U eD@sddlZddlmZddlmZmZmZddlmZm Z ddl m Z ddl m Z ddlmZddlmZdd lmZdd lmZdd lmZdd lmZdd lmZddlmZddlmZeZ ddZ!Gdddej"Z#Gdddej$Z%Gdddej&Z'Gdddej(Z)Gddde)Z*Gdddej(Z+Gdddej,Z-Gd d!d!ej,Z.Gd"d#d#ej,Z/Gd$d%d%e/Z0Gd&d'd'ej,Z1dS)(N)forms) authenticateget_user_modelpassword_validation)UNUSABLE_PASSWORD_PREFIXidentify_hasher)User)default_token_generator)get_current_site)ValidationError)EmailMultiAlternatives)loader) force_bytes)urlsafe_base64_encode)capfirst)gettext) gettext_lazycCs td|td|kS)z Perform case-insensitive comparison of two identifiers, using the recommended algorithm from Unicode Technical Report 36, section 2.11.2(B)(2). NFKC) unicodedata normalizecasefold)s1s2r=/tmp/pip-unpacked-wheel-lctamlir/django/contrib/auth/forms.py_unicode_ci_comparesrcs,eZdZdZdZfddZddZZS)ReadOnlyPasswordHashWidgetz)auth/widgets/read_only_password_hash.htmlTc st|||}g}|r"|tr6|dtdin`z t|}Wn&tk rh|dtdiYn.X|| D]\}}|t||dqx||d<|S)NlabelzNo password set.z5Invalid password format or unknown hashing algorithm.)rvaluesummary) super get_context startswithrappendrr ValueErrorZ safe_summaryitems) selfnamerattrscontextrZhasherkeyZvalue_ __class__rrr!%s$  z&ReadOnlyPasswordHashWidget.get_contextcCsdSNr)r&Zid_rrr id_for_label;sz'ReadOnlyPasswordHashWidget.id_for_label)__name__ __module__ __qualname__Z template_nameZ read_onlyr!r. __classcell__rrr+rr!s rcs eZdZeZfddZZS)ReadOnlyPasswordHashFieldcs*|dd|ddtj||dS)NrequiredFdisabledT) setdefaultr __init__r&argskwargsr+rrr7Bs  z"ReadOnlyPasswordHashField.__init__)r/r0r1rwidgetr7r2rrr+rr3?sr3cs(eZdZfddZfddZZS) UsernameFieldcs4t|}|jdk r(t||jkr(|Std|S)Nr)r to_python max_lengthlenrr)r&rr+rrr=Is zUsernameField.to_pythoncst|dddS)Nnoneusername)Zautocapitalize autocomplete)r widget_attrs)r&r;r+rrrCTs zUsernameField.widget_attrs)r/r0r1r=rCr2rrr+rr<Hs r<cseZdZdZdediZejeddejddide d Z ejed ejddidded d Z Gd ddZ fddZddZfddZdfdd ZZS)BaseUserCreationFormzc A form that creates a user, with no privileges, from the given username and password. password_mismatch'The two password fields didn’t match.PasswordFrB new-passwordr()rstripr; help_textzPassword confirmation4Enter the same password as before, for verification.rr;rJrKc@seZdZeZdZdeiZdS)zBaseUserCreationForm.Meta)rArANr/r0r1rmodelfieldsr<Z field_classesrrrrMetarsrQcs:tj|||jjj|jkr6d|j|jjjjjd<dS)NT autofocus)r r7_metarOUSERNAME_FIELDrPr;r(r8r+rrr7ws zBaseUserCreationForm.__init__cCs>|jd}|jd}|r:|r:||kr:t|jddd|SN password1 password2rEcode) cleaned_datagetr error_messagesr&rVrWrrrclean_password2~s  z$BaseUserCreationForm.clean_password2c s`t|jd}|r\zt||jWn.tk rZ}z|d|W5d}~XYnXdS)NrW) r _post_cleanrZr[rvalidate_passwordinstancer Z add_error)r&passworderrorr+rrr_s  z BaseUserCreationForm._post_cleanTcs@tjdd}||jd|r<|t|dr<||S)NF)commitrVsave_m2m)r save set_passwordrZhasattrre)r&rduserr+rrrfs zBaseUserCreationForm.save)T)r/r0r1__doc___r\r CharField PasswordInputr"password_validators_help_text_htmlrVrWrQr7r^r_rfr2rrr+rrD\s*  