# HG changeset patch # User Brian Neal # Date 1246478534 0 # Node ID df56795771a63416f608b13e7ef3b0cb3a80e94a # Parent 8d391fe0ad643ecee5e39ef054b1b8d3c4eb9708 #13 Added logging to registration. diff -r 8d391fe0ad64 -r df56795771a6 gpp/accounts/forms.py --- a/gpp/accounts/forms.py Wed Jul 01 18:50:49 2009 +0000 +++ b/gpp/accounts/forms.py Wed Jul 01 20:02:14 2009 +0000 @@ -1,5 +1,7 @@ """forms for the accounts application""" +import logging + from django import forms from django.contrib.auth.models import User from django.core.urlresolvers import reverse @@ -14,81 +16,90 @@ class RegisterForm(forms.Form): - """Form used to register with the website""" - username = forms.RegexField(max_length = 30, regex = r'^\w+$', - error_messages = {'invalid' : 'Your username must be 30 characters or less and contain only letters, numbers and underscores.'}) - email = forms.EmailField() - password1 = forms.CharField(label = "Password", widget = forms.PasswordInput) - password2 = forms.CharField(label = "Password confirmation", widget = forms.PasswordInput) - agree_tos = forms.BooleanField(required = True, label = 'I agree to the Terms of Service', - error_messages = {'required' : 'You have not agreed to our Terms of Service'}) - agree_privacy = forms.BooleanField(required = True, label = 'I agree to the Privacy Policy', - error_messages = {'required' : 'You have not agreed to our Privacy Policy'}) + """Form used to register with the website""" + username = forms.RegexField(max_length = 30, regex = r'^\w+$', + error_messages = {'invalid' : 'Your username must be 30 characters or less and contain only letters, numbers and underscores.'}) + email = forms.EmailField() + password1 = forms.CharField(label = "Password", widget = forms.PasswordInput) + password2 = forms.CharField(label = "Password confirmation", widget = forms.PasswordInput) + agree_tos = forms.BooleanField(required = True, label = 'I agree to the Terms of Service', + error_messages = {'required' : 'You have not agreed to our Terms of Service'}) + agree_privacy = forms.BooleanField(required = True, label = 'I agree to the Privacy Policy', + error_messages = {'required' : 'You have not agreed to our Privacy Policy'}) - def clean_username(self): - username = self.cleaned_data['username'] - try: - User.objects.get(username = username) - except User.DoesNotExist: - try: - PendingUser.objects.get(username = username) - except PendingUser.DoesNotExist: + def __init__(self, *args, **kwargs): + self.ip = kwargs.pop('ip', '?') + super(RegisterForm, self).__init__(*args, **kwargs) + + def clean_username(self): + username = self.cleaned_data['username'] + try: + User.objects.get(username = username) + except User.DoesNotExist: try: - IllegalUsername.objects.get(username = username) - except IllegalUsername.DoesNotExist: - return username - raise forms.ValidationError("That username is not allowed.") - raise forms.ValidationError("A pending user with that username already exists.") - raise forms.ValidationError("A user with that username already exists.") + PendingUser.objects.get(username = username) + except PendingUser.DoesNotExist: + try: + IllegalUsername.objects.get(username = username) + except IllegalUsername.DoesNotExist: + return username + self._validation_error("That username is not allowed.", username) + self._validation_error("A pending user with that username already exists.", username) + self._validation_error("A user with that username already exists.", username) - def clean_email(self): - email = self.cleaned_data['email'] - try: - User.objects.get(email = email) - except User.DoesNotExist: - try: - PendingUser.objects.get(email = email) - except PendingUser.DoesNotExist: + def clean_email(self): + email = self.cleaned_data['email'] + try: + User.objects.get(email = email) + except User.DoesNotExist: try: - IllegalEmail.objects.get(email = email) - except IllegalEmail.DoesNotExist: - return email - raise forms.ValidationError("That email address is not allowed.") - raise forms.ValidationError("A pending user with that email already exists.") - raise forms.ValidationError("A user with that email already exists.") + PendingUser.objects.get(email = email) + except PendingUser.DoesNotExist: + try: + IllegalEmail.objects.get(email = email) + except IllegalEmail.DoesNotExist: + return email + self._validation_error("That email address is not allowed.", email) + self._validation_error("A pending user with that email address already exists.", email) + self._validation_error("A user with that email address already exists.", email) - def clean_password2(self): - password1 = self.cleaned_data.get("password1", "") - password2 = self.cleaned_data["password2"] - if password1 != password2: - raise forms.ValidationError("The two password fields didn't match.") - return password2 + def clean_password2(self): + password1 = self.cleaned_data.get("password1", "") + password2 = self.cleaned_data["password2"] + if password1 != password2: + self._validation_error("The two password fields didn't match.") + return password2 - def save(self): - pending_user = PendingUser.objects.create_pending_user(self.cleaned_data['username'], - self.cleaned_data['email'], - self.cleaned_data['password1']) + def save(self): + pending_user = PendingUser.objects.create_pending_user(self.cleaned_data['username'], + self.cleaned_data['email'], + self.cleaned_data['password1']) - # Send the confirmation email + # Send the confirmation email - site = Site.objects.get_current() - admin_email = settings.ADMINS[0][1] + site = Site.objects.get_current() + admin_email = settings.ADMINS[0][1] - activation_link = 'http://%s%s' % (site.domain, reverse('accounts.views.register_confirm', - kwargs = {'username' : pending_user.username, 'key' : pending_user.key})) + activation_link = 'http://%s%s' % (site.domain, reverse('accounts.views.register_confirm', + kwargs = {'username' : pending_user.username, 