diff --git a/bam/admin.py b/bam/admin.py index 8c38f3f..a734a51 100644 --- a/bam/admin.py +++ b/bam/admin.py @@ -1,3 +1,17 @@ from django.contrib import admin +from django.contrib.auth.admin import UserAdmin as BaseUserAdmin +from django.contrib.auth.models import User +from .models import Account -# Register your models here. + +class AccountInline(admin.StackedInline): + model = Account + can_delete = False + + +class UserAdmin(BaseUserAdmin): + inlines = (AccountInline,) + + +admin.site.unregister(User) +admin.site.register(User, UserAdmin) diff --git a/bam/forms.py b/bam/forms.py new file mode 100644 index 0000000..c752de4 --- /dev/null +++ b/bam/forms.py @@ -0,0 +1,13 @@ +import hashlib +from django.contrib.auth.forms import PasswordResetForm +from bam.models import Account + + +class HashedEmailPasswordResetForm(PasswordResetForm): + def get_users(self, email): + hashed_email = hashlib.sha256(bytes(email, 'utf-8')).hexdigest() + accounts = Account.objects.filter(hashed_email=hashed_email) + if accounts.count() > 0: + return (a.user for a in accounts if a.user.has_usable_password()) + else: + return super().get_users(email) diff --git a/bam/migrations/0001_initial.py b/bam/migrations/0001_initial.py new file mode 100644 index 0000000..d32bbec --- /dev/null +++ b/bam/migrations/0001_initial.py @@ -0,0 +1,25 @@ +# Generated by Django 2.2 on 2019-04-28 10:12 + +from django.conf import settings +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + + initial = True + + dependencies = [ + migrations.swappable_dependency(settings.AUTH_USER_MODEL), + ] + + operations = [ + migrations.CreateModel( + name='Account', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('hashed_email', models.CharField(max_length=128)), + ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)), + ], + ), + ] diff --git a/bam/models.py b/bam/models.py index 71a8362..8cff54b 100644 --- a/bam/models.py +++ b/bam/models.py @@ -1,3 +1,10 @@ from django.db import models +from django.contrib.auth.models import User -# Create your models here. + +class Account(models.Model): + user = models.OneToOneField(User, on_delete=models.CASCADE) + hashed_email = models.CharField(max_length=128) + + def __str__(self): + return '%s' % (self.user.username) diff --git a/bam/urls.py b/bam/urls.py index c7d8c5d..16f36e1 100644 --- a/bam/urls.py +++ b/bam/urls.py @@ -3,6 +3,7 @@ from django.urls import path from django.urls import include from django.views.generic.base import RedirectView from bam.views import ProfileView +from bam.forms import HashedEmailPasswordResetForm import django.contrib.auth.views as auth_views urlpatterns = [ @@ -28,7 +29,8 @@ urlpatterns = [ name='password_change_done'), path('password_reset/', auth_views.PasswordResetView.as_view( - template_name='bam/password_reset.html' + template_name='bam/password_reset.html', + form_class=HashedEmailPasswordResetForm ), name='password_reset'), path('password_reset_done/', @@ -51,4 +53,8 @@ urlpatterns = [ template_name='bam/password_reset_complete.html' ), name='password_reset_complete'), + + #path('password_reset_hashed/', + # PasswordResetHashedView.as_view(), + # name='password_reset_hashed'), ] diff --git a/bam/views.py b/bam/views.py index 5a9f665..27a42da 100644 --- a/bam/views.py +++ b/bam/views.py @@ -1,5 +1,6 @@ from django.views.generic.base import TemplateView from django.contrib.auth.mixins import LoginRequiredMixin + class ProfileView(LoginRequiredMixin, TemplateView): template_name = 'bam/profile.html'