Commit eeadc8bb authored by Noe Nieto's avatar Noe Nieto 💬
Browse files

Merge branch 'master' of source.puri.sm:liberty/host/middleware

parents 4f90b51f b003d742
......@@ -57,9 +57,9 @@ urlpatterns = [
url(r'^accounts/profile/storage',
purist.views.StorageView.as_view(), name='storage'),
url(r'^accounts/profile/activate_payg',
purist.views.ActivatePAYGView.as_view(), name='activate_payg'),
purist.views.ActivatePaygView.as_view(), name='activate_payg'),
url(r'^accounts/profile/deactivate_payg',
purist.views.DeactivatePAYGView.as_view(), name='deactivate_payg'),
purist.views.DeactivatePaygView.as_view(), name='deactivate_payg'),
url(r'^accounts/register/(?P<layout>.+)/$', CartRegistrationView.as_view(),
name='register_layout'),
url(r'^accounts/register/$', CartRegistrationView.as_view(),
......
......@@ -108,8 +108,12 @@ class PassphraseValidator(BaseValidator):
super(PassphraseValidator, self).validate(password, user)
pattern = r'[\\\'\"]'
result = re.search(pattern, password)
if result is not None:
# Check if the password has only ASCII characters and does not
# contain ', " or \
if not password.isascii() or result is not None:
raise ValidationError(
_('\\ \' and \" are not valid characters'),
_('Your passphrase contains invalid characters. If you are using a '
'password generator rather than diceware, we recommend at least 12 '
'alphanumeric characters for 71 bits of entropy. More is better!.'),
code='invalid_character',
)
......@@ -572,7 +572,8 @@ class User(AbstractUser):
SessionStore.clear_expired()
for s in Session.objects.all():
if s.get_decoded()['_auth_user_id'] == str(self.id):
auth_user_id = s.get_decoded().get('_auth_user_id', None)
if auth_user_id == str(self.id):
s.delete()
......
......@@ -196,7 +196,7 @@ class StorageView(LoginRequiredMixin, BetaAccessMixin, TemplateView):
return context
class ActivatePAYGView(LoginRequiredMixin, BetaAccessMixin, RedirectView):
class ActivatePaygView(LoginRequiredMixin, BetaAccessMixin, RedirectView):
pattern_name = 'storage'
def get_redirect_url(self, *args, **kwargs):
......@@ -213,10 +213,10 @@ class ActivatePAYGView(LoginRequiredMixin, BetaAccessMixin, RedirectView):
self.request.user.save()
update_storage_subscription(self.request.user, sub)
return super(ActivatePAYGView, self).get_redirect_url(*args, **kwargs)
return super(ActivatePaygView, self).get_redirect_url(*args, **kwargs)
class DeactivatePAYGView(LoginRequiredMixin, BetaAccessMixin, RedirectView):
class DeactivatePaygView(LoginRequiredMixin, BetaAccessMixin, RedirectView):
pattern_name = 'storage'
def get_redirect_url(self, *args, **kwargs):
......@@ -233,7 +233,7 @@ class DeactivatePAYGView(LoginRequiredMixin, BetaAccessMixin, RedirectView):
self.request.user.payg = False
self.request.user.save()
return super(DeactivatePAYGView, self).get_redirect_url(*args, **kwargs)
return super(DeactivatePaygView, self).get_redirect_url(*args, **kwargs)
def home(request):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment