From e191fa0dd81d5b7793749287b9dac4c2dd482b9a Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 09:39:39 +0800 Subject: [PATCH 01/13] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A3=80=E6=B5=8B?= =?UTF-8?q?=E9=82=AE=E7=AE=B1api=E4=BD=BF=E5=85=B6=E5=8F=AF=E4=BB=A5?= =?UTF-8?q?=E8=A2=AB=E9=87=8D=E7=BD=AE=E5=AF=86=E7=A0=81=E9=A1=B5=E9=9D=A2?= =?UTF-8?q?=E4=BD=BF=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- account/views.py | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/account/views.py b/account/views.py index ac8ebdf4..3b34d650 100644 --- a/account/views.py +++ b/account/views.py @@ -149,17 +149,27 @@ class UsernameCheckAPIView(APIView): class EmailCheckAPIView(APIView): def get(self, request): """ - 检测邮箱是否存在,存在返回状态码400,不存在返回200 + 检测邮箱是否存在,用状态码标识结果 --- """ + #这里是为了适应前端表单验证空间的要求 + reset = request.GET.get("reset", None) + #如果reset为true说明该请求是重置密码页面发出的,要返回的状态码应正好相反 + if reset: + existed = 200 + does_not_existed = 400 + else: + existed = 400 + does_not_existed = 200 + email = request.GET.get("email", None) if email: try: User.objects.get(email=email) - return Response(status=400) + return Response(status=existed) except Exception: - return Response(status=200) - return Response(status=200) + return Response(status=does_not_existed) + return Response(status=does_not_existed) class UserAdminAPIView(APIView): From 296d1ad751cade80366260cd3b143f4566cfdad8 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 09:40:43 +0800 Subject: [PATCH 02/13] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E9=87=8D=E7=BD=AE?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E9=A1=B5=E9=9D=A2=E7=9A=84url?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- oj/urls.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/oj/urls.py b/oj/urls.py index 6ba6b060..0cdce6d8 100644 --- a/oj/urls.py +++ b/oj/urls.py @@ -127,7 +127,8 @@ urlpatterns = [ url(r'^account/settings/$', TemplateView.as_view(template_name="oj/account/settings.html"), name="account_setting_page"), url(r'^account/settings/avatar/$', TemplateView.as_view(template_name="oj/account/avatar.html"), name="avatar_settings_page"), url(r'^account/sso/$', SSOAPIView.as_view(), name="sso_api"), - url('^api/account/userprofile/$', UserProfileAPIView.as_view(), name="userprofile_api"), + url(r'^api/account/userprofile/$', UserProfileAPIView.as_view(), name="userprofile_api"), + url(r'^resetPassword/$', TemplateView.as_view(template_name="oj/account/reset_password.html"), name="reset_password_page") ] From 9da1f3906d01a9b44a1601e2ae2f9bb39f25cd00 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 10:39:19 +0800 Subject: [PATCH 03/13] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E9=87=8D=E7=BD=AE?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E9=A1=B5=E9=9D=A2=E7=9A=84url=EF=BC=8C?= =?UTF-8?q?=E5=B9=B6=E5=9C=A8=E7=94=A8=E6=88=B7=E7=99=BB=E5=BD=95=E9=A1=B5?= =?UTF-8?q?=E9=9D=A2=E6=B7=BB=E5=8A=A0url?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- oj/urls.py | 2 +- template/src/oj/account/login.html | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/oj/urls.py b/oj/urls.py index 0cdce6d8..7bba7f75 100644 --- a/oj/urls.py +++ b/oj/urls.py @@ -128,7 +128,7 @@ urlpatterns = [ url(r'^account/settings/avatar/$', TemplateView.as_view(template_name="oj/account/avatar.html"), name="avatar_settings_page"), url(r'^account/sso/$', SSOAPIView.as_view(), name="sso_api"), url(r'^api/account/userprofile/$', UserProfileAPIView.as_view(), name="userprofile_api"), - url(r'^resetPassword/$', TemplateView.as_view(template_name="oj/account/reset_password.html"), name="reset_password_page") + url(r'^reset_password/$', TemplateView.as_view(template_name="oj/account/reset_password.html"), name="reset_password_page") ] diff --git a/template/src/oj/account/login.html b/template/src/oj/account/login.html index adc5ca9a..eadb5cc0 100644 --- a/template/src/oj/account/login.html +++ b/template/src/oj/account/login.html @@ -32,6 +32,7 @@
