diff --git a/seahub/auth/forms.py b/seahub/auth/forms.py index 15b3446c42..4087f9baf9 100644 --- a/seahub/auth/forms.py +++ b/seahub/auth/forms.py @@ -1,5 +1,6 @@ # Copyright (c) 2012-2016 Seafile Ltd. from django.contrib.sites.models import Site +from django.conf import settings from django import forms from django.utils.translation import ugettext_lazy as _ from django.utils.http import int_to_base36 @@ -7,6 +8,7 @@ from django.utils.http import int_to_base36 from seahub.base.accounts import User from seahub.auth import authenticate from seahub.auth.tokens import default_token_generator +from seahub.options.models import UserOptions from seahub.profile.models import Profile from seahub.utils import IS_EMAIL_CONFIGURED, send_html_email, \ is_ldap_user, is_user_password_strong @@ -61,8 +63,16 @@ class AuthenticationForm(forms.Form): if self.user_cache is None: raise forms.ValidationError(_("Please enter a correct email/username and password. Note that both fields are case-sensitive.")) elif not self.user_cache.is_active: - self.errors['inactive'] = _("This account is inactive.") - raise forms.ValidationError(_("This account is inactive.")) + if settings.ACTIVATE_AFTER_FIRST_LOGIN and \ + not UserOptions.objects.is_user_logged_in(username): + """Activate user on first login.""" + self.user_cache.is_active = True + self.user_cache.save() + + UserOptions.objects.set_user_logged_in(username) + else: + self.errors['inactive'] = _("This account is inactive.") + raise forms.ValidationError(_("This account is inactive.")) # TODO: determine whether this should move to its own method. if self.request: diff --git a/seahub/auth/views.py b/seahub/auth/views.py index 0fdd3aa7e1..4a88715f32 100644 --- a/seahub/auth/views.py +++ b/seahub/auth/views.py @@ -152,7 +152,6 @@ def login(request, template_name='registration/login.html', redirect_to = request.REQUEST.get(redirect_field_name, '') ip = get_remote_ip(request) - if request.method == "POST": login = urlquote(request.REQUEST.get('login', '').strip()) failed_attempt = _get_login_failed_attempts(username=login, ip=ip) diff --git a/seahub/options/models.py b/seahub/options/models.py index 541124cac5..b2c4175e6c 100644 --- a/seahub/options/models.py +++ b/seahub/options/models.py @@ -21,6 +21,9 @@ VAL_SUB_LIB_DISABLED = "0" KEY_FORCE_PASSWD_CHANGE = "force_passwd_change" VAL_FORCE_PASSWD_CHANGE = "1" +KEY_USER_LOGGED_IN = "user_logged_in" +VAL_USER_LOGGED_IN = "1" + KEY_DEFAULT_REPO = "default_repo" class CryptoOptionNotSetError(Exception): @@ -200,6 +203,20 @@ class UserOptionsManager(models.Manager): def unset_force_passwd_change(self, username): return self.unset_user_option(username, KEY_FORCE_PASSWD_CHANGE) + def set_user_logged_in(self, username): + return self.set_user_option(username, KEY_USER_LOGGED_IN, + VAL_USER_LOGGED_IN) + + def is_user_logged_in(self, username): + """Check whether user has logged in successfully at least once. + """ + try: + r = super(UserOptionsManager, self).get( + email=username, option_key=KEY_USER_LOGGED_IN) + return r.option_val == VAL_USER_LOGGED_IN + except UserOptions.DoesNotExist: + return False + class UserOptions(models.Model): email = LowerCaseCharField(max_length=255, db_index=True) diff --git a/seahub/settings.py b/seahub/settings.py index cdd7c70d4d..4385fe9978 100644 --- a/seahub/settings.py +++ b/seahub/settings.py @@ -397,6 +397,9 @@ ACTIVATE_AFTER_REGISTRATION = True # This option will be ignored if ``ACTIVATE_AFTER_REGISTRATION`` set to ``True``. REGISTRATION_SEND_MAIL = False +# Whether or not activate inactive user on first login. Mainly used in LDAP user sync. +ACTIVATE_AFTER_FIRST_LOGIN = False + REQUIRE_DETAIL_ON_REGISTRATION = False # Account initial password, for password resetting.