Show page title in window title

manager/urls.py

@@ -17,6 +17,7 @@ urlpatterns = [
     path('wireless', views.wireless, name='wireless'),
     path('makedevice/', views.makedevice, name="makedevice"),
     path('makewifi/', views.makewifi, name='makewifi'),
+    path('makeuser/', views.makeuser, name='makeuser'),
     path('wifi/<int:wifi_id>/edit/', views.editwifi, name='editwifi'),
     path('wifi/<int:wifi_id>/delete/', views.deletewifi, name='deletewifi'),
     path('user/<int:user_id>/edit/', views.edituser, name='edituser'),

manager/views.py

@@ -11,6 +11,7 @@ from django.contrib.auth.decorators import login_required, user_passes_test
 from django.db.models.signals import post_save
 from django.dispatch import receiver
 from django.conf import settings
+from django.contrib.auth.forms import PasswordResetForm
 
 from .models import Device, Organization, Network, Model, Wifi, UserStatus
 from .signals import *
@@ -28,6 +29,7 @@ import crypt
 import tarfile
 import datetime
 import time
+import uuid
 
 def is_superuser(user):
     return user.is_superuser
@@ -260,56 +262,89 @@ def editdevice(request, device_id):
                }
            )
 
+@user_passes_test(is_superuser)
+def makeuser(request):
+    if request.POST.get("username", ""):
+       username = request.POST.get("username", "")
+       first = request.POST.get("firstname", "")
+       last = request.POST.get("lastname", "")
+       staff = request.POST.get("staff", "0") == "True"
+       suser = request.POST.get("superuser", "0") == "True"
+       orgas = set(request.POST.getlist("orga", []))
+       mail = request.POST.get("email", "")
+       user = User.objects.create_user(
+               username=username, 
+               password=str(uuid.uuid4().hex), 
+               first_name=first, 
+               last_name=last, 
+               is_staff=staff, 
+               is_superuser=suser, 
+               email=mail
+               )
+       user.organization_set.set(orgas)
+
+       form = PasswordResetForm({"email": user.email})
+
+       if form.is_valid():
+        form.save(
+            request=request,
+            use_https=True,
+            email_template_name='registration/password_reset_email.html')
+
+       return redirect("/users/")
+
+    else:
+       return render(request, "manager/adduser.html", {"title": "Add User"})
+
+
 @login_required
 def edituser(request, user_id):
    if request.user.is_staff or request.user.id == user_id:
-       user = None
-       orgas = Organization.objects.filter(users=request.user)
+       orgas = request.user.organization_set.all()
+       user = User.objects.distinct().get(id=user_id, organization__in=orgas)
 
-       for organization in orgas:
-           user = user or User.objects.filter(id=user_id, organization=organization)
        if not user:
            return redirect("/users/")
 
        if request.POST.get("form", ""):
            newfirst = request.POST.get("firstname", "")
            newlast = request.POST.get("lastname", "")
-           if newlast != user[0].last_name or newfirst != user[0].first_name:
-            sigRenameUser(user[0].username, request.user.username, "%s %s" % (user[0].first_name, user[0].last_name), "%s %s" % (newfirst, newlast))
-            user[0].first_name = request.POST.get("firstname", "")
-            user[0].last_name = request.POST.get("lastname", "")
+           if newlast != user.last_name or newfirst != user.first_name:
+            sigRenameUser(user.username, request.user.username, "%s %s" % (user.first_name, user.last_name), "%s %s" % (newfirst, newlast))
+            user.first_name = request.POST.get("firstname", "")
+            user.last_name = request.POST.get("lastname", "")
 
            if request.user.is_staff or request.user.is_superuser:
                newstaff = request.POST.get("staff", "0") == "True"
-               if newstaff != user[0].is_staff:
-                sigStaffUser(user[0].username, request.user.username, newstaff)
-                user[0].is_staff = newstaff
+               if newstaff != user.is_staff:
+                sigStaffUser(user.username, request.user.username, newstaff)
+                user.is_staff = newstaff
 
            if request.user.is_superuser:
                newsuper = request.POST.get("superuser", "0") == "True"
-               if newsuper != user[0].is_superuser:
-                sigSuperUser(user[0].username, request.user.username, newsuper)
-                user[0].is_superuser = newsuper
+               if newsuper != user.is_superuser:
+                sigSuperUser(user.username, request.user.username, newsuper)
+                user.is_superuser = newsuper
 
                neworgas = set(request.POST.getlist("orga", []))
-               oldorgas = set(user[0].organization_set.all())
+               oldorgas = set(user.organization_set.all())
                if neworgas != oldorgas:
-                   sigOrgaUser(user[0].username, request.user.username, oldorgas, neworgas)
-                   user[0].organization_set.set(neworgas)
+                   sigOrgaUser(user.username, request.user.username, oldorgas, neworgas)
+                   user.organization_set.set(neworgas)
 
            newmail = request.POST.get("email", "")
-           if newmail != user[0].email:
-            sigMailUser(user[0].username, request.user.username, user[0].email, newmail)
-            user[0].email = newmail
+           if newmail != user.email:
+            sigMailUser(user.username, request.user.username, user.email, newmail)
+            user.email = newmail
 
-           user[0].save()
+           user.save()
 
            return redirect("/users/")
 
        return render(request, "manager/edituser.html",
                {   
                    "title": "Edit User",
-                   "auser": user[0]
+                   "auser": user
                    }
                )
 

setup.sh

@@ -2,7 +2,7 @@
 
 sudo apt update
 sudo apt install -y python3-pip npm openvpn easy-rsa postfix rabbitmq-server
-sudo pip3 install -U django django-cron uwsgi celery django-celery-results django-two-factor-auth django-bootstrap-form twilio argon2_cffi GitPython
+sudo pip3 install -U django django-password-reset django-cron uwsgi celery django-celery-results django-two-factor-auth django-bootstrap-form twilio argon2_cffi GitPython
 sudo useradd vpn 
 git submodule init
 git submodule update

templates/base.html

@@ -8,7 +8,7 @@
     <meta name="description" content="">
     <meta name="author" content="">
 
-    <title>VPN360 Device Administration</title>
+    <title>{% if title %}{{ title }} – {% endif %}VPN360 Device Administration</title>
 
     {% load static %}
     {% load repo %}

templates/two_factor/core/login.html

@@ -77,6 +77,6 @@
     {% include "two_factor/_wizard_actions.html" %}
   </form>
  
-<p><a href="{% url 'password_reset' %}">Lost password?</a></p>
+<p><a href="{% url 'password_reset_recover' %}">Lost password?</a></p>
 
 {% endblock %}

vpnmanager/settings.py

@@ -28,6 +28,7 @@ INSTALLED_APPS = [
     'django_otp.plugins.otp_totp',
     'two_factor',
     'django_cron',
+    'password_reset',
     'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',

vpnmanager/urls.py

@@ -13,5 +13,6 @@ urlpatterns = [
     url(r'', include(tf_urls)),
     path('', include('manager.urls')),
     path('admin/', admin.site.urls),
-    path('accounts/', include('django.contrib.auth.urls'))
+    path('accounts/', include('django.contrib.auth.urls')),
+    url(r'', include('password_reset.urls'))
 ]