rDc@seZdZddZdS)UserCreationFormcCsR|jd}|rJ|jjjj|drJ|td|j |jjdgin|SdS)z*Reject usernames that differ only in case.rA)Zusername__iexactN) rZr[rSrOZobjectsfilterexistsZ_update_errorsr raZunique_error_message)r&rArrrclean_usernames   zUserCreationForm.clean_usernameN)r/r0r1rrrrrrrosrocs>eZdZeededdZGdddZfddZZS)UserChangeFormrGuRaw passwords are not stored, so there is no way to see this user’s password, but you can change the password using this form.)rrKc@seZdZeZdZdeiZdS)zUserChangeForm.Meta__all__rANrNrrrrrQsrQcsZtj|||jd}|r8|jd|jjd|_|jd}|rV|j d|_dS)Nrbz../../z /password/user_permissions content_type) r r7rPr[rKformatrapkZquerysetZselect_related)r&r9r:rbrur+rrr7s  zUserChangeForm.__init__) r/r0r1r3rkrbrQr7r2rrr+rrss rscseZdZdZeejddiddZeje ddej dd idd Z e d e d d Z dfdd Z ddZddZddZddZZS)AuthenticationFormzs Base class for authenticating users. Extend this to get a form that accepts username/password logins. rRTrI)r;rGFrBcurrent-passwordrrJr;z^Please enter a correct %(username)s and password. Note that both fields may be case-sensitive.zThis account is inactive.) invalid_logininactiveNcs|||_d|_tj||tjtj|_|jj p4d}||j d_ ||j dj j d<|j dj dkrxt|jj|j d_ dS)z The 'request' parameter is set for custom auth use by subclasses. The form data comes in via the standard 'data' kwarg. NrAZ maxlength)request user_cacher r7 UserModelrS get_fieldrTusername_fieldr>rPr;r(rr verbose_name)r&rr9r:Zusername_max_lengthr+rrr7s  zAuthenticationForm.__init__cCs\|jd}|jd}|dk rV|rVt|j||d|_|jdkrJ|n ||j|jS)NrArb)rArb)rZr[rrrget_invalid_login_errorconfirm_login_allowed)r&rArbrrrcleans      zAuthenticationForm.cleancCs|jst|jddddS)a Controls whether the given User may log in. This is a policy setting, independent of end-user authentication. This default behavior is to allow login by active users, and reject login by inactive users. If the given user cannot log in, this method should raise a ``ValidationError``. If the given user may log in, this method should return None. r}rXN) is_activer r\)r&rirrrrs z(AuthenticationForm.confirm_login_allowedcCs|jSr-)rr&rrrget_userszAuthenticationForm.get_usercCst|jddd|jjidS)Nr|rA)rYparams)r r\rrrrrrrs  z*AuthenticationForm.get_invalid_login_error)N)r/r0r1rjr<rZ TextInputrArlrkrmrbr\r7rrrrr2rrr+rrys"ryc @sZeZdZejeddejddiddZddd Zd d Z dd d de ddddf ddZ dS)PasswordResetFormZEmailr~rBemailrI)rr>r;Nc Csbt||}d|}t||}t||||g} |dk rVt||} | | d| dS)zO Send a django.core.mail.EmailMultiAlternatives to `to_email`. Nz text/html)r Zrender_to_stringjoin splitlinesr Zattach_alternativesend) r&subject_template_nameemail_template_namer) from_emailZto_emailhtml_email_template_namesubjectbodyZ email_messageZ html_emailrrr send_mail's    zPasswordResetForm.send_mailcs6ttjjfdddi}fdd|DS)aGiven an email, return matching user(s) who should receive a reset. This allows subclasses to more easily customize the