+ 忘记用户名/密码
还没有帐号?点击注册 From 6c75da1791424225fa425ae8136b8bd11eca43a8 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 11:18:00 +0800 Subject: [PATCH 04/13] =?UTF-8?q?=E5=8E=BB=E6=8E=89=E7=94=B3=E8=AF=B7?= =?UTF-8?q?=E9=87=8D=E7=BD=AE=E5=AF=86=E7=A0=81=E7=9A=84=E6=9C=8D=E5=8A=A1?= =?UTF-8?q?=E4=B8=AD=E8=A6=81=E6=B1=82=E5=A1=AB=E5=86=99=E7=94=A8=E6=88=B7?= =?UTF-8?q?=E5=90=8D=EF=BC=8C=E5=9B=A0=E4=B8=BA=E6=9C=89=E5=BE=88=E5=A4=9A?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E4=B8=8D=E8=AE=B0=E5=BE=97=E7=94=A8=E6=88=B7?= =?UTF-8?q?=E5=90=8D=E4=BA=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- account/serializers.py | 1 - 1 file changed, 1 deletion(-) diff --git a/account/serializers.py b/account/serializers.py index 6db62918..0aac07ae 100644 --- a/account/serializers.py +++ b/account/serializers.py @@ -50,7 +50,6 @@ class EditUserSerializer(serializers.Serializer): class ApplyResetPasswordSerializer(serializers.Serializer): - username = serializers.CharField(max_length=30) email = serializers.EmailField() captcha = serializers.CharField(max_length=4, min_length=4) From bd7f1454bfe49e75029abba874c991b10e1db369 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 11:19:53 +0800 Subject: [PATCH 05/13] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=89=BE=E5=9B=9E?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E4=BF=A1=E6=81=AF=E5=8A=9F=E8=83=BD=EF=BC=8C?= =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=82=AE=E4=BB=B6=E6=A8=A1=E6=9D=BF=E7=9A=84?= =?UTF-8?q?=E4=B8=80=E4=BA=9B=E7=BB=86=E8=8A=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- static/src/js/app/oj/account/resetPassword.js | 39 +++++++++++++++ template/src/oj/account/reset_password.html | 48 +++++++++++++++---- template/src/utils/reset_password_email.html | 14 ++++-- 3 files changed, 88 insertions(+), 13 deletions(-) create mode 100644 static/src/js/app/oj/account/resetPassword.js diff --git a/static/src/js/app/oj/account/resetPassword.js b/static/src/js/app/oj/account/resetPassword.js new file mode 100644 index 00000000..17b890b2 --- /dev/null +++ b/static/src/js/app/oj/account/resetPassword.js @@ -0,0 +1,39 @@ +require(["jquery", "bsAlert", "csrfToken", "validator"], function ($, bsAlert, csrfTokenHeader) { + var applied_captcha = false; + $('form').validator().on('submit', function (e) { + if (!e.isDefaultPrevented()) { + var email = $("#email").val(); + var captcha = $("#captcha").val(); + + $.ajax({ + beforeSend: csrfTokenHeader, + url: "/api/reset_password/", + data: {email: email, captcha: captcha}, + dataType: "json", + method: "post", + success: function (data) { + if (!data.code) { + refresh_captcha(); + bsAlert(data.data); + } + else { + refresh_captcha(); + bsAlert(data.data); + } + }, + error: function(){ + bsAlert("额 好像出错了,请刷新页面重试。如还有问题,请填写页面导航栏上的反馈。") + } + + }); + return false; + } + }); + function refresh_captcha(){ + $("#captcha-img")[0].src = "/captcha/?" + Math.random(); + $("#captcha")[0].value = ""; + } + $("#captcha-img").click(function(){ + refresh_captcha(); + }); +}); \ No newline at end of file diff --git a/template/src/oj/account/reset_password.html b/template/src/oj/account/reset_password.html index 71ce6922..5b5dc709 100644 --- a/template/src/oj/account/reset_password.html +++ b/template/src/oj/account/reset_password.html @@ -1,10 +1,40 @@ - - - - - - - +{% extends "oj_base.html" %} +{% block title %} + 找回登录信息 +{% endblock %} +{% block body %} +
+
+

