settings
+ logging when user is altered + password changing (with log entry)
This commit is contained in:
Clemens-Dautermann
parent
75fcd2648e
commit
174a9da501
6 changed files with 96 additions and 3 deletions
|
|
@ -1,7 +1,6 @@
|
||||||
from django.shortcuts import render
|
from django.shortcuts import render
|
||||||
from django.contrib.auth.decorators import login_required
|
from django.contrib.auth.decorators import login_required
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from os.path import join
|
|
||||||
from .forms import ObjectForm, CategoryForm
|
from .forms import ObjectForm, CategoryForm
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,8 @@ from django.shortcuts import render
|
||||||
from .forms import SettingsForm
|
from .forms import SettingsForm
|
||||||
from django.contrib.auth.decorators import login_required
|
from django.contrib.auth.decorators import login_required
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User
|
||||||
|
from django.conf import settings
|
||||||
|
from django.utils import timezone
|
||||||
|
|
||||||
|
|
||||||
# Create your views here.
|
# Create your views here.
|
||||||
|
|
@ -22,6 +24,16 @@ def index(request):
|
||||||
form = SettingsForm(request.POST)
|
form = SettingsForm(request.POST)
|
||||||
|
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
|
|
||||||
|
log = open(settings.LOGFILE, 'a')
|
||||||
|
log.write(
|
||||||
|
'\n[' + str(timezone.now()) + ']' + ' MODIFY_USER: BEFORE(|NAME: ' + user.username +
|
||||||
|
'|FIRST_NAME: ' + user.first_name + '|LAST_NAME: ' + user.last_name + '|EMAIL: ' + user.email +
|
||||||
|
') AFTER(' + '|NAME: ' + form.cleaned_data.get('username') +
|
||||||
|
'|FIRST_NAME: ' + form.cleaned_data.get('first_name') + '|LAST_NAME: ' + form.cleaned_data.get(
|
||||||
|
'last_name') + '|EMAIL: ' + form.cleaned_data.get('email') + ')'
|
||||||
|
)
|
||||||
|
|
||||||
user.username = form.cleaned_data.get('username')
|
user.username = form.cleaned_data.get('username')
|
||||||
user.first_name = form.cleaned_data.get('first_name')
|
user.first_name = form.cleaned_data.get('first_name')
|
||||||
user.last_name = form.cleaned_data.get('last_name')
|
user.last_name = form.cleaned_data.get('last_name')
|
||||||
|
|
|
||||||
46
invsystem/user_manager/templates/registration/changepwd.html
Normal file
46
invsystem/user_manager/templates/registration/changepwd.html
Normal file
|
|
@ -0,0 +1,46 @@
|
||||||
|
{% extends 'bases/navbar.html' %}
|
||||||
|
<html>
|
||||||
|
{% block content %}
|
||||||
|
<div class="container shadow">
|
||||||
|
{% if message == 'PWD_CHANGE_SUCCESS' %}
|
||||||
|
<div class="alert alert-success alert-dismissible">
|
||||||
|
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
|
||||||
|
Das Passwort wurde erfolgreich geändert
|
||||||
|
</div>
|
||||||
|
{% elif message == 'PWD_CHANGE_FALURE' %}
|
||||||
|
<div class="alert alert-danger alert-dismissible">
|
||||||
|
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
|
||||||
|
Es ist ein Fehler aufgetreten. Wahrscheinlich haben sie das falsche Passwort eingegeben, das neue
|
||||||
|
Passwort entspricht nicht den unten genannten Kriterien oder die zwei Passwörter stimmen nicht überein.