'key' : pending_user.key})) - msg = render_to_string('accounts/registration_email.txt', - { - 'site_name' : site.name, - 'site_domain' : site.domain, - 'user_email' : pending_user.email, - 'activation_link' : activation_link, - 'username' : pending_user.username, - 'admin_email' : admin_email, - }) + msg = render_to_string('accounts/registration_email.txt', + { + 'site_name' : site.name, + 'site_domain' : site.domain, + 'user_email' : pending_user.email, + 'activation_link' : activation_link, + 'username' : pending_user.username, + 'admin_email' : admin_email, + }) - subject = 'Registration Confirmation for ' + site.name - send_mail(subject, msg, admin_email, [self.cleaned_data['email']]) + subject = 'Registration Confirmation for ' + site.name + send_mail(subject, msg, admin_email, [self.cleaned_data['email']]) + logging.info('Accounts/registration conf. email sent to %s for user %s; IP = %s' % \ + (self.cleaned_data['email'], pending_user.username, self.ip)) - return pending_user + return pending_user + def _validation_error(self, msg, param=None): + logging.error('Accounts/registration [%s]: %s (%s)' % (self.ip, msg, param)) + raise forms.ValidationError(msg) diff -r 8d391fe0ad64 -r df56795771a6 gpp/accounts/views.py --- a/gpp/accounts/views.py Wed Jul 01 18:50:49 2009 +0000 +++ b/gpp/accounts/views.py Wed Jul 01 20:02:14 2009 +0000 @@ -1,6 +1,8 @@ """views for the accounts application""" import datetime +import logging + from django.shortcuts import render_to_response from django.template import RequestContext from django.contrib import auth @@ -15,72 +17,76 @@ ####################################################################### def register(request): - if request.user.is_authenticated(): - return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) + if request.user.is_authenticated(): + return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) - if request.method == 'POST': - form = RegisterForm(request.POST) - if form.is_valid(): - form.save() - return HttpResponseRedirect(reverse('accounts.views.register_thanks')) - else: - form = RegisterForm() + if request.method == 'POST': + form = RegisterForm(request.POST, ip=request.META.get('REMOTE_ADDR', '?')) + if form.is_valid(): + form.save() + return HttpResponseRedirect(reverse('accounts.views.register_thanks')) + else: + form = RegisterForm() - return render_to_response('accounts/register.html', { - 'form': form, - }, - context_instance = RequestContext(request)) + return render_to_response('accounts/register.html', { + 'form': form, + }, + context_instance = RequestContext(request)) ####################################################################### def register_thanks(request): - if request.user.is_authenticated(): - return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) + if request.user.is_authenticated(): + return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) - return render_to_response('accounts/register_thanks.html', - context_instance = RequestContext(request)) + return render_to_response('accounts/register_thanks.html', + context_instance = RequestContext(request)) ####################################################################### def register_confirm(request, username, key): - if request.user.is_authenticated(): - return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) - - # purge expired users + if request.user.is_authenticated(): + return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) + + # purge expired users - PendingUser.objects.purge_expired() + PendingUser.objects.purge_expired() - try: - pending_user = PendingUser.objects.get(username = username) - except PendingUser.DoesNotExist: - return render_to_response('accounts/register_failure.html', { - 'username': username, - }, - context_instance = RequestContext(request)) + ip = request.META.get('REMOTE_ADDR', '?') + try: + pending_user = PendingUser.objects.get(username = username) + except PendingUser.DoesNotExist: + logging.error('Accounts register_confirm [%s]: user does not exist: %s' % (ip, username)) + return render_to_response('accounts/register_failure.html', { + 'username': username, + }, + context_instance = RequestContext(request)) - if pending_user.key != key: - return render_to_response('accounts/register_failure.html', { - 'username': username, - }, - context_instance = RequestContext(request)) + if pending_user.key != key: + logging.error('Accounts register_confirm [%s]: key error: %s' % (ip, username)) + return render_to_response('accounts/register_failure.html', { + 'username': username, + }, + context_instance = RequestContext(request)) - new_user = auth.models.User() + new_user = auth.models.User() - new_user.username = pending_user.username - new_user.first_name = '' - new_user.last_name = '' - new_user.email = pending_user.email - new_user.password = pending_user.password # already been hashed - new_user.is_staff = False - new_user.is_active = True - new_user.is_superuser = False - new_user.last_login = datetime.datetime.now() - new_user.date_joined = new_user.last_login + new_user.username = pending_user.username + new_user.first_name = '' + new_user.last_name = '' + new_user.email = pending_user.email + new_user.password = pending_user.password # already been hashed + new_user.is_staff = False + new_user.is_active = True + new_user.is_superuser = False + new_user.last_login = datetime.datetime.now() + new_user.date_joined = new_user.last_login - new_user.save() - pending_user.delete() + new_user.save() + pending_user.delete() - return render_to_response('accounts/register_success.html', { - 'username': username, - }, - context_instance = RequestContext(request)) + logging.info('Accounts register_confirm [%s]: success: %s' % (ip, username)) + return render_to_response('accounts/register_success.html', { + 'username': username, + }, + context_instance = RequestContext(request))