找回登录信息


+
+

请输入你注册时使用的邮箱地址,系统将自动向你的邮箱发送一封含有您登录信息的电子邮件, + 你可以看到你的用户名,并可以选择重新设置登录密码,注意为了你的账户安全,重置密码链接仅在30分钟内有效

+
+
+
+
+ + - - \ No newline at end of file +
+
+
+    +

+ + +
+
+
+ +
+
+
+
+{% endblock %} +{% block js_block %} + +{% endblock %} \ No newline at end of file diff --git a/template/src/utils/reset_password_email.html b/template/src/utils/reset_password_email.html index f4c8b936..228dfb8c 100644 --- a/template/src/utils/reset_password_email.html +++ b/template/src/utils/reset_password_email.html @@ -8,7 +8,7 @@ - {{ website_name }} 密码找回邮件 + {{ website_name }} 登录信息找回 @@ -32,12 +32,17 @@ - 您刚刚在 {{ website_name }} 使用了找回密码功能。 + 您刚刚在 {{ website_name }} 申请了找回登录信息服务。 - 请在60分钟内点击下面链接设置您的新密码: + 您的用户名是:{{ username }} + + + + + 如果您忘记了您的登录密码,请在30分钟内点击下面链接设置您的新密码: @@ -63,7 +68,8 @@ - 如果你没有提出过密码修改申请,请忽略此邮件。有可能是其他用户误填了你的用户名。我们不会对你的帐户进行任何修改。 + 如果您没有提出过该申请,请忽略此邮件。有可能是其他用户误填了您的邮件地址。我们不会对你的帐户进行任何修改。 + 但请不要向任何人泄漏这封邮件中的内容,我们的工作人员不会以任何理由向您索要该邮件涉及到的任何信息。 From c8e03eb6f13489ac3bed82a795d8a7249a7b7232 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 11:21:39 +0800 Subject: [PATCH 06/13] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=94=B3=E8=AF=B7?= =?UTF-8?q?=E6=89=BE=E5=9B=9E=E7=94=A8=E6=88=B7=E7=99=BB=E5=BD=95=E4=BF=A1?= =?UTF-8?q?=E6=81=AF=E7=9A=84api=E9=80=BB=E8=BE=91=EF=BC=8C=E6=B2=A1?= =?UTF-8?q?=E6=9C=89=E7=94=A8=E6=88=B7=E5=90=8D=E4=B9=9F=E5=8F=AF=E7=94=B3?= =?UTF-8?q?=E8=AF=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- account/views.py | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/account/views.py b/account/views.py index 3b34d650..759e4386 100644 --- a/account/views.py +++ b/account/views.py @@ -284,11 +284,11 @@ class ApplyResetPasswordAPIView(APIView): if not captcha.check(data["captcha"]): return error_response(u"验证码错误") try: - user = User.objects.get(username=data["username"], email=data["email"]) + user = User.objects.get(email=data["email"]) except User.DoesNotExist: return error_response(u"用户不存在") - if user.reset_password_token_create_time and (now() - user.reset_password_token_create_time).total_seconds() < 20 * 60: - return error_response(u"20分钟内只能找回一次密码") + #if user.reset_password_token_create_time and (now() - user.reset_password_token_create_time).total_seconds() < 20 * 60: + # return error_response(u"20分钟内只能找回一次密码") user.reset_password_token = rand_str() user.reset_password_token_create_time = now() user.save() @@ -296,14 +296,14 @@ class ApplyResetPasswordAPIView(APIView): email_template = email_template.replace("{{ username }}", user.username).\ replace("{{ website_name }}", settings.WEBSITE_INFO["website_name"]).\ - replace("{{ link }}", request.scheme + "://" + request.META['HTTP_HOST'] + "/reset_password/?token=" + user.reset_password_token) + replace("{{ link }}", request.scheme + "://" + request.META['HTTP_HOST'] + "/reset_password/t/" + user.reset_password_token) send_email(settings.WEBSITE_INFO["website_name"], user.email, user.username, - settings.WEBSITE_INFO["website_name"] + u" 密码找回邮件", + settings.WEBSITE_INFO["website_name"] + u" 登录信息找回邮件", email_template) - return success_response(u"邮件发送成功") + return success_response(u"邮件发送成功,请前往您的邮箱查收") else: return serializer_invalid_response(serializer) @@ -330,6 +330,11 @@ class ResetPasswordAPIView(APIView): return serializer_invalid_response(serializer) + + + + + def user_index_page(request, username): try: user = User.objects.get(username=username) @@ -364,4 +369,5 @@ class SSOAPIView(APIView): token = rand_str() request.user.auth_token = token request.user.save() - return render(request, "oj/account/sso.html", {"redirect_url": callback + "?token=" + token, "callback": callback}) \ No newline at end of file + return render(request, "oj/account/sso.html", {"redirect_url": callback + "?token=" + token, "callback": callback}) + From a1cec58010b12cf69f7aa47749c3181f8e0cf357 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 15:17:44 +0800 Subject: [PATCH 07/13] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E9=87=8D=E7=BD=AE?