o xg>@sddlZddlZddlmZddlmZmZmZddlm Z m Z ddl m Z ddl mZddlmZddlmZdd lmZdd lmZdd lmZdd lmZdd lmZddlmZmZ eZ!e"dZ#ddZ$Gdddej%Z&Gdddej'Z(Gdddej)Z*Gdddej+Z,Gdddej+Z-Gdddej.Z/Gdddej.Z0Gd d!d!ej.Z1Gd"d#d#e1Z2Gd$d%d%ej.Z3dS)&N)forms) authenticateget_user_modelpassword_validation)UNUSABLE_PASSWORD_PREFIXidentify_hasher)User)default_token_generator)get_current_site)ValidationError)EmailMultiAlternatives)loader) force_bytes)urlsafe_base64_encode)capfirst)gettext gettext_lazyzdjango.contrib.authcCs td|td|kS)z Perform case-insensitive comparison of two identifiers, using the recommended algorithm from Unicode Technical Report 36, section 2.11.2(B)(2). NFKC) unicodedata normalizecasefold)s1s2r;/usr/lib/python3/dist-packages/django/contrib/auth/forms.py_unicode_ci_compares rcs$eZdZdZdZfddZZS)ReadOnlyPasswordHashWidgetz)auth/widgets/read_only_password_hash.htmlTc st|||}g}|r|tr|dtdin/zt|}Wnty3|dtdiYnw|| D]\}}|t||dq;||d<|S)NlabelzNo password set.z5Invalid password format or unknown hashing algorithm.)rvaluesummary) super get_context startswithrappendrr ValueError safe_summaryitems) selfnamerattrscontextrhasherkeyvalue_ __class__rrr!'s  z&ReadOnlyPasswordHashWidget.get_context)__name__ __module__ __qualname__ template_name read_onlyr! __classcell__rrr.rr#srcs eZdZeZfddZZS)ReadOnlyPasswordHashFieldcs.|dd|ddtj|i|dS)NrequiredFdisabledT) setdefaultr __init__r'argskwargsr.rrr:;s  z"ReadOnlyPasswordHashField.__init__)r0r1r2rwidgetr:r5rrr.rr68sr6cs(eZdZfddZfddZZS) UsernameFieldcstdt|S)Nr)rrr to_python)r'rr.rrr@BszUsernameField.to_pythoncsit|dddS)Nnoneusername)autocapitalize autocomplete)r widget_attrs)r'r>r.rrrEEs  zUsernameField.widget_attrs)r0r1r2r@rEr5rrr.rr?As r?cseZdZdZdediZejeddejddide d Z ejed ejddidded d Z Gd ddZ fddZddZfddZdfdd ZZS)UserCreationFormzc A form that creates a user, with no privileges, from the given username and password. password_mismatch'The two password fields didn’t match.PasswordFrD new-passwordr))rstripr> help_textzPassword confirmation4Enter the same password as before, for verification.rr>rLrMc@eZdZeZdZdeiZdS)zUserCreationForm.Meta)rBrBNr0r1r2rmodelfieldsr? field_classesrrrrMetab rUcsBtj|i||jjj|jvrd|j|jjjjjd<dSdS)NT autofocus)r r:_metarRUSERNAME_FIELDrSr>r)r;r.rrr:gszUserCreationForm.__init__cCs>|jd}|jd}|r|r||krt|jddd|SN password1 password2rGcode) cleaned_datagetr error_messagesr'r[r\rrrclean_password2ls  z UserCreationForm.clean_password2c sft|jd}|r1z t||jWdSty0}z |d|WYd}~dSd}~wwdS)Nr\) r _post_cleanr_r`rvalidate_passwordinstancer add_error)r'passworderrorr.rrrdvs  zUserCreationForm._post_cleanTcs.tjdd}||jd|r||S)NF)commitr[)r save set_passwordr_)r'rjuserr.rrrks zUserCreationForm.saveT)r0r1r2__doc___rar CharField PasswordInputr"password_validators_help_text_htmlr[r\rUr:rcrdrkr5rrr.rrFMs*   rFcs>eZdZeededdZGdddZfddZZS)UserChangeFormrIuRaw passwords are not stored, so there is no way to see this user’s password, but you can change the password using this form.)rrMc@rP)zUserChangeForm.Meta__all__rBNrQrrrrrUrVrUcsVtj|i||jd}|r|jd|_|jd}|r)|jd|_dSdS)Nrhz ../password/user_permissions content_type)r r:rSr`rMformatquerysetselect_related)r'r<r=rhrvr.rrr:s  zUserChangeForm.__init__) r0r1r2r6rprhrUr:r5rrr.rrts rtcseZdZdZeejddiddZeje ddej dd idd Z e d e d d Z dfdd Z ddZddZddZddZZS)AuthenticationFormzs Base class for authenticating users. Extend this to get a form that accepts username/password logins. rWTrK)r>rIFrDcurrent-passwordrrLr>z^Please enter a correct %(username)s and password. Note that both fields may be case-sensitive.zThis account is inactive.) invalid_logininactiveNcs||_d|_tj|i|tjtj|_|jj pd}||j d_ ||j dj j d<|j dj dur@t|jj|j d_ dSdS)z The 'request' parameter is set for custom auth use by subclasses. The form data comes in via the standard 'data' kwarg. NrB maxlength)request user_cacher r: UserModelrX get_fieldrYusername_field max_lengthrSr>r)rr verbose_name)r'rr<r=username_max_lengthr.rrr:s  zAuthenticationForm.