Rework the login and register forms

2 files changed, 41 insertions, 20 deletions

diff --git a/hyperkitty/views/accounts.py b/hyperkitty/views/accounts.py
index 21f0fad..645166e 100644
--- a/hyperkitty/views/accounts.py
+++ b/hyperkitty/views/accounts.py
@@ -26,16 +26,17 @@ from urllib2 import HTTPError
 from urlparse import urlparse
 
 from django.conf import settings
+from django.core.urlresolvers import reverse
 from django.contrib import messages
 from django.contrib.auth import logout, authenticate, login
 from django.contrib.auth.decorators import (login_required,
                                             permission_required,
                                             user_passes_test)
-from django.contrib.auth.forms import AuthenticationForm
 from django.contrib.auth.models import User
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render_to_response, redirect
 from django.template import Context, loader, RequestContext
+from django.utils.http import is_safe_url
 from django.utils.translation import gettext as _
 
 from hyperkitty.models import UserProfile, Rating, Favorite
@@ -46,6 +47,7 @@ from hyperkitty.lib import get_store
 logger = logging.getLogger(__name__)
 
 
+
 @login_required
 def user_profile(request, user_email=None):
     if not request.user.is_authenticated():
@@ -100,15 +102,23 @@ def user_profile(request, user_email=None):
 
 
 def user_registration(request):
+    redirect_to = request.REQUEST.get("next", reverse("root"))
+    if not is_safe_url(url=redirect_to, host=request.get_host()):
+        redirect_to = settings.LOGIN_REDIRECT_URL
+
+
     if request.user.is_authenticated():
         # Already registered, redirect back to index page
-        return redirect('index')
+        return HttpResponseRedirect(redirect_to)
 
     if request.POST:
         form = RegistrationForm(request.POST)
         if form.is_valid():
-            # Save the user data.
-            form.save(form.cleaned_data)
+            u = User.objects.create_user(form.cleaned_data['username'],
+                                         form.cleaned_data['email'],
+                                         form.cleaned_data['password1'])
+            u.is_active = True
+            u.save()
             user = authenticate(username=form.cleaned_data['username'],
                                 password=form.cleaned_data['password1'])
 
@@ -116,9 +126,14 @@ def user_registration(request):
                 logger.debug(user)
                 if user.is_active:
                     login(request, user)
-                    return redirect('index')
+                    return HttpResponseRedirect(redirect_to)
     else:
         form = RegistrationForm()
 
-    return render_to_response('register.html', {'form': form}, context_instance=RequestContext(request))
+    context = {
+        'form': form,
+        'next': redirect_to,
+    }
+    return render_to_response('register.html', context,
+                              context_instance=RequestContext(request))
 
diff --git a/hyperkitty/views/forms.py b/hyperkitty/views/forms.py
index 3fe6e7e..c19ace4 100644
--- a/hyperkitty/views/forms.py
+++ b/hyperkitty/views/forms.py
@@ -25,6 +25,7 @@ from django.contrib.auth.models import User
 from django.utils.safestring import mark_safe
 
 
+
 def isValidUsername(username):
         try:
             User.objects.get(username=username)
@@ -33,27 +34,28 @@ def isValidUsername(username):
         raise validators.ValidationError('The username "%s" is already taken.' % username)
 
 
+
 class RegistrationForm(forms.Form):
 
-    username =  forms.CharField(label='username', help_text=None,
-                widget=forms.TextInput(
-                    attrs={'placeholder': 'username...'}
-                    ), required = True, validators=[isValidUsername]
-                )
+    username =  forms.CharField(widget=forms.TextInput, required=True,
+                                validators=[isValidUsername])
 
     email     = forms.EmailField(required=True)
 
-    password1 = forms.CharField(widget=forms.PasswordInput)
+    password1 = forms.CharField(widget=forms.PasswordInput,
+                                required=True, label="Password")
+
+    password2 = forms.CharField(widget=forms.PasswordInput,
+                                required=True, label="Confirm password")
 
-    password2 = forms.CharField(widget=forms.PasswordInput)
+    def clean(self):
+        cleaned_data = super(RegistrationForm, self).clean()
+        if cleaned_data.get("password1") != cleaned_data.get("password2"):
+            self._errors["password2"] = self.error_class(["Passwords do not match."])
+            del cleaned_data["password1"]
+            del cleaned_data["password2"]
+        return cleaned_data
 
-    def save(self, new_user_data):
-        u = User.objects.create_user(new_user_data['username'],
-                                     new_user_data['email'],
-                                     new_user_data['password1'])
-        u.is_active = True
-        u.save()
-        return u
 
 
 class TextInputWithButton(forms.TextInput):
@@ -74,6 +76,7 @@ class TextInputWithButton(forms.TextInput):
                         initial_rendering, button, u'</span>'])
 
 
+
 class AddTagForm(forms.Form):
     tag =  forms.CharField(label='', help_text=None,
                 widget=TextInputWithButton(
@@ -84,6 +87,8 @@ class AddTagForm(forms.Form):
                 )
     from_url = forms.CharField(widget=forms.HiddenInput, required=False)
 
+
+
 class SearchForm(forms.Form):
     target =  forms.CharField(label='', help_text=None,
                 widget=forms.Select(
@@ -101,6 +106,7 @@ class SearchForm(forms.Form):
                 )
 
 
+
 class ReplyForm(forms.Form):
     message = forms.CharField(widget=forms.Textarea, label="")