= =?UTF-8?q?=E5=AF=86=E7=A0=81api=20url=EF=BC=8C=E8=B0=83=E6=95=B4url?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- oj/urls.py | 9 +++-- .../js/app/oj/account/applyResetPassword.js | 39 ++++++++++++++++++ .../src/oj/account/apply_reset_password.html | 40 +++++++++++++++++++ 3 files changed, 84 insertions(+), 4 deletions(-) create mode 100644 static/src/js/app/oj/account/applyResetPassword.js create mode 100644 template/src/oj/account/apply_reset_password.html diff --git a/oj/urls.py b/oj/urls.py index 7bba7f75..d2beba16 100644 --- a/oj/urls.py +++ b/oj/urls.py @@ -5,7 +5,7 @@ from django.views.generic import TemplateView from account.views import (UserLoginAPIView, UsernameCheckAPIView, UserRegisterAPIView, UserChangePasswordAPIView, EmailCheckAPIView, - UserAdminAPIView, UserInfoAPIView, + UserAdminAPIView, UserInfoAPIView, ResetPasswordAPIView, ApplyResetPasswordAPIView, SSOAPIView, UserProfileAPIView) from announcement.views import AnnouncementAdminAPIView @@ -122,13 +122,14 @@ urlpatterns = [ url(r'^user/(?P.+)/$', "account.views.user_index_page"), - url(r'^api/reset_password/$', ApplyResetPasswordAPIView.as_view(), name="apply_reset_password_api"), - + url(r'^api/apply_reset_password/$', ApplyResetPasswordAPIView.as_view(), name="apply_reset_password_api"), + url(r'^api/reset_password/$', ResetPasswordAPIView.as_view(), name="apply_reset_password_api"), url(r'^account/settings/$', TemplateView.as_view(template_name="oj/account/settings.html"), name="account_setting_page"), url(r'^account/settings/avatar/$', TemplateView.as_view(template_name="oj/account/avatar.html"), name="avatar_settings_page"), url(r'^account/sso/$', SSOAPIView.as_view(), name="sso_api"), url(r'^api/account/userprofile/$', UserProfileAPIView.as_view(), name="userprofile_api"), - url(r'^reset_password/$', TemplateView.as_view(template_name="oj/account/reset_password.html"), name="reset_password_page") + url(r'^reset_password/$', TemplateView.as_view(template_name="oj/account/apply_reset_password.html"), name="apply_reset_password_page"), + url(r'^reset_password/t/(?P\w+)/$', "account.views.reset_password_page", name="reset_password_page") ] diff --git a/static/src/js/app/oj/account/applyResetPassword.js b/static/src/js/app/oj/account/applyResetPassword.js new file mode 100644 index 00000000..17b890b2 --- /dev/null +++ b/static/src/js/app/oj/account/applyResetPassword.js @@ -0,0 +1,39 @@ +require(["jquery", "bsAlert", "csrfToken", "validator"], function ($, bsAlert, csrfTokenHeader) { + var applied_captcha = false; + $('form').validator().on('submit', function (e) { + if (!e.isDefaultPrevented()) { + var email = $("#email").val(); + var captcha = $("#captcha").val(); + + $.ajax({ + beforeSend: csrfTokenHeader, + url: "/api/reset_password/", + data: {email: email, captcha: captcha}, + dataType: "json", + method: "post", + success: function (data) { + if (!data.code) { + refresh_captcha(); + bsAlert(data.data); + } + else { + refresh_captcha(); + bsAlert(data.data); + } + }, + error: function(){ + bsAlert("额 好像出错了,请刷新页面重试。如还有问题,请填写页面导航栏上的反馈。") + } + + }); + return false; + } + }); + function refresh_captcha(){ + $("#captcha-img")[0].src = "/captcha/?" + Math.random(); + $("#captcha")[0].value = ""; + } + $("#captcha-img").click(function(){ + refresh_captcha(); + }); +}); \ No newline at end of file diff --git a/template/src/oj/account/apply_reset_password.html b/template/src/oj/account/apply_reset_password.html new file mode 100644 index 00000000..5b5dc709 --- /dev/null +++ b/template/src/oj/account/apply_reset_password.html @@ -0,0 +1,40 @@ +{% extends "oj_base.html" %} +{% block title %} + 找回登录信息 +{% endblock %} +{% block body %} +
+
+

