# -*- coding: utf-8 -*- """ Adtlas Authentication Forms Enhanced authentication forms for the Adtlas DAI Management System. Includes login, registration, password reset, and profile management forms. Features: - Enhanced login form with remember me functionality - User registration with profile creation - Password reset with secure token system - Profile management forms - Form validation and security measures Author: Adtlas Development Team Version: 2.0.0 Last Updated: 2025-07-09 """ from django import forms from django.contrib.auth import authenticate from django.contrib.auth.forms import UserCreationForm, PasswordResetForm from django.contrib.auth.password_validation import validate_password from django.core.exceptions import ValidationError from django.utils.translation import gettext_lazy as _ from django.utils import timezone from datetime import timedelta import re from apps.accounts.models import User, Profile, PasswordResetToken class LoginForm(forms.Form): """ Enhanced login form with remember me functionality and security features. """ email = forms.EmailField( max_length=254, widget=forms.EmailInput(attrs={ 'class': 'input100', 'placeholder': 'Email Address', 'required': True, 'autofocus': True, }), label=_('Email Address'), help_text=_('Enter your registered email address') ) password = forms.CharField( widget=forms.PasswordInput(attrs={ 'class': 'input100', 'placeholder': 'Password', 'required': True, }), label=_('Password'), help_text=_('Enter your password') ) remember_me = forms.BooleanField( required=False, initial=False, widget=forms.CheckboxInput(attrs={ 'class': 'form-check-input', 'id': 'remember-me' }), label=_('Remember me'), help_text=_('Keep me logged in for 30 days') ) def __init__(self, request=None, *args, **kwargs): """ Initialize the form with request context for authentication. """ self.request = request self.user_cache = None super().__init__(*args, **kwargs) def clean(self): """ Validate login credentials and check account status. """ cleaned_data = super().clean() email = cleaned_data.get('email') password = cleaned_data.get('password') if email and password: # Normalize email email = email.lower().strip() try: user = User.objects.get(email=email) # Check if account is locked if user.is_account_locked(): raise ValidationError( _('Account is temporarily locked due to multiple failed login attempts. ' 'Please try again later or contact support.'), code='account_locked' ) # Check if account is active if not user.is_active: raise ValidationError( _('Your account has been deactivated. Please contact support.'), code='account_inactive' ) # Check if email is verified if not user.is_verified: raise ValidationError( _('Please verify your email address before logging in. ' 'Check your inbox for the verification link.'), code='email_not_verified' ) # Authenticate user self.user_cache = authenticate( self.request, username=email, password=password ) if self.user_cache is None: # Increment failed login attempts user.failed_login_attempts += 1 # Lock account after 5 failed attempts if user.failed_login_attempts >= 5: user.account_locked_until = timezone.now() + timedelta(minutes=30) user.save(update_fields=['failed_login_attempts', 'account_locked_until']) raise ValidationError( _('Invalid email or password. Please try again.'), code='invalid_credentials' ) else: # Reset failed login attempts on successful login if user.failed_login_attempts > 0: user.failed_login_attempts = 0 user.account_locked_until = None user.save(update_fields=['failed_login_attempts', 'account_locked_until']) except User.DoesNotExist: # Don't reveal whether email exists raise ValidationError( _('Invalid email or password. Please try again.'), code='invalid_credentials' ) return cleaned_data def get_user(self): """ Return the authenticated user. """ return self.user_cache class UserRegistrationForm(UserCreationForm): """ Enhanced user registration form with profile creation. """ email = forms.EmailField( max_length=254, widget=forms.EmailInput(attrs={ 'class': 'input100', 'placeholder': 'Email Address', 'required': True, }), label=_('Email Address'), help_text=_('Enter a