||
|
else:
|
||||||
|
# special case... we can't send the email because the
|
||||||
|
# username is inactive / hasn't verified their email
|
||||||
|
messages.add_message(
|
||||||
|
request,
|
||||||
|
messages.WARNING,
|
||||||
|
_("Could not send password recovery email as "
|
||||||
|
"your username is inactive or your account's "
|
||||||
|
"email address has not been verified."))
|
||||||
|
|
||||||
|
return redirect(
|
||||||
|
request, 'mediagoblin.user_pages.user_home',
|
||||||
|
user=user['username'])
|
||||||
|
|
||||||
send_fp_verification_email(user, request)
|
|
||||||
|
|
||||||
# do not reveal whether or not there is a matching user, just move along
|
# do not reveal whether or not there is a matching user, just move along
|
||||||
return redirect(request, 'mediagoblin.auth.fp_email_sent')
|
return redirect(request, 'mediagoblin.auth.fp_email_sent')
|
||||||
@ -244,7 +259,8 @@ def verify_forgot_password(request):
|
|||||||
# check if we have a real user and correct token
|
# check if we have a real user and correct token
|
||||||
if ((user and user['fp_verification_key'] and
|
if ((user and user['fp_verification_key'] and
|
||||||
user['fp_verification_key'] == unicode(session_token) and
|
user['fp_verification_key'] == unicode(session_token) and
|
||||||
datetime.datetime.now() < user['fp_token_expire'])):
|
datetime.datetime.now() < user['fp_token_expire']
|
||||||
|
and user['email_verified'] and user['status'] == 'active')):
|
||||||
|
|
||||||
cp_form = auth_forms.ChangePassForm(session_vars)
|
cp_form = auth_forms.ChangePassForm(session_vars)
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user