__init__cCsZ|jd}|jd}|dur*|r*t|j||d|_|jdur$|||j|jS)NrBrh)rBrh)r_r`rrrget_invalid_login_errorconfirm_login_allowed)r'rBrhrrrcleans     zAuthenticationForm.cleancCs|js t|jddddS)a Controls whether the given User may log in. This is a policy setting, independent of end-user authentication. This default behavior is to allow login by active users, and reject login by inactive users. If the given user cannot log in, this method should raise a ``ValidationError``. If the given user may log in, this method should return None. rr]N) is_activer ra)r'rmrrrrs  z(AuthenticationForm.confirm_login_allowedcCs|jSN)rr'rrrget_userszAuthenticationForm.get_usercCst|jddd|jjidS)Nr~rB)r^params)r rarrrrrrrs  z*AuthenticationForm.get_invalid_login_errorr)r0r1r2ror?r TextInputrBrqrprrrhrar:rrrrr5rrr.rr{s$ r{c @s\eZdZejeddejddiddZ ddd Zd d Z dd d de ddddf ddZ dS)PasswordResetFormEmailrrDemailrK)rrr>Nc Cst||}d|}t||}t||||g} |dur+t||} | | dz| WdStyEt d|dj YdSw)zO Send a django.core.mail.EmailMultiAlternatives to `to_email`. Nz text/htmlz*Failed to send password reset email to %s:rm) r render_to_stringjoin splitlinesr attach_alternativesend Exceptionlogger exceptionpk) r'subject_template_nameemail_template_namer* from_emailto_emailhtml_email_template_namesubjectbody email_message html_emailrrr send_mails       zPasswordResetForm.send_mailcs:ttjjdidddi}fdd|DS)aGiven an email, return matching user(s) who should receive a reset. This allows subclasses to more easily customize the default policies that prevent inactive users and users with unusable passwords from resetting their password. z %s__iexactrTc3s,|]}|rtt|r|VqdSr)has_usable_passwordrgetattr).0uremail_field_namerr s z.PasswordResetForm.get_users..Nr)rget_email_field_name_default_managerfilter)r'r active_usersrrr get_users s  zPasswordResetForm.get_usersz'registration/password_reset_subject.txtz®istration/password_reset_email.htmlFc  Cs|jd} |st|} | j} | j} n|} } t}|| D],}t||}|| | tt |j || ||r8dndd| p>i}|j ||||||dqdS)zf Generate a one-use only link for resetting password and send it to the user. rhttpshttp)rdomain site_nameuidrmtokenprotocol)rN) r_r r(rrrrrrrr make_tokenr)r'domain_overriderr use_httpstoken_generatorrrrextra_email_contextr current_siterrrrm user_emailr*rrrrks0     zPasswordResetForm.saver) r0r1r2r EmailFieldrp EmailInputrrrr rkrrrrrs  rcseZdZdZdediZejedejddidde d Z ejed dejddidd Z fd d Z ddZdddZZS)SetPasswordFormza A form that lets a user change set their password without entering the old password rGrHz New passwordrDrJrKFrOzNew password confirmationr}c||_tj|i|dSrrmr r:r'rmr<r=r.rrr:WzSetPasswordForm.__init__cCL|jd}|jd}|r|r||krt|jdddt||j|S)N new_password1 new_password2rGr]r_r`r rarrermrbrrrclean_new_password2[s  z#SetPasswordForm.clean_new_password2TcC*|jd}|j||r|j|jS)Nrr_rmrlrkr'rjrhrrrrkgs   zSetPasswordForm.savern)r0r1r2rorprarrqrrrrsrrr:rrkr5rrr.rrCs$  rc@sXeZdZdZiejdediZejeddej dddd d Z gd Z d d Z dS)PasswordChangeFormz[ A form that lets a user change their password by entering their old password. password_incorrectzAYour old password was entered incorrectly. Please enter it again.z Old passwordFr|TrDrWrKr}) old_passwordrrcCs,|jd}|j|st|jddd|S)zB Validate that the old_password field is correct. rrr])r_rmcheck_passwordr ra)r'rrrrclean_old_passwords  z%PasswordChangeForm.clean_old_passwordN) r0r1r2rorrarprrqrrr field_orderrrrrrros rcseZdZdZdediZdZejedej dddd d e d Z ejed ej d did d edd Z fddZddZdddZefddZZS)AdminPasswordChangeFormzN A form used to change the password of a user in the admin interface. rGrHr7rIrJTrrKFrOzPassword (again)rDrNcrrrrr.rrr:rz AdminPasswordChangeForm.__init__cCrrZrrbrrrrcs  z'AdminPasswordChangeForm.clean_password2cCr)zSave the new password.r[rrrrrrks   zAdminPasswordChangeForm.savecs*tj}|jD] }||vrgSqdgS)Nrh)r changed_datarS)r'datar(r.rrrs  z$AdminPasswordChangeForm.changed_datarn)r0r1r2rorprarequired_css_classrrqrrrrsr[r\r:rcrkpropertyrr5rrr.rrs,  r)4loggingrdjangordjango.contrib.authrrrdjango.contrib.auth.hashersrrdjango.contrib.auth.modelsrdjango.contrib.auth.tokensr django.contrib.sites.shortcutsr django.core.exceptionsr django.core.mailr django.templater django.utils.encodingrdjango.utils.httprdjango.utils.textrdjango.utils.translationrrrpr getLoggerrrWidgetrFieldr6rqr? ModelFormrFrtFormr{rrrrrrrrs8              <NS,