valid email address') ) first_name = forms.CharField( max_length=150, widget=forms.TextInput(attrs={ 'class': 'input100', 'placeholder': 'First Name', 'required': True, }), label=_('First Name'), help_text=_('Enter your first name') ) last_name = forms.CharField( max_length=150, widget=forms.TextInput(attrs={ 'class': 'input100', 'placeholder': 'Last Name', 'required': True, }), label=_('Last Name'), help_text=_('Enter your last name') ) password1 = forms.CharField( widget=forms.PasswordInput(attrs={ 'class': 'input100', 'placeholder': 'Password', 'required': True, }), label=_('Password'), help_text=_('Enter a strong password') ) password2 = forms.CharField( widget=forms.PasswordInput(attrs={ 'class': 'input100', 'placeholder': 'Confirm Password', 'required': True, }), label=_('Confirm Password'), help_text=_('Re-enter your password') ) phone_number = forms.CharField( max_length=17, required=False, widget=forms.TextInput(attrs={ 'class': 'input100', 'placeholder': 'Phone Number (Optional)', }), label=_('Phone Number'), help_text=_('Enter your phone number (optional)') ) job_title = forms.CharField( max_length=100, required=False, widget=forms.TextInput(attrs={ 'class': 'input100', 'placeholder': 'Job Title (Optional)', }), label=_('Job Title'), help_text=_('Enter your job title (optional)') ) company = forms.CharField( max_length=100, required=False, widget=forms.TextInput(attrs={ 'class': 'input100', 'placeholder': 'Company (Optional)', }), label=_('Company'), help_text=_('Enter your company name (optional)') ) terms_accepted = forms.BooleanField( required=True, widget=forms.CheckboxInput(attrs={ 'class': 'form-check-input', }), label=_('I agree to the Terms of Service and Privacy Policy'), error_messages={ 'required': _('You must accept the terms and conditions to register.') } ) class Meta: model = User fields = ('email', 'first_name', 'last_name', 'password1', 'password2') def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) # Remove username field since we use email if 'username' in self.fields: del self.fields['username'] def clean_email(self): """ Validate email uniqueness and format. """ email = self.cleaned_data.get('email') if email: email = email.lower().strip() # Check if email already exists if User.objects.filter(email=email).exists(): raise ValidationError( _('An account with this email address already exists.'), code='email_exists' ) # Additional email validation if not re.match(r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$', email): raise ValidationError( _('Please enter a valid email address.'), code='invalid_email' ) return email def clean_phone_number(self): """ Validate phone number format if provided. """ phone = self.cleaned_data.get('phone_number') if phone: # Remove all non-digit characters phone = re.sub(r'[^\d+]', '', phone) # Basic phone number validation if not re.match(r'^\+?1?\d{9,15}$', phone): raise ValidationError( _('Please enter a valid phone number.'), code='invalid_phone' ) return phone def save(self, commit=True): """ Save user and create associated profile. """ user = super().save(commit=False) user.email = self.cleaned_data['email'].lower().strip() user.username = user.email # Use email as username user.is_verified = False # Will be verified via email if commit: user.save() # Create user profile Profile.objects.create( user=user, phone_number=self.cleaned_data.get('phone_number', ''), job_title=self.cleaned_data.get('job_title', ''), company=self.cleaned_data.get('company', ''), ) # TODO: Send verification email return user class PasswordResetRequestForm(forms.Form): """ Form for requesting password reset. """ email = forms.EmailField( max_length=254, widget=forms.EmailInput(attrs={ 'class': 'input100', 'placeholder': 'Email Address', 'required': True, 'autofocus': True, }), label=_('Email Address'), help_text=_('Enter your registered email address') ) def clean_email(self): """ Validate email exists and is active. """ email = self.cleaned_data.get('email') if email: email = email.lower().strip() try: user = User.objects.get(email=email, is_active=True) self.user = user except User.DoesNotExist: # Don't reveal