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
<h3>Passwort ändern</h3>
|
||||||
|
<form method="post" action="{% url 'change_password' %}" class="registerformcontainer">
|
||||||
|
{% csrf_token %}
|
||||||
|
<div class="old_password-wrapper">
|
||||||
|
{{ form.old_password.errors }}
|
||||||
|
<label for="{{ form.old_password.id_for_lable }}">Aktuelles Passwort:</label>
|
||||||
|
{{ form.old_password }}
|
||||||
|
</div>
|
||||||
|
<ul class="nodec pwdinfo">
|
||||||
|
<li>Das Passwort darf nicht zu ähnlich zu Ihren anderen persönlichen Informationen sein.</li>
|
||||||
|
<li>Das Passwort muss mindestens 8 Zeichen enthalten.</li>
|
||||||
|
<li>Das Passwort darf nicht allgemein üblich sein.</li>
|
||||||
|
<li>Das Passwort darf nicht komplett aus Ziffern bestehen.</li>
|
||||||
|
</ul>
|
||||||
|
<div class="new_password1-wrapper">
|
||||||
|
{{ form.new_password1.errors }}
|
||||||
|
<label for="{{ form.new_password1.id_for_lable }}">Neues Passwort:</label>
|
||||||
|
{{ form.new_password1 }}
|
||||||
|
</div>
|
||||||
|
<div class="new_password2-wrapper">
|
||||||
|
{{ form.new_password2.errors }}
|
||||||
|
<label for="{{ form.new_password2.id_for_lable }}">Passwort bestätigen:</label>
|
||||||
|
{{ form.new_password2 }}
|
||||||
|
</div>
|
||||||
|
<input type="submit" class="btn btn-success" value="Passwort ändern">
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{% endblock %}
|
||||||
|
</html>
|
||||||
|
|
@ -37,7 +37,10 @@
|
||||||
<label for="{{ form.email.id_for_lable }}">E-mail:</label>
|
<label for="{{ form.email.id_for_lable }}">E-mail:</label>
|
||||||
{{ form.email }}
|
{{ form.email }}
|
||||||
</div>
|
</div>
|
||||||
<input type="submit" value="Speichern" class="btn btn-success nomarg">
|
<div class="btnwrapper">
|
||||||
|
<input type="submit" value="Speichern" class="btn btn-success nomarg">
|
||||||
|
<a href="{% url 'change_password' %}" class="newcatlink">Passwort ändern </a>
|
||||||
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,4 +4,5 @@ from . import views
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path('', views.index, name='index'),
|
path('', views.index, name='index'),
|
||||||
path('register', views.register, name='register'),
|
path('register', views.register, name='register'),
|
||||||
|
path('changepassword', views.changepassword, name='change_password')
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,9 @@
|
||||||
from django.shortcuts import render, redirect
|
from django.shortcuts import render, redirect
|
||||||
from django.contrib.auth import authenticate, login
|
from django.conf import settings
|
||||||
|
from django.utils import timezone
|
||||||
|
from django.contrib.auth import authenticate, login, update_session_auth_hash
|
||||||
|
from django.contrib.auth.forms import PasswordChangeForm
|
||||||
|
from django.contrib.auth.decorators import login_required
|
||||||
|
|
||||||
from .forms import SignUpForm
|
from .forms import SignUpForm
|
||||||
|
|
||||||
|
|
@ -27,3 +31,31 @@ def register(request):
|
||||||
|
|
||||||
context = {'form': form, 'title': title}
|
context = {'form': form, 'title': title}
|
||||||
return render(request, 'registration/register.html', context)
|
return render(request, 'registration/register.html', context)
|
||||||
|
|
||||||
|
|
||||||
|
@login_required
|
||||||
|
def changepassword(request):
|
||||||
|
if request.method == 'POST':
|
||||||
|
form = PasswordChangeForm(request.user, request.POST)
|
||||||
|
|
||||||
|
if form.is_valid():
|
||||||
|
user = form.save()
|
||||||
|
update_session_auth_hash(request, user)
|
||||||
|
|
||||||
|
log = open(settings.LOGFILE, 'a')
|
||||||
|
log.write(
|
||||||
|
'\n[' + str(timezone.now()) + ']' + ' CHANGE_PWD: |USR: ' + request.user.username
|
||||||
|
)
|
||||||
|
|
||||||
|
form = PasswordChangeForm(request.user)
|
||||||
|
context = {'title': 'Passwort ändern', 'form': form, 'message': 'PWD_CHANGE_SUCCESS'}
|
||||||
|
return render(request, 'registration/changepwd.html', context)
|
||||||
|
else:
|
||||||
|
form = PasswordChangeForm(request.user)
|
||||||
|
context = {'title': 'Passwort ändern', 'form': form, 'message': 'PWD_CHANGE_FALURE'}
|
||||||
|
return render(request, 'registration/changepwd.html', context)
|
||||||
|
|
||||||
|
else:
|
||||||
|
form = PasswordChangeForm(request.user)
|
||||||
|
context = {'title': 'Passwort ändern', 'form': form}
|
||||||
|
return render(request, 'registration/changepwd.html', context)
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue