Activate inactive user on first login

2025-09-12 21:30:39 +00:00 · 2017-10-12 14:02:53 +08:00
parent a2907b5fca
commit a0cded89ee
4 changed files with 32 additions and 3 deletions
--- a/seahub/auth/forms.py
+++ b/seahub/auth/forms.py
@@ -1,5 +1,6 @@
 # Copyright (c) 2012-2016 Seafile Ltd.
 from django.contrib.sites.models import Site
+from django.conf import settings
 from django import forms
 from django.utils.translation import ugettext_lazy as _
 from django.utils.http import int_to_base36
@@ -7,6 +8,7 @@ from django.utils.http import int_to_base36
 from seahub.base.accounts import User
 from seahub.auth import authenticate
 from seahub.auth.tokens import default_token_generator
+from seahub.options.models import UserOptions
 from seahub.profile.models import Profile
 from seahub.utils import IS_EMAIL_CONFIGURED, send_html_email, \
    is_ldap_user, is_user_password_strong
@@ -61,8 +63,16 @@ class AuthenticationForm(forms.Form):
            if self.user_cache is None:
                raise forms.ValidationError(_("Please enter a correct email/username and password. Note that both fields are case-sensitive."))
            elif not self.user_cache.is_active:
-                self.errors['inactive'] = _("This account is inactive.")
-                raise forms.ValidationError(_("This account is inactive."))
+                if settings.ACTIVATE_AFTER_FIRST_LOGIN and \
+                   not UserOptions.objects.is_user_logged_in(username):
+                    """Activate user on first login."""
+                    self.user_cache.is_active = True
+                    self.user_cache.save()
+
+                    UserOptions.objects.set_user_logged_in(username)
+                else:
+                    self.errors['inactive'] = _("This account is inactive.")
+                    raise forms.ValidationError(_("This account is inactive."))

        # TODO: determine whether this should move to its own method.
        if self.request:
--- a/seahub/auth/views.py
+++ b/seahub/auth/views.py
@@ -152,7 +152,6 @@ def login(request, template_name='registration/login.html',
    redirect_to = request.REQUEST.get(redirect_field_name, '')
    ip = get_remote_ip(request)

-
    if request.method == "POST":
        login = urlquote(request.REQUEST.get('login', '').strip())
        failed_attempt = _get_login_failed_attempts(username=login, ip=ip)
--- a/seahub/options/models.py
+++ b/seahub/options/models.py
@@ -21,6 +21,9 @@ VAL_SUB_LIB_DISABLED = "0"
 KEY_FORCE_PASSWD_CHANGE = "force_passwd_change"
 VAL_FORCE_PASSWD_CHANGE = "1"

+KEY_USER_LOGGED_IN = "user_logged_in"
+VAL_USER_LOGGED_IN = "1"
+
 KEY_DEFAULT_REPO = "default_repo"

 class CryptoOptionNotSetError(Exception):
@@ -200,6 +203,20 @@ class UserOptionsManager(models.Manager):
    def unset_force_passwd_change(self, username):
        return self.unset_user_option(username, KEY_FORCE_PASSWD_CHANGE)

+    def set_user_logged_in(self, username):
+        return self.set_user_option(username, KEY_USER_LOGGED_IN,
+                                    VAL_USER_LOGGED_IN)
+
+    def is_user_logged_in(self, username):
+        """Check whether user has logged in successfully at least once.
+        """
+        try:
+            r = super(UserOptionsManager, self).get(
+                email=username, option_key=KEY_USER_LOGGED_IN)
+            return r.option_val == VAL_USER_LOGGED_IN
+        except UserOptions.DoesNotExist:
+            return False
+

 class UserOptions(models.Model):
    email = LowerCaseCharField(max_length=255, db_index=True)
--- a/seahub/settings.py
+++ b/seahub/settings.py
@@ -397,6 +397,9 @@ ACTIVATE_AFTER_REGISTRATION = True
 # This option will be ignored if ``ACTIVATE_AFTER_REGISTRATION`` set to ``True``.
 REGISTRATION_SEND_MAIL = False

+# Whether or not activate inactive user on first login. Mainly used in LDAP user sync.
+ACTIVATE_AFTER_FIRST_LOGIN = False
+
 REQUIRE_DETAIL_ON_REGISTRATION = False

 # Account initial password, for password resetting.