whether email exists pass return email def save(self): """ Create password reset token and send email. """ if hasattr(self, 'user'): # Create reset token reset_token = PasswordResetToken.objects.create( user=self.user, expires_at=timezone.now() + timedelta(hours=1) # 1 hour expiry ) # TODO: Send password reset email return reset_token return None class PasswordResetConfirmForm(forms.Form): """ Form for confirming password reset with new password. """ new_password1 = forms.CharField( widget=forms.PasswordInput(attrs={ 'class': 'input100', 'placeholder': 'New Password', 'required': True, }), label=_('New Password'), help_text=_('Enter your new password') ) new_password2 = forms.CharField( widget=forms.PasswordInput(attrs={ 'class': 'input100', 'placeholder': 'Confirm New Password', 'required': True, }), label=_('Confirm New Password'), help_text=_('Re-enter your new password') ) def __init__(self, user=None, *args, **kwargs): self.user = user super().__init__(*args, **kwargs) def clean_new_password1(self): """ Validate new password strength. """ password = self.cleaned_data.get('new_password1') if password and self.user: try: validate_password(password, self.user) except ValidationError as e: raise ValidationError(e.messages) return password def clean(self): """ Validate password confirmation. """ cleaned_data = super().clean() password1 = cleaned_data.get('new_password1') password2 = cleaned_data.get('new_password2') if password1 and password2 and password1 != password2: raise ValidationError( _('The two password fields did not match.'), code='password_mismatch' ) return cleaned_data def save(self): """ Set new password for user. """ if self.user: self.user.set_password(self.cleaned_data['new_password1']) self.user.password_changed_at = timezone.now() self.user.save() return self.user return None class ProfileForm(forms.ModelForm): """ Form for editing user profile information. """ class Meta: model = Profile fields = [ 'phone_number', 'bio', 'job_title', 'company', 'website', 'address_line1', 'address_line2', 'city', 'state', 'postal_code', 'country', 'timezone', 'language', 'theme', 'notifications_enabled', 'email_notifications', 'sms_notifications' ] widgets = { 'phone_number': forms.TextInput(attrs={'class': 'form-control'}), 'bio': forms.Textarea(attrs={'class': 'form-control', 'rows': 3}), 'job_title': forms.TextInput(attrs={'class': 'form-control'}), 'company': forms.TextInput(attrs={'class': 'form-control'}), 'website': forms.URLInput(attrs={'class': 'form-control'}), 'address_line1': forms.TextInput(attrs={'class': 'form-control'}), 'address_line2': forms.TextInput(attrs={'class': 'form-control'}), 'city': forms.TextInput(attrs={'class': 'form-control'}), 'state': forms.TextInput(attrs={'class': 'form-control'}), 'postal_code': forms.TextInput(attrs={'class': 'form-control'}), 'country': forms.TextInput(attrs={'class': 'form-control'}), 'timezone': forms.Select(attrs={'class': 'form-control'}), 'language': forms.Select(attrs={'class': 'form-control'}), 'theme': forms.Select(attrs={'class': 'form-control'}), 'notifications_enabled': forms.CheckboxInput(attrs={'class': 'form-check-input'}), 'email_notifications': forms.CheckboxInput(attrs={'class': 'form-check-input'}), 'sms_notifications': forms.CheckboxInput(attrs={'class': 'form-check-input'}), } first_name = forms.CharField( max_length=150, widget=forms.TextInput(attrs={'class': 'form-control'}), label=_('First Name') ) last_name = forms.CharField( max_length=150, widget=forms.TextInput(attrs={'class': 'form-control'}), label=_('Last Name') ) def __init__(self, *args, **kwargs): self.user = kwargs.pop('user', None) super().__init__(*args, **kwargs) if self.user: self.fields['first_name'].initial = self.user.first_name self.fields['last_name'].initial = self.user.last_name def save(self, commit=True): """ Save profile and update user information. """ profile = super().save(commit=False) if self.user: # Update user basic info self.user.first_name = self.cleaned_data.get('first_name', '') self.user.last_name = self.cleaned_data.get('last_name', '') if commit: self.user.save() profile.save() return profile