U Ha=@sxddlZddlmZddlmZmZmZddlmZm Z ddl m Z ddl m Z ddlmZddlmZdd lmZdd lmZdd lmZdd lmZdd lmZddlmZmZeZ ddZ!Gdddej"Z#Gdddej$Z%Gdddej&Z'Gdddej(Z)Gdddej(Z*Gdddej+Z,Gdddej+Z-Gdd d ej+Z.Gd!d"d"e.Z/Gd#d$d$ej+Z0dS)%N)forms) authenticateget_user_modelpassword_validation)UNUSABLE_PASSWORD_PREFIXidentify_hasher)User)default_token_generator)get_current_site)ValidationError)EmailMultiAlternatives)loader) force_bytes)urlsafe_base64_encode)capfirst)gettext gettext_lazycCs td|td|kS)z Perform case-insensitive comparison of two identifiers, using the recommended algorithm from Unicode Technical Report 36, section 2.11.2(B)(2). NFKC) unicodedata normalizecasefold)s1s2r=/tmp/pip-unpacked-wheel-3jxiddxt/django/contrib/auth/forms.py_unicode_ci_comparesrcs$eZdZdZdZfddZZS)ReadOnlyPasswordHashWidgetz)auth/widgets/read_only_password_hash.htmlTc st|||}g}|r"|tr6|dtdin`z t|}Wn&tk rh|dtdiYn.X|| D]\}}|t||dqx||d<|S)NlabelzNo password set.z5Invalid password format or unknown hashing algorithm.)rvaluesummary) super get_context startswithrappendrr ValueErrorZ safe_summaryitems) selfnamerattrscontextrZhasherkeyZvalue_ __class__rrr!%s z&ReadOnlyPasswordHashWidget.get_context)__name__ __module__ __qualname__Z template_nameZ read_onlyr! __classcell__rrr+rr!srcs eZdZeZfddZZS)ReadOnlyPasswordHashFieldcs*|dd|ddtj||dS)NrequiredFdisabledT) setdefaultr __init__r&argskwargsr+rrr59s  z"ReadOnlyPasswordHashField.__init__)r-r.r/rwidgetr5r0rrr+rr16sr1cs(eZdZfddZfddZZS) UsernameFieldcstdt|S)Nr)rrr to_python)r&rr+rrr;@szUsernameField.to_pythoncst|dddS)Nnoneusername)Zautocapitalize autocomplete)r widget_attrs)r&r9r+rrr?Cs zUsernameField.widget_attrs)r-r.r/r;r?r0rrr+rr:?s r:cseZdZdZdediZejeddejddide d Z ejed ejddidded d Z Gd ddZ fddZddZfddZdfdd ZZS)UserCreationFormzc A form that creates a user, with no privileges, from the given username and password. password_mismatch'The two password fields didn’t match.PasswordFr> new-passwordr()rstripr9 help_textzPassword confirmation4Enter the same password as before, for verification.rr9rFrGc@seZdZeZdZdeiZdS)zUserCreationForm.Meta)r=r=Nr-r.r/rmodelfieldsr:Z field_classesrrrrMeta`srMcs:tj|||jjj|jkr6d|j|jjjjjd<dS)NT autofocus)r r5_metarKUSERNAME_FIELDrLr9r(r6r+rrr5eszUserCreationForm.__init__cCs>|jd}|jd}|r:|r:||kr:t|jddd|SN password1 password2rAcode) cleaned_datagetr error_messagesr&rRrSrrrclean_password2js  z UserCreationForm.clean_password2c s`t|jd}|r\zt||jWn.tk rZ}z|d|W5d}~XYnXdS)NrS) r _post_cleanrVrWrvalidate_passwordinstancer Z add_error)r&passworderrorr+rrr[ts  zUserCreationForm._post_cleanTcs.tjdd}||jd|r*||S)NF)commitrR)r save set_passwordrV)r&r`userr+rrras zUserCreationForm.save)T)r-r.r/__doc___rXr CharField PasswordInputr"password_validators_help_text_htmlrRrSrMr5rZr[rar0rrr+rr@Ks*  r@cs>eZdZeededdZGdddZfddZZS)UserChangeFormrCuRaw passwords are not stored, so there is no way to see this user’s password, but you can change the password using this form.)rrGc@seZdZeZdZdeiZdS)zUserChangeForm.Meta__all__r=NrJrrrrrMsrMcsNtj|||jd}|r,|jd|_|jd}|rJ|jd|_dS)Nr^z ../password/user_permissions content_type)r r5rLrWrGformatZquerysetZselect_related)r&r7r8r^rkr+rrr5s  zUserChangeForm.__init__) r-r.r/r1rer^rMr5r0rrr+rris ricseZdZdZeejddiddZeje ddej dd idd Z e d e d d Z dfdd Z ddZddZddZddZZS)AuthenticationFormzs Base class for authenticating users. Extend this to get a form that accepts username/password logins. rNTrE)r9rCFr>current-passwordrrFr9z^Please enter a correct %(username)s and password. Note that both fields may be case-sensitive.zThis account is inactive.) invalid_logininactiveNcs|||_d|_tj||tjtj|_|jj p4d}||j d_ ||j dj j d<|j dj dkrxt|jj|j d_ dS)z The 'request' parameter is set for custom auth use by subclasses. The form data comes in via the standard 'data' kwarg. Nr=Z maxlength)request user_cacher r5 UserModelrO get_fieldrPusername_field max_lengthrLr9r(rr verbose_name)r&rtr7r8Zusername_max_lengthr+rrr5s  zAuthenticationForm.__init__cCs\|jd}|jd}|dk rV|rVt|j||d|_|jdkrJ|n ||j|jS)Nr=r^)r=r^)rVrWrrtruget_invalid_login_errorconfirm_login_allowed)r&r=r^rrrcleans      zAuthenticationForm.cleancCs|jst|jddddS)a Controls whether the given User may log in. This is a policy setting, independent of end-user authentication. This default behavior is to allow login by active users, and reject login by inactive users. If the given user cannot log in, this method should raise a ``ValidationError``. If the given user may log in, this method should return None. rrrTN) is_activer rX)r&rcrrrr|s z(AuthenticationForm.confirm_login_allowedcCs|jSN)rur&rrrget_userszAuthenticationForm.get_usercCst|jddd|jjidS)Nrqr=)rUparams)r rXrxrzrrrrr{s  z*AuthenticationForm.get_invalid_login_error)N)r-r.r/rdr:rZ TextInputr=rfrergr^rXr5r}r|rr{r0rrr+rrns" rnc @sZeZdZejeddejddiddZddd Zd d Z dd d de ddddf ddZ dS)PasswordResetFormZEmailrsr>emailrE)rryr9Nc Csbt||}d|}t||}t||||g} |dk rVt||} | | d| dS)zO Send a django.core.mail.EmailMultiAlternatives to `to_email`. Nz text/html)r Zrender_to_stringjoin splitlinesr Zattach_alternativesend) r&subject_template_nameemail_template_namer) from_emailZto_emailhtml_email_template_namesubjectbodyZ email_messageZ html_emailrrr send_mails    zPasswordResetForm.send_mailcs6ttjjfdddi}fdd|DS)aGiven an email, return matching user(s) who should receive a reset. This allows subclasses to more easily customize the default policies that prevent inactive users and users with unusable passwords from resetting their password. z %s__iexactr~Tc3s*|]"}|rtt|r|VqdSr)Zhas_usable_passwordrgetattr).0uremail_field_namerr sz.PasswordResetForm.get_users..)rvget_email_field_nameZ_default_managerfilter)r&rZ active_usersrrr get_userss zPasswordResetForm.get_usersz'registration/password_reset_subject.txtz®istration/password_reset_email.htmlFc  Cs|jd} |s$t|} | j} | j} n|} } t}|| D]X}t||}|| | tt |j || ||rpdndd| p|i}|j ||||||dq>dS)zf Generate a one-use only link for resetting password and send it to the user. rhttpshttp)rdomain site_nameuidrctokenprotocol)rN) rVr r'rrvrrrrrpkZ make_tokenr)r&Zdomain_overriderrZ use_httpsZtoken_generatorrrtrZextra_email_contextrZ current_siterrrrcZ user_emailr)rrrras6     zPasswordResetForm.save)N) r-r.r/rZ EmailFieldreZ EmailInputrrrr rarrrrrs$ rcseZdZdZdediZejedejddidde d Z ejed dejddidd Z fd d Z ddZdddZZS)SetPasswordFormza A form that lets a user change set their password without entering the old password rArBz New passwordr>rDrEFrIzNew password confirmationrpcs||_tj||dSrrcr r5r&rcr7r8r+rrr5PszSetPasswordForm.__init__cCsL|jd}|jd}|r:|r:||kr:t|jdddt||j|S)N new_password1 new_password2rArTrVrWr rXrr\rcrYrrrclean_new_password2Ts  z#SetPasswordForm.clean_new_password2TcCs*|jd}|j||r$|j|jS)NrrVrcrbrar&r`r^rrrra`s    zSetPasswordForm.save)T)r-r.r/rdrerXrrfrgrrhrrr5rrar0rrr+rr<s$  rc@sVeZdZdZejdediZejeddej dddd d Z d d d gZ ddZ dS)PasswordChangeFormz[ A form that lets a user change their password by entering their old password. password_incorrectzAYour old password was entered incorrectly. Please enter it again.z Old passwordFroTr>rNrErp old_passwordrrcCs,|jd}|j|s(t|jddd|S)zB Validate that the old_password field is correct. rrrT)rVrcZcheck_passwordr rX)r&rrrrclean_old_passwordys  z%PasswordChangeForm.clean_old_passwordN) r-r.r/rdrrXrerrfrgrZ field_orderrrrrrrhs rcseZdZdZdediZdZejedej dddd d e d Z ejed ej d did d edd Z fddZddZdddZefddZZS)AdminPasswordChangeFormzN A form used to change the password of a user in the admin interface. rArBr2rCrDTrrEFrIzPassword (again)r>rHcs||_tj||dSrrrr+rrr5sz AdminPasswordChangeForm.__init__cCsL|jd}|jd}|r:|r:||kr:t|jdddt||j|SrQrrYrrrrZs  z'AdminPasswordChangeForm.clean_password2cCs*|jd}|j||r$|j|jS)zSave the new password.rRrrrrrras    zAdminPasswordChangeForm.savecs*tj}|jD]}||krgSqdgS)Nr^)r changed_datarL)r&datar'r+rrrs   z$AdminPasswordChangeForm.changed_data)T)r-r.r/rdrerXZrequired_css_classrrfrgrrhrRrSr5rZrapropertyrr0rrr+rrs,  r)1rZdjangorZdjango.contrib.authrrrZdjango.contrib.auth.hashersrrZdjango.contrib.auth.modelsrZdjango.contrib.auth.tokensr Zdjango.contrib.sites.shortcutsr Zdjango.core.exceptionsr Zdjango.core.mailr Zdjango.templater Zdjango.utils.encodingrZdjango.utils.httprZdjango.utils.textrZdjango.utils.translationrrrervrZWidgetrZFieldr1rfr:Z ModelFormr@riZFormrnrrrrrrrrs2             <NN,