Add Reset Password Feature (#138)

* Add Reset Password Feature * Remove unnecessary code * Update some mail configurations * Added reset time to be 1 day
IEEE-NITK · Mar 15, 2024 · 59db559 · 59db559
1 parent 2878737
commit 59db559
Show file tree

Hide file tree

Showing 11 changed files with 204 additions and 1 deletion.
diff --git a/corpus/accounts/urls.py b/corpus/accounts/urls.py
@@ -1,3 +1,7 @@
+from django.contrib.auth.views import PasswordResetCompleteView
+from django.contrib.auth.views import PasswordResetConfirmView
+from django.contrib.auth.views import PasswordResetDoneView
+from django.contrib.auth.views import PasswordResetView
 from django.urls import path
 
 from .views import signin
@@ -8,4 +12,16 @@
     path("signup/", signup, name="accounts_signup"),
     path("login/", signin, name="accounts_signin"),
     path("logout/", signout, name="accounts_signout"),
+    path("reset/", PasswordResetView.as_view(), name="password_reset"),
+    path("reset/done/", PasswordResetDoneView.as_view(), name="password_reset_done"),
+    path(
+        "reset/confirm/<uidb64>/<token>/",
+        PasswordResetConfirmView.as_view(),
+        name="password_reset_confirm",
+    ),
+    path(
+        "reset/complete/",
+        PasswordResetCompleteView.as_view(),
+        name="password_reset_complete",
+    ),
 ]
diff --git a/corpus/corpus/settings.py b/corpus/corpus/settings.py
@@ -167,6 +167,10 @@
 AUTHENTICATION_BACKENDS = [
     "accounts.backend.CorpusAuthBackend",
 ]
+
+# Reset Timeout in seconds. 1 day
+PASSWORD_RESET_TIMEOUT = 86400
+
 LOGIN_URL = "/accounts/login"
 LOGIN_REDIRECT_URL = "/"
 LOGOUT_URL = ""
@@ -175,7 +179,9 @@
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
 # Email Settings
-EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
+EMAIL_PROTOCOL = os.getenv("EMAIL_PROTOCOL", "console")
+
+EMAIL_BACKEND = f"django.core.mail.backends.{EMAIL_PROTOCOL}.EmailBackend"
 EMAIL_HOST = os.environ.get("EMAIL_HOST", "smtp.gmail.com")
 EMAIL_HOST_USER = os.environ.get("EMAIL_HOST_USER", "[email protected]")
 EMAIL_HOST_PASSWORD = os.environ.get("EMAIL_HOST_PASSWORD", "gmailapppassword")

diff --git a/corpus/templates/accounts/login.html b/corpus/templates/accounts/login.html
@@ -47,6 +47,10 @@ <h1 class="card-title text-2xl">Login</h1>
                         </div>
                     {% endif %}
                 </div>
+                <div class="w-full">
+                    <a href="{% url 'password_reset' %}" class="underline underline-offset-2">Forgot
+                        Password?</a>
+                </div>
 
                 <div class="card-actions mt-5">
                     <button class="btn btn-primary btn-block">Login</button>

