diff options
| author | Jef van Schendel <mail@jefvanschendel.nl> | 2011-12-30 21:29:15 +0100 |
|---|---|---|
| committer | Jef van Schendel <mail@jefvanschendel.nl> | 2011-12-30 21:29:15 +0100 |
| commit | 992e4f80324e5e2d0079fd70cce9d4ad962f7047 (patch) | |
| tree | a6342d86c622eb9d21958d7abe0360c0dd5735fc | |
| parent | 694e965f45b8da0af96e3ae99c85b4f1f4819ee6 (diff) | |
| download | mediagoblin-992e4f80324e5e2d0079fd70cce9d4ad962f7047.tar.lz mediagoblin-992e4f80324e5e2d0079fd70cce9d4ad962f7047.tar.xz mediagoblin-992e4f80324e5e2d0079fd70cce9d4ad962f7047.zip | |
Change forgotten password process: different redirect, added/changed messages
| -rw-r--r-- | mediagoblin/auth/views.py | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 66178371..f707ecbe 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -232,16 +232,12 @@ def forgot_password(request): """ Forgot password view - Sends an email whit an url to renew forgoten password + Sends an email with an url to renew forgotten password """ fp_form = auth_forms.ForgotPassForm(request.POST) if request.method == 'POST' and fp_form.validate(): - # Here, so it doesn't depend on the actual mail being sent - # and thus doesn't reveal, wether mail was sent. - email_debug_message(request) - # '$or' not available till mongodb 1.5.3 user = request.db.User.find_one( {'username': request.POST['username']}) @@ -257,6 +253,14 @@ def forgot_password(request): user.save() send_fp_verification_email(user, request) + + messages.add_message( + request, + messages.INFO, + _("An email has been sent with instructions on how to " + "change your password.")) + email_debug_message(request) + else: # special case... we can't send the email because the # username is inactive / hasn't verified their email @@ -270,9 +274,13 @@ def forgot_password(request): return redirect( request, 'mediagoblin.user_pages.user_home', user=user.username) - - # do not reveal whether or not there is a matching user - return redirect(request, 'mediagoblin.auth.fp_email_sent') + return redirect(request, 'mediagoblin.auth.login') + else: + messages.add_message( + request, + messages.WARNING, + _("Couldn't find someone with that username or email.")) + return redirect(request, 'mediagoblin.auth.forgot_password') return render_to_response( request, |