Password change deleted

HackAssistant · Jul 27, 2020 · ee332b0 · ee332b0
1 parent 1847439
commit ee332b0
Show file tree

Hide file tree

Showing 6 changed files with 5 additions and 53 deletions.
diff --git a/user/forms.py b/user/forms.py
@@ -172,15 +172,3 @@ def __init__(self, *args, **kwargs):
             self.fields['type'].widget = forms.HiddenInput()
         else:
             self.fields['non_change_type'].widget = forms.HiddenInput()
-
-
-class _UserPutsPassword(forms.Form):
-    actual_password = forms.CharField(
-        label="Actual password",
-        strip=False,
-        widget=forms.PasswordInput,
-    )
-
-
-class UserResetPasswordForm(SetPasswordForm, _UserPutsPassword):
-    pass
diff --git a/user/templates/confirm_delete.html b/user/templates/confirm_delete.html
@@ -7,7 +7,7 @@
   <a class="btn btn-default" href={% url 'user_profile' %}>< back</a>
   <div>
   <h1 style="text-align: center">Please read this!</h1>
-  <p style="text-align: center">Your hole account is going to be deleted. That means all your progress will be lost and you will be
+  <p style="text-align: center">Your whole account is going to be deleted. That means all your progress will be lost and you will be
     cancelling your attendance at {{ h_name }}. <strong>This action can't be reverted.</strong> Click below in order to
     delete your account.</p>
   <form enctype="multipart/form-data" method="post" action="">

diff --git a/user/templates/password_reset_confirm.html b/user/templates/password_reset_confirm.html
@@ -6,9 +6,6 @@
 
 {% block content %}
     {% if validlink %}
-        {% if back %}
-            <a class="btn btn-default" href="{% url 'user_profile' %}">< Back</a>
-        {% endif %}
         <h1>Change password</h1>
         <form action="" method="post" class="form form-horizontal">
             {% csrf_token %}

diff --git a/user/templates/profile.html b/user/templates/profile.html
@@ -22,10 +22,6 @@ <h3>Personal data</h3>
         {% endfor %}
         <button class="btn-block btn btn-success">Update Profile</button>
     </form>
-    <h2>Password</h2>
-    <hr>
-    <p>You can change your current password here.</p>
-    <a class="btn-block btn btn-default" href="{% url 'user_profile_password_reset' %}">Change Password</a>
     <h2>Delete account</h2>
     <hr>
     <p>You can delete your account with all the personal data from your user and applications. <strong>This action cannot be reverted.</strong></p>

diff --git a/user/urls.py b/user/urls.py
@@ -23,6 +23,5 @@
     url(r'^verify/$', views.verify_email_required, name='verify_email_required'),
     url(r'^verify/send$', views.send_email_verification, name='send_email_verification'),
     url(r'^profile/$', views.UserProfile.as_view(), name='user_profile'),
-    url(r'^profile/password_reset/$', views.ResetPassword.as_view(), name='user_profile_password_reset'),
     url(r'^profile/delete/$', views.DeleteAccount.as_view(), name='user_profile_delete'),
 ]
diff --git a/user/views.py b/user/views.py
@@ -281,7 +281,7 @@ def get_context_data(self, *args, **kwargs):
         form = forms.ProfileForm(initial={
             'name': self.request.user.name,
             'email': self.request.user.email,
-            'type': self.request.user.type,
+            'type': self.request.user.type if self.request.user.can_change_type() else 'H',
             'non_change_type': self.request.user.get_type_display(),
         }, type_active=self.request.user.can_change_type())
         context.update({'form': form})
@@ -304,38 +304,10 @@ def post(self, request, *args, **kwargs):
         return render(request, self.template_name, c)
 
 
-class ResetPassword(IsHackerMixin, TemplateView):
-    template_name = 'password_reset_confirm.html'
-
-    def get_context_data(self, *args, **kwargs):
-        context = super(ResetPassword, self).get_context_data(**kwargs)
-        form = forms.UserResetPasswordForm()
-        context.update({'form': form, 'validlink': True, 'back': True})
-        return context
-
-    def post(self, request, *args, **kwargs):
-        form = forms.UserResetPasswordForm(request.POST)
-        if form.is_valid():
-            actual_password = form.cleaned_data['actual_password']
-            if not request.user.check_password(actual_password):
-                form.add_error('actual_password', 'Incorrect password')
-            else:
-                new_password = form.cleaned_data['new_password1']
-                email = request.user.email
-                form.save(request.user)
-                user = auth.authenticate(email=email, password=new_password)
-                if user and user.is_active:
-                    auth.login(request, user)
-                messages.success(request, "Password saved successfully")
-                return HttpResponseRedirect(reverse('user_profile'))
-        c = self.get_context_data()
-        c.update({'form': form, 'validlink': True, 'back': True})
-        return render(request, self.template_name, c)
-
-
 class DeleteAccount(IsHackerMixin, TemplateView):
     template_name = 'confirm_delete.html'
 
-    def post(self):
-        self.request.user.delete()
+    def post(self, request, *args, **kwargs):
+        request.user.delete()
+        messages.success(request, "User deleted successfully")
         return HttpResponseRedirect(reverse('root'))