Reset password

README.md

@@ -199,3 +199,20 @@ SQL:
 
 #### ADDON SOLUTION 7.
 ![addon_7](doc/addon_7_confirm.png)
+
+
+
+
+## RESET PASSWORD
+
+![](doc/reset-password-forgot.png)
+
+![](doc/reset-password-req.png)
+
+![](doc/reset-password-req_sent.png)
+
+![](doc/reset-password-email.png)
+
+![](doc/reset-password-new-pwd.png)
+
+![](doc/reset-password-completed.png)

doc/env

@@ -1,2 +1,10 @@
+SECRET_KEY="django-secure-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+
 POSTGRES_PASSWORD=XXXXXXX
 POSTGRES_HOST=pg
+
+MAIL_USERNAME=xxxxxxx@meta.ua
+MAIL_PASSWORD=uuuuuuuuuuuu
+MAIL_FROM=xxxxxxu@meta.ua
+MAIL_PORT=465
+MAIL_SERVER=smtp.meta.ua

notes/notes/settings.py

@@ -14,18 +14,27 @@
 from dotenv import load_dotenv
 import os
 
+
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 
-MEDIA_ROOT = BASE_DIR / 'media'
-MEDIA_URL = '/media/'
+SECRET_KEY = os.getenv("SECRET_KEY")
+
+if not os.getenv("SECRET_KEY"):
+    load_dotenv(BASE_DIR.parent.joinpath('.env'))
+    SECRET_KEY = os.getenv("SECRET_KEY")
+
+assert SECRET_KEY is not None, "ENVIROMENT NOT SET"
+
+MEDIA_ROOT = BASE_DIR / "media"
+MEDIA_URL = "/media/"
 
 
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = "django-insecure-*&af@8so2^humwnzi7wk^#z6p-6$mnpe(g(8%=djywwe46=r8^"
+
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
@@ -143,25 +152,35 @@
 
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 
+EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
+EMAIL_HOST = os.getenv("MAIL_SERVER", "smtp.meta.ua")
+EMAIL_PORT = int(os.getenv("MAIL_PORT", 465))
+EMAIL_STARTTLS = False
+EMAIL_USE_SSL = True
+EMAIL_USE_TLS = False
+EMAIL_HOST_USER = os.getenv("MAIL_USERNAME", "youruser@meta.ua")
+EMAIL_HOST_PASSWORD = os.getenv("MAIL_PASSWORD", "yourpassword")
+DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
+
 # logging
 LOGGING = {
-    'version': 1,
-    'filters': {
-        'require_debug_true': {
-            '()': 'django.utils.log.RequireDebugTrue',
+    "version": 1,
+    "filters": {
+        "require_debug_true": {
+            "()": "django.utils.log.RequireDebugTrue",
         }
     },
-    'handlers': {
-        'console': {
-            'level': 'DEBUG',
-            'filters': ['require_debug_true'],
-            'class': 'logging.StreamHandler',
+    "handlers": {
+        "console": {
+            "level": "DEBUG",
+            "filters": ["require_debug_true"],
+            "class": "logging.StreamHandler",
         }
     },
-    'loggers': {
-        'django.db.backends': {
-            'level': 'DEBUG',
-            'handlers': ['console'],
+    "loggers": {
+        "django.db.backends": {
+            "level": "DEBUG",
+            "handlers": ["console"],
         }
-    }
-}
+    },
+}

notes/users/forms.py

@@ -7,17 +7,15 @@
 
 class RegisterForm(UserCreationForm):
     username = forms.CharField(max_length=100, required=True, widget=forms.TextInput())
-    password1 = forms.CharField(
-        max_length=50, required=True, widget=forms.PasswordInput()
-    )
-    password2 = forms.CharField(
-        max_length=50, required=True, widget=forms.PasswordInput()
-    )
+    email = forms.CharField(max_length=100, required=True, widget=forms.TextInput())
+    password1 = forms.CharField(max_length=50, required=True, widget=forms.PasswordInput())
+    password2 = forms.CharField(max_length=50, required=True, widget=forms.PasswordInput())
 
     class Meta:
         model = User
         fields = [
             "username",
+            "email",
             "password1",
             "password2",
         ]
@@ -47,4 +45,4 @@ class Meta:
         model = User
         fields = [
             "username",
-        ]
+        ]

notes/users/templates/users/login.html

@@ -28,6 +28,9 @@
         <button type="submit">Submit</button>
         <button type="reset" class="secondary">Reset</button>
     </div>
+    <div class="small text-center">
+        <a href="{% url 'users:password_reset' %}" class="text-center"><i>Forgot Password?</i></a>
+    </div>
 </form>
 