default policies that prevent inactive users and users with unusable passwords from resetting their password. z %s__iexactrTc3s*|]"}|rtt|r|VqdSr-)Zhas_usable_passwordrgetattr).0uremail_field_namerr Msz.PasswordResetForm.get_users..)rget_email_field_nameZ_default_managerrp)r&rZ active_usersrrr get_users?s zPasswordResetForm.get_usersz'registration/password_reset_subject.txtz®istration/password_reset_email.htmlFc  Cs|jd} |s$t|} | j} | j} n|} } t}|| D]X}t||}|| | tt |j || ||rpdndd| p|i}|j ||||||dq>dS)zf Generate a one-use only link for resetting password and send it to the user. rhttpshttp)rdomain site_nameuidritokenprotocol)rN) rZr r'rrrrrrrrxZ make_tokenr)r&Zdomain_overriderrZ use_httpsZtoken_generatorrrrZextra_email_contextrZ current_siterrrriZ user_emailr)rrrrfTs6     zPasswordResetForm.save)N) r/r0r1rZ EmailFieldrkZ EmailInputrrrr rfrrrrr s$ rcseZdZdZdediZejedejddidde d Z ejed dejddidd Z fd d Z ddZdddZZS)SetPasswordFormzZ A form that lets a user set their password without entering the old password rErFz New passwordrBrHrIFrMzNew password confirmationr{cs||_tj||dSr-rir r7r&rir9r:r+rrr7szSetPasswordForm.__init__cCsL|jd}|jd}|r:|r:||kr:t|jdddt||j|S)N new_password1 new_password2rErXrZr[r r\rr`rir]rrrclean_new_password2s  z#SetPasswordForm.clean_new_password2TcCs*|jd}|j||r$|j|jS)NrrZrirgrfr&rdrbrrrrfs    zSetPasswordForm.save)T)r/r0r1rjrkr\rrlrmrrnrrr7rrfr2rrr+rrs$  rc@sVeZdZdZejdediZejeddej dddd d Z d d d gZ ddZ dS)PasswordChangeFormz[ A form that lets a user change their password by entering their old password. password_incorrectzAYour old password was entered incorrectly. Please enter it again.z Old passwordFrzTrBrRrIr{ old_passwordrrcCs,|jd}|j|s(t|jddd|S)zB Validate that the old_password field is correct. rrrX)rZriZcheck_passwordr r\)r&rrrrclean_old_passwords  z%PasswordChangeForm.clean_old_passwordN) r/r0r1rjrr\rkrrlrmrZ field_orderrrrrrrs  rcseZdZdZdediZdZejedej dddd d e d Z ejed ej d did d edd Z fddZddZdddZefddZZS)AdminPasswordChangeFormzN A form used to change the password of a user in the admin interface. rErFr4rGrHTrrIFrMzPassword (again)rBrLcs||_tj||dSr-rrr+rrr7sz AdminPasswordChangeForm.__init__cCsL|jd}|jd}|r:|r:||kr:t|jdddt||j|SrUrr]rrrr^s  z'AdminPasswordChangeForm.clean_password2cCs*|jd}|j||r$|j|jS)zSave the new password.rVrrrrrrfs    zAdminPasswordChangeForm.savecs*tj}|jD]}||krgSqdgS)Nrb)r changed_datarP)r&datar'r+rrrs   z$AdminPasswordChangeForm.changed_data)T)r/r0r1rjrkr\Zrequired_css_classrrlrmrrnrVrWr7r^rfpropertyrr2rrr+rrs0  r)2rZdjangorZdjango.contrib.authrrrZdjango.contrib.auth.hashersrrZdjango.contrib.auth.modelsrZdjango.contrib.auth.tokensr Zdjango.contrib.sites.shortcutsr Zdjango.core.exceptionsr Zdjango.core.mailr Zdjango.templater Zdjango.utils.encodingrZdjango.utils.httprZdjango.utils.textrZdjango.utils.translationrrrkrrZWidgetrZFieldr3rlr<Z ModelFormrDrorsZFormryrrrrrrrrs6              AQb,#