U d1@@sddlZddlmZddlmZmZmZddlmZm Z ddl m Z ddl m Z ddlmZddlmZdd lmZdd lmZdd lmZdd lmZdd lmZddlmZddlmZeZ ddZ!Gdddej"Z#Gdddej$Z%Gdddej&Z'Gdddej(Z)Gdddej(Z*Gdddej+Z,Gdddej+Z-Gd d!d!ej+Z.Gd"d#d#e.Z/Gd$d%d%ej+Z0dS)&N)forms) authenticateget_user_modelpassword_validation)UNUSABLE_PASSWORD_PREFIXidentify_hasher)User)default_token_generator)get_current_site)ValidationError)EmailMultiAlternatives)loader) force_bytes)urlsafe_base64_encode)capfirst)gettext) gettext_lazycCs td|td|kS)z Perform case-insensitive comparison of two identifiers, using the recommended algorithm from Unicode Technical Report 36, section 2.11.2(B)(2). NFKC) unicodedata normalizecasefold)s1s2r=/tmp/pip-unpacked-wheel-7vj2equ7/django/contrib/auth/forms.py_unicode_ci_comparesrcs,eZdZdZdZfddZddZZS)ReadOnlyPasswordHashWidgetz)auth/widgets/read_only_password_hash.htmlTc st|||}g}|r"|tr6|dtdin`z t|}Wn&tk rh|dtdiYn.X|| D]\}}|t||dqx||d<|S)NlabelzNo password set.z5Invalid password format or unknown hashing algorithm.)rvaluesummary) super get_context startswithrappendrr ValueErrorZ safe_summaryitems) selfnamerattrscontextrZhasherkeyZvalue_ __class__rrr!%s$  z&ReadOnlyPasswordHashWidget.get_contextcCsdSNr)r&Zid_rrr id_for_label;sz'ReadOnlyPasswordHashWidget.id_for_label)__name__ __module__ __qualname__Z template_nameZ read_onlyr!r. __classcell__rrr+rr!s rcs eZdZeZfddZZS)ReadOnlyPasswordHashFieldcs*|dd|ddtj||dS)NrequiredFdisabledT) setdefaultr __init__r&argskwargsr+rrr7Bs  z"ReadOnlyPasswordHashField.__init__)r/r0r1rwidgetr7r2rrr+rr3?sr3cs(eZdZfddZfddZZS) UsernameFieldcstdt|S)Nr)rrr to_python)r&rr+rrr=IszUsernameField.to_pythoncst|dddS)Nnoneusername)Zautocapitalize autocomplete)r widget_attrs)r&r;r+rrrALs zUsernameField.widget_attrs)r/r0r1r=rAr2rrr+rr<Hs r<cseZdZdZdediZejeddejddide d Z ejed ejddidded d Z Gd ddZ fddZddZfddZdfdd ZZS)UserCreationFormzc A form that creates a user, with no privileges, from the given username and password. password_mismatch'The two password fields didn’t match.PasswordFr@ new-passwordr()rstripr; help_textzPassword confirmation4Enter the same password as before, for verification.rr;rHrIc@seZdZeZdZdeiZdS)zUserCreationForm.Meta)r?r?Nr/r0r1rmodelfieldsr<Z field_classesrrrrMetajsrOcs:tj|||jjj|jkr6d|j|jjjjjd<dS)NT autofocus)r r7_metarMUSERNAME_FIELDrNr;r(r8r+rrr7os zUserCreationForm.__init__cCs>|jd}|jd}|r:|r:||kr:t|jddd|SN password1 password2rCcode) cleaned_datagetr error_messagesr&rTrUrrrclean_password2vs  z UserCreationForm.clean_password2c s`t|jd}|r\zt||jWn.tk rZ}z|d|W5d}~XYnXdS)NrU) r _post_cleanrXrYrvalidate_passwordinstancer Z add_error)r&passworderrorr+rrr]s  zUserCreationForm._post_cleanTcs.tjdd}||jd|r*||S)NF)commitrT)r save set_passwordrX)r&rbuserr+rrrcs zUserCreationForm.save)T)r/r0r1__doc___rZr CharField