diff --git a/corpus/templates/registration/password_reset_complete.html b/corpus/templates/registration/password_reset_complete.html
@@ -0,0 +1,21 @@
+{% extends 'base.html' %}
+
+{% block title %}
+    Complete! | Reset Password
+{% endblock %}
+
+{% block content %}
+    <div class="card w-3/4 lg:w-1/3 mx-auto my-10 bg-base-200 shadow-xl">
+        <div class="card-body">
+            <h1 class="card-title text-2xl">Complete!</h1>
+            <p>
+                Your password has been reset.
+                Please continue to
+                <a href="{% url 'accounts_signin' %}" class="underline underline-offset-2">
+                    login
+                </a>
+                to access your account.
+            </p>
+        </div>
+    </div>
+{% endblock %}
diff --git a/corpus/templates/registration/password_reset_confirm.html b/corpus/templates/registration/password_reset_confirm.html
@@ -0,0 +1,60 @@
+{% extends 'base.html' %}
+
+{% block title %}
+    Reset Password
+{% endblock %}
+
+{% block content %}
+    <div class="card w-3/4 lg:w-1/3 mx-auto my-10 bg-base-200 shadow-xl">
+        <div class="card-body">
+            {% if validlink %}
+                <h1 class="card-title text-2xl">Reset Password</h1>
+                <form method="post">
+                    {% csrf_token %}
+
+                    {% if form.non_field_errors %}
+                        {% for error in form.non_field_errors %}
+                            <div role="alert" class="alert alert-error mt-1">
+                                <span>{{ error }}</span>
+                            </div>
+                        {% endfor %}
+                    {% endif %}
+
+                    <div class="w-full my-2">
+                        <label for="{{ form.new_password1.id_for_label }}">New Password</label>
+                        {{ form.new_password1 }}
+                        {% if form.new_password1.errors %}
+                            <div class="my-1">
+                                <div role="alert" class="alert alert-error">
+                                    {{ form.new_password1.errors }}
+                                </div>
+                            </div>
+                        {% endif %}
+                    </div>
+
+                    <div class="w-full my-2">
+                        <label for="{{ form.new_password2.id_for_label }}">Confirm New Password</label>
+                        {{ form.new_password2 }}
+                        {% if form.new_password2.errors %}
+                            <div class="my-1">
+                                <div role="alert" class="alert alert-error">
+                                    {{ form.new_password2.errors }}
+                                </div>
+                            </div>
+                        {% endif %}
+                    </div>
+
+                    <div class="card-actions mt-5">
+                        <button type="submit" class="btn btn-primary btn-block">Reset Password</button>
+                    </div>
+                </form>
+            {% else %}
+                <h1 class="card-title text-2xl">Invalid Link</h1>
+                <p>
+                    The password reset link was invalid, possibly because it has already been used.
+                    Please request a new password reset link.
+                </p>
+            {% endif %}
+        </div>
+    </div>
+{% endblock %}
diff --git a/corpus/templates/registration/password_reset_done.html b/corpus/templates/registration/password_reset_done.html
@@ -0,0 +1,21 @@
+{% extends 'base.html' %}
+
+{% block title %}
+    Done! | Reset Password
+{% endblock %}
+
+{% block content %}
+    <div class="card w-3/4 lg:w-1/3 mx-auto my-10 bg-base-200 shadow-xl">
+        <div class="card-body">
+            <h1 class="card-title text-2xl">Reset Password</h1>
+            <p>
+                We've emailed you instructions for setting your password, if an account exists with the email you
+                entered. You should receive them shortly. The reset link is valid for <strong>1 day</strong>.
+            </p>
+            <p>
+                If you don't receive an email, please make sure you've entered the address you registered with, and
+                check your spam folder.
+            </p>
+        </div>
+    </div>
+{% endblock %}
diff --git a/corpus/templates/registration/password_reset_email.html b/corpus/templates/registration/password_reset_email.html
@@ -0,0 +1,31 @@
+{% extends 'emails/base.html' %}
+
+{% block title %}
+    Reset Password | Corpus | IEEE NITK
+{% endblock %}
+
+{% block content %}
+{% autoescape off %}
+<p>
+    To initiate the password reset process for your {{ user.get_username }} Corpus Account,
+    click the link below:
+</p>
+
+<p>
+    {{ protocol }}://{{ domain }}{% url 'password_reset_confirm' uidb64=uid token=token %}
+</p>
+
+<p>
+    If clicking the link above doesn't work, please copy and paste the URL in a new browser window instead.
+</p>
+<p>
+    The link will be accessible for the next <strong>1 day</strong>.
+</p>
+
+<p>
+    Sincerely,
+    <br>
+    IEEE NITK
+</p>
+{% endautoescape %}
+{% endblock %}
diff --git a/corpus/templates/registration/password_reset_form.html b/corpus/templates/registration/password_reset_form.html
@@ -0,0 +1,41 @@
+{% extends 'base.html' %}
+
+{% block title %}
+    Reset Password
+{% endblock %}
+
+{% block content %}
+    <div class="card w-3/4 lg:w-1/3 mx-auto my-10 bg-base-200 shadow-xl">
+        <div class="card-body">
+            <h1 class="card-title text-2xl">Reset Password</h1>
+
+            <form method="post">
+                {% csrf_token %}
+
+                {% if form.non_field_errors %}
+                    {% for error in form.non_field_errors %}
+                        <div role="alert" class="alert alert-error mt-1">
+                            <span>{{ error }}</span>
+                        </div>
+                    {% endfor %}
+                {% endif %}
+
+                <div class="w-full my-2">
+                    <label for="{{ form.email.id_for_label }}">Email</label>
+                    {{ form.email }}
+                    {% if form.email.errors %}
+                        <div class="my-1">
+                            <div role="alert" class="alert alert-error">
+                                {{ form.email.errors }}
+                            </div>
+                        </div>
+                    {% endif %}
+                </div>
+
+                <div class="card-actions mt-5">
+                    <button type="submit" class="btn btn-primary btn-block">Send me a reset link</button>
+                </div>
+            </form>
+        </div>
+    </div>
+{% endblock %}
diff --git a/corpus/templates/registration/password_reset_subject.txt b/corpus/templates/registration/password_reset_subject.txt
@@ -0,0 +1 @@
+Reset Password | Corpus | IEEE NITK
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -50,6 +50,7 @@ services:
       - .env
     environment:
       - ENVIRONMENT=DEVELOPMENT
+      - EMAIL_PROTOCOL=console
 
   jstoolchain:
     build:

diff --git a/prod-docker-compose.yml b/prod-docker-compose.yml
@@ -49,6 +49,7 @@ services:
       - .env
     environment:
       - ENVIRONMENT=PRODUCTION
+      - EMAIL_PROTOCOL=smtp
 
   nginx:
     build: nginx