 {% endblock %}

notes/users/templates/users/password_reset.html

@@ -0,0 +1,12 @@
+{% extends "noteapp/base.html" %}
+
+{% block content %}
+
+<h2>Password reset</h2>
+<form method="post">
+    {% csrf_token %}
+    {{ form.as_p }}
+    <button type="submit">Request password reset</button>
+</form>
+
+{% endblock %}

notes/users/templates/users/password_reset_complete.html

@@ -0,0 +1,7 @@
+{% extends "noteapp/base.html" %}
+
+{% block content %}
+
+    <h2>Password reset complete!</h2>
+
+{% endblock %}

notes/users/templates/users/password_reset_confirm.html

@@ -0,0 +1,12 @@
+{% extends "noteapp/base.html" %}
+
+{% block content %}
+
+<h2>Enter new password</h2>
+<form method="post">
+    {% csrf_token %}
+    {{ form.as_p }}
+    <button type="submit">Save new password</button>
+</form>
+
+{% endblock %}

notes/users/templates/users/password_reset_done.html

@@ -0,0 +1,8 @@
+{% extends "noteapp/base.html" %}
+
+{% block content %}
+
+<h2>Password reset request sent</h2>
+<p>We've emailed you with instructions on how to reset your password.</p>
+
+{% endblock %}

notes/users/templates/users/password_reset_email.html

@@ -0,0 +1,13 @@
+{% autoescape off %}
+<body>
+<p>Hi {{ user.username }},</p>
+<p>You requested a password reset for your account. Please follow this link to set a new password:</p>
+<p>
+    <a href="{{ protocol }}://{{ domain }}{% url 'users:password_reset_confirm' uidb64=uid token=token %}">
+        {{ protocol }}://{{ domain }}{% url 'users:password_reset_confirm' uidb64=uid token=token %}
+    </a>
+</p>
+<p>If you didn't request a password reset, please ignore this email.</p>
+<p>Thanks,</p>
+<p>The Our Team</p>
+{% endautoescape %}

notes/users/templates/users/password_reset_subject.txt

@@ -0,0 +1 @@
+Reset password

notes/users/templates/users/signup.html

@@ -14,6 +14,12 @@ <h2>Sign Up</h2>
         </label>
         <span>{{ form.errors.username }}</span>
     </div>
+    <div>
+        <label> Email:
+            {{ form.email }}
+        </label>
+        <span>{{ form.errors.email }}</span>
+    </div>
     <br>
     <div>
         <label> Password:

notes/users/urls.py

@@ -1,12 +1,31 @@
 from django.urls import path
+from django.contrib.auth.views import PasswordResetDoneView, PasswordResetConfirmView, PasswordResetCompleteView
 from . import views
 
-app_name = 'users'
+app_name = "users"
 
 urlpatterns = [
-    path('signup/', views.signupuser, name='signup'),
-    path('login/', views.loginuser, name='login'),
-    path('logout/', views.logoutuser, name='logout'),
-    path('profile/', views.profile, name='profile'),
-    path('delete/', views.deleteuser, name='delete'),
+    path("signup/", views.signupuser, name="signup"),
+    path("login/", views.loginuser, name="login"),
+    path("logout/", views.logoutuser, name="logout"),
+    path("profile/", views.profile, name="profile"),
+    path("delete/", views.deleteuser, name="delete"),
+    path("reset-password/", views.ResetPasswordView.as_view(), name="password_reset"),
+    path(
+        "reset-password/done/",
+        PasswordResetDoneView.as_view(template_name="users/password_reset_done.html"),
+        name="password_reset_done",
+    ),
+    path(
+        "reset-password/confirm/<uidb64>/<token>/",
+        PasswordResetConfirmView.as_view(
+            template_name="users/password_reset_confirm.html", success_url="/users/reset-password/complete/"
+        ),
+        name="password_reset_confirm",
+    ),
+    path(
+        "reset-password/complete/",
+        PasswordResetCompleteView.as_view(template_name="users/password_reset_complete.html"),
+        name="password_reset_complete",
+    ),
 ]

notes/users/views.py

@@ -2,6 +2,9 @@
 from django.contrib.auth import authenticate, login, logout
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
+from django.contrib.auth.views import PasswordResetView
+from django.contrib.messages.views import SuccessMessageMixin
+from django.urls import reverse_lazy
 
 from .forms import ProfileForm, RegisterForm, LoginForm, DeleteForm
 
@@ -86,4 +89,10 @@ def deleteuser(request):
 
 
 
-# Create your views here.
+class ResetPasswordView(SuccessMessageMixin, PasswordResetView):
+    template_name = 'users/password_reset.html'
+    email_template_name = 'users/password_reset_email.html'
+    html_email_template_name = 'users/password_reset_email.html'
+    success_url = reverse_lazy('users:password_reset_done')
+    success_message = "An email with instructions to reset your password has been sent to %(email)s."
+    subject_template_name = 'users/password_reset_subject.txt'

pyproject.toml

@@ -16,3 +16,9 @@ pillow = "^10.1.0"
 [build-system]
 requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"
+
+[tool.pylint.format]
+max-line-length = "119"
+
+[tool.black]
+line-length = 119