PasswordInputr"password_validators_help_text_htmlrTrUrOr7r\r]rcr2rrr+rrBTs*  rBcs>eZdZeededdZGdddZfddZZS)UserChangeFormrEuRaw passwords are not stored, so there is no way to see this user’s password, but you can change the password using this form.)rrIc@seZdZeZdZdeiZdS)zUserChangeForm.Meta__all__r?NrLrrrrrOsrOcsNtj|||jd}|r,|jd|_|jd}|rJ|jd|_dS)Nr`z ../password/user_permissions content_type)r r7rNrYrIformatZquerysetZselect_related)r&r9r:r`rmr+rrr7s  zUserChangeForm.__init__) r/r0r1r3rgr`rOr7r2rrr+rrks rkcseZdZdZeejddiddZeje ddej dd idd Z e d e d d Z dfdd Z ddZddZddZddZZS)AuthenticationFormzs Base class for authenticating users. Extend this to get a form that accepts username/password logins. rPTrG)r;rEFr@current-passwordrrHr;z^Please enter a correct %(username)s and password. Note that both fields may be case-sensitive.zThis account is inactive.) invalid_logininactiveNcs|||_d|_tj||tjtj|_|jj p4d}||j d_ ||j dj j d<|j dj dkrxt|jj|j d_ dS)z The 'request' parameter is set for custom auth use by subclasses. The form data comes in via the standard 'data' kwarg. Nr?Z maxlength)request user_cacher r7 UserModelrQ get_fieldrRusername_field max_lengthrNr;r(rr verbose_name)r&rvr9r:Zusername_max_lengthr+rrr7s  zAuthenticationForm.__init__cCs\|jd}|jd}|dk rV|rVt|j||d|_|jdkrJ|n ||j|jS)Nr?r`)r?r`)rXrYrrvrwget_invalid_login_errorconfirm_login_allowed)r&r?r`rrrcleans      zAuthenticationForm.cleancCs|jst|jddddS)a Controls whether the given User may log in. This is a policy setting, independent of end-user authentication. This default behavior is to allow login by active users, and reject login by inactive users. If the given user cannot log in, this method should raise a ``ValidationError``. If the given user may log in, this method should return None. rtrVN) is_activer rZ)r&rerrrr~s z(AuthenticationForm.confirm_login_allowedcCs|jSr-)rwr&rrrget_userszAuthenticationForm.get_usercCst|jddd|jjidS)Nrsr?)rWparams)r rZrzr|rrrrr}s  z*AuthenticationForm.get_invalid_login_error)N)r/r0r1rfr<rZ TextInputr?rhrgrir`rZr7rr~rr}r2rrr+rrps"rpc @sZeZdZejeddejddiddZddd Zd d Z dd d de ddddf ddZ dS)PasswordResetFormZEmailrur@emailrG)rr{r;Nc Csbt||}d|}t||}t||||g} |dk rVt||} | | d| dS)zO Send a django.core.mail.EmailMultiAlternatives to `to_email`. Nz text/html)r Zrender_to_stringjoin splitlinesr Zattach_alternativesend) r&subject_template_nameemail_template_namer) from_emailZto_emailhtml_email_template_namesubjectbodyZ email_messageZ html_emailrrr send_mails    zPasswordResetForm.send_mailcs6ttjjfdddi}fdd|DS)aGiven an email, return matching user(s) who should receive a reset. This allows subclasses to more easily customize the default policies that prevent inactive users and users with unusable passwords from resetting their password. z %s__iexactrTc3s*|]"}|rtt|r|VqdSr-)Zhas_usable_passwordrgetattr).0uremail_field_namerr ,sz.PasswordResetForm.get_users..)rxget_email_field_nameZ_default_managerfilter)r&rZ active_usersrrr get_userss zPasswordResetForm.get_usersz'registration/password_reset_subject.txtz®istration/password_reset_email.htmlFc  Cs|jd} |s$t|} | j} | j} n|} } t}|| D]X}t||}|| | tt |j || ||rpdndd| p|i}|j ||||||dq>dS)zf Generate a one-use only link for resetting password and send it to the user. rhttpshttp)rdomain site_nameuidretokenprotocol)rN) rXr r'rrxrrrrrpkZ make_tokenr)r&Zdomain_overriderrZ use_httpsZtoken_generatorrrvrZextra_email_contextrZ current_siterrrreZ user_emailr)rrrrc3s6     zPasswordResetForm.save)N) r/r0r1rZ EmailFieldrgZ EmailInputrrrr rcrrrrrs$ rcseZdZdZdediZejedejddidde d Z ejed dejddidd Z fd d Z ddZdddZZS)SetPasswordFormza A form that lets a user change set their password without entering the old password rCrDz New passwordr@rFrGFrKzNew password confirmationrrcs||_tj||dSr-rer r7r&rer9r:r+rrr7vszSetPasswordForm.__init__cCsL|jd}|jd}|r:|r:||kr:t|jdddt||j|S)N new_password1 new_password2rCrVrXrYr rZrr^rer[rrrclean_new_password2zs  z#SetPasswordForm.clean_new_password2TcCs*|jd}|j||r$|j|jS)NrrXrerdrcr&rbr`rrrrcs    zSetPasswordForm.save)T)r/r0r1rfrgrZrrhrirrjrrr7rrcr2rrr+rras$  rc@sVeZdZdZejdediZejeddej dddd d Z d d d gZ ddZ dS)PasswordChangeFormz[ A form that lets a user change their password by entering their old password. password_incorrectzAYour old password was entered incorrectly. Please enter it again.z Old passwordFrqTr@rPrGrr old_passwordrrcCs,|jd}|j|s(t|jddd|S)zB Validate that the old_password field is correct. rrrV)rXreZcheck_passwordr rZ)r&rrrrclean_old_passwords  z%PasswordChangeForm.clean_old_passwordN) r/r0r1rfrrZrgrrhrirZ field_orderrrrrrrs  rcseZdZdZdediZdZejedej dddd d e d Z ejed ej d did d edd Z fddZddZdddZefddZZS)AdminPasswordChangeFormzN A form used to change the password of a user in the admin interface. rCrDr4rErFTrrGFrKzPassword (again)r@rJcs||_tj||dSr-rrr+rrr7sz AdminPasswordChangeForm.__init__cCsL|jd}|jd}|r:|r:||kr:t|jdddt||j|SrSrr[rrrr\s  z'AdminPasswordChangeForm.clean_password2cCs*|jd}|j||r$|j|jS)zSave the new password.rTrrrrrrcs    zAdminPasswordChangeForm.savecs*tj}|jD]}||krgSqdgS)Nr`)r changed_datarN)r&datar'r+rrrs   z$AdminPasswordChangeForm.changed_data)T)r/r0r1rfrgrZZrequired_css_classrrhrirrjrTrUr7r\rcpropertyrr2rrr+rrs0  r)1rZdjangorZdjango.contrib.authrrrZdjango.contrib.auth.hashersrrZdjango.contrib.auth.modelsrZdjango.contrib.auth.tokensr Zdjango.contrib.sites.shortcutsr Zdjango.core.exceptionsr Zdjango.core.mailr Zdjango.templater Zdjango.utils.encodingrZdjango.utils.httprZdjango.utils.textrZdjango.utils.translationrrrgrxrZWidgetrZFieldr3rhr<Z ModelFormrBrkZFormrprrrrrrrrs4               ?Qb-#