找回登录信息


+
+

请输入你注册时使用的邮箱地址,系统将自动向你的邮箱发送一封含有您登录信息的电子邮件, + 你可以看到你的用户名,并可以选择重新设置登录密码,注意为了你的账户安全,重置密码链接仅在30分钟内有效

+
+
+
+
+ + + +
+
+
+    +

+ + +
+
+
+ +
+
+
+
+{% endblock %} +{% block js_block %} + +{% endblock %} \ No newline at end of file From a54b629ae80e9a339a958651b1e53da01ec3b323 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 15:18:45 +0800 Subject: [PATCH 08/13] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=94=B3=E8=AF=B7?= =?UTF-8?q?=E9=87=8D=E7=BD=AE=E5=AF=86=E7=A0=81=E9=A1=B5=E9=9D=A2=E5=8F=8A?= =?UTF-8?q?js=E5=90=8D=E7=A7=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- static/src/js/app/oj/account/applyResetPassword.js | 2 +- template/src/oj/account/apply_reset_password.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/static/src/js/app/oj/account/applyResetPassword.js b/static/src/js/app/oj/account/applyResetPassword.js index 17b890b2..e8d31eda 100644 --- a/static/src/js/app/oj/account/applyResetPassword.js +++ b/static/src/js/app/oj/account/applyResetPassword.js @@ -7,7 +7,7 @@ require(["jquery", "bsAlert", "csrfToken", "validator"], function ($, bsAlert, c $.ajax({ beforeSend: csrfTokenHeader, - url: "/api/reset_password/", + url: "/api/apply_reset_password/", data: {email: email, captcha: captcha}, dataType: "json", method: "post", diff --git a/template/src/oj/account/apply_reset_password.html b/template/src/oj/account/apply_reset_password.html index 5b5dc709..5d65ccc2 100644 --- a/template/src/oj/account/apply_reset_password.html +++ b/template/src/oj/account/apply_reset_password.html @@ -36,5 +36,5 @@ {% endblock %} {% block js_block %} - + {% endblock %} \ No newline at end of file From b014bf792bd920b1555fa1b5dfe147b904a3599f Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 15:19:44 +0800 Subject: [PATCH 09/13] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E9=87=8D=E7=BD=AE?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E9=A1=B5=E9=9D=A2=E5=92=8Cjs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- static/src/js/app/oj/account/resetPassword.js | 7 +++--- template/src/oj/account/reset_password.html | 25 ++++++++++++++----- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/static/src/js/app/oj/account/resetPassword.js b/static/src/js/app/oj/account/resetPassword.js index 17b890b2..9683019b 100644 --- a/static/src/js/app/oj/account/resetPassword.js +++ b/static/src/js/app/oj/account/resetPassword.js @@ -2,13 +2,14 @@ require(["jquery", "bsAlert", "csrfToken", "validator"], function ($, bsAlert, c var applied_captcha = false; $('form').validator().on('submit', function (e) { if (!e.isDefaultPrevented()) { - var email = $("#email").val(); + var index = location.href.indexOf("/t/"); + var token = location.href.substr(36+3, 32); var captcha = $("#captcha").val(); - + var password = $("#new_password").val(); $.ajax({ beforeSend: csrfTokenHeader, url: "/api/reset_password/", - data: {email: email, captcha: captcha}, + data: {password: password, captcha: captcha, token:token}, dataType: "json", method: "post", success: function (data) { diff --git a/template/src/oj/account/reset_password.html b/template/src/oj/account/reset_password.html index 5b5dc709..ff72e454 100644 --- a/template/src/oj/account/reset_password.html +++ b/template/src/oj/account/reset_password.html @@ -6,16 +6,29 @@

找回登录信息


-
-

请输入你注册时使用的邮箱地址,系统将自动向你的邮箱发送一封含有您登录信息的电子邮件, - 你可以看到你的用户名,并可以选择重新设置登录密码,注意为了你的账户安全,重置密码链接仅在30分钟内有效

