Change password in db only if password change in ldap is successfull

2019-12-18 12:52:46 +05:00 · 2019-12-18 12:52:46 +05:00 · 75b08cfbf8
parent a8149edba5
commit 75b08cfbf8
2 changed files with 17 additions and 14 deletions
--- a/hosting/views.py
+++ b/hosting/views.py
@ -399,23 +399,27 @@ class PasswordResetConfirmView(HostingContextMixin,
                ldap_manager = LdapManager()
                new_password = form.cleaned_data['new_password2']

+                # Make sure the user have an ldap account already
                user.create_ldap_account(new_password)
-                user.set_password(new_password)
-                user.save()

-                ldap_manager.change_password(user.username, new_password)
-                messages.success(request, _('Password has been reset.'))
+                # We are changing password in ldap before changing in database because
+                # ldap have more chances of failure than local database
+                if ldap_manager.change_password(user.username, new_password):
+                    user.set_password(new_password)
+                    user.save()

-                # Change opennebula password
-                opennebula_client.change_user_password(user.password)
+                    messages.success(request, _('Password has been reset.'))

-                return self.form_valid(form)
-            else:
-                messages.error(
-                    request, _('Password reset has not been successful.'))
-                form.add_error(None,
-                               _('Password reset has not been successful.'))
-                return self.form_invalid(form)
+                    # Change opennebula password
+                    opennebula_client.change_user_password(user.password)
+
+                    return self.form_valid(form)
+
+            messages.error(
+                request, _('Password reset has not been successful.'))
+            form.add_error(None,
+                           _('Password reset has not been successful.'))
+            return self.form_invalid(form)

        else:
            error_msg = _('The reset password link is no longer valid.')
--- a/membership/models.py
+++ b/membership/models.py
@ -74,7 +74,6 @@ def get_validation_slug():

 def get_first_and_last_name(full_name):
    first_name, *last_name = full_name.split(" ")
-    first_name = first_name
    last_name = " ".join(last_name)
    return first_name, last_name