-

+
- +
+
+ + +
+
+ + + +
+
+
+ +
From 14f4425a228bca127530f35d8599c133180175a7 Mon Sep 17 00:00:00 2001 From: sxw Date: Sun, 29 Nov 2015 15:26:35 +0800 Subject: [PATCH 10/13] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=B8=80=E4=BA=9B?= =?UTF-8?q?=E7=BB=86=E8=8A=82=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- account/views.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/account/views.py b/account/views.py index c92d04fa..2ba5739c 100644 --- a/account/views.py +++ b/account/views.py @@ -286,8 +286,8 @@ class ApplyResetPasswordAPIView(APIView): user = User.objects.get(email=data["email"]) except User.DoesNotExist: return error_response(u"用户不存在") - #if user.reset_password_token_create_time and (now() - user.reset_password_token_create_time).total_seconds() < 20 * 60: - # return error_response(u"20分钟内只能找回一次密码") + if user.reset_password_token_create_time and (now() - user.reset_password_token_create_time).total_seconds() < 20 * 60: + return error_response(u"20分钟内只能找回一次密码") user.reset_password_token = rand_str() user.reset_password_token_create_time = now() user.save() @@ -329,11 +329,6 @@ class ResetPasswordAPIView(APIView): return serializer_invalid_response(serializer) - - - - - def user_index_page(request, username): try: user = User.objects.get(username=username) @@ -370,3 +365,12 @@ class SSOAPIView(APIView): request.user.save() return render(request, "oj/account/sso.html", {"redirect_url": callback + "?token=" + token, "callback": callback}) + +def reset_password_page(request, token): + try: + user = User.objects.get(reset_password_token=token) + except User.DoesNotExist: + return error_page(request, u"链接已失效") + if (now() - user.reset_password_token_create_time).total_seconds() > 30 * 60: + return error_page(request, u"链接已过期") + return render(request, "oj/account/reset_password.html", {"user": user}) From 879e46bc054d4687a7d2db13a6ad3bb7157c3745 Mon Sep 17 00:00:00 2001 From: sxw Date: Mon, 30 Nov 2015 18:04:47 +0800 Subject: [PATCH 11/13] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E9=87=8D=E7=BD=AE?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E4=BB=A5=E5=90=8E=E7=9A=84=E8=B7=B3=E8=BD=AC?= =?UTF-8?q?=E5=88=B0=E7=99=BB=E5=BD=95=E9=A1=B5=E9=9D=A2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- static/src/js/app/oj/account/resetPassword.js | 1 + 1 file changed, 1 insertion(+) diff --git a/static/src/js/app/oj/account/resetPassword.js b/static/src/js/app/oj/account/resetPassword.js index 9683019b..0f0bb4bc 100644 --- a/static/src/js/app/oj/account/resetPassword.js +++ b/static/src/js/app/oj/account/resetPassword.js @@ -16,6 +16,7 @@ require(["jquery", "bsAlert", "csrfToken", "validator"], function ($, bsAlert, c if (!data.code) { refresh_captcha(); bsAlert(data.data); + window.location.href = "/login/"; } else { refresh_captcha(); From 6b3168d0ff9af5687785605a8136f5cdb9501309 Mon Sep 17 00:00:00 2001 From: sxw Date: Mon, 30 Nov 2015 18:05:20 +0800 Subject: [PATCH 12/13] =?UTF-8?q?=E7=B2=BE=E7=AE=80=E9=87=8D=E7=BD=AE?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E9=82=AE=E4=BB=B6=E6=A8=A1=E6=9D=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- template/src/utils/reset_password_email.html | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/template/src/utils/reset_password_email.html b/template/src/utils/reset_password_email.html index 228dfb8c..5a0b5915 100644 --- a/template/src/utils/reset_password_email.html +++ b/template/src/utils/reset_password_email.html @@ -37,12 +37,7 @@ - 您的用户名是:{{ username }} - - - - - 如果您忘记了您的登录密码,请在30分钟内点击下面链接设置您的新密码: + 请在30分钟内点击下面链接设置您的新密码: @@ -68,8 +63,8 @@ - 如果您没有提出过该申请,请忽略此邮件。有可能是其他用户误填了您的邮件地址。我们不会对你的帐户进行任何修改。 - 但请不要向任何人泄漏这封邮件中的内容,我们的工作人员不会以任何理由向您索要该邮件涉及到的任何信息。 + 如果您没有提出过该申请,请忽略此邮件。有可能是其他用户误填了您的邮件地址,我们不会对你的帐户进行任何修改。 + 请不要向他人透露本邮件的内容,否则可能会导致您的账号被盗。 From d95f401d5b413cee8995120ececc2ab137bdc9e8 Mon Sep 17 00:00:00 2001 From: sxw Date: Mon, 30 Nov 2015 18:06:40 +0800 Subject: [PATCH 13/13] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=94=99=E8=AF=AF?= =?UTF-8?q?=E6=8F=90=E7=A4=BA=E6=8E=AA=E8=BE=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- template/src/oj/account/change_password.html | 2 +- template/src/oj/account/reset_password.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/template/src/oj/account/change_password.html b/template/src/oj/account/change_password.html index 3f346e2b..9fd13340 100644 --- a/template/src/oj/account/change_password.html +++ b/template/src/oj/account/change_password.html @@ -36,7 +36,7 @@
+ placeholder="确认密码" maxlength="30" data-match="#new_password" data-match-error="两次密码不一致" required>
diff --git a/template/src/oj/account/reset_password.html b/template/src/oj/account/reset_password.html index ff72e454..703ff6fc 100644 --- a/template/src/oj/account/reset_password.html +++ b/template/src/oj/account/reset_password.html @@ -28,7 +28,7 @@