Commits

Anonymous committed 8ddbee3

Fixed #82 and #93: Reactivation of manually-deactivated accounts is now prevented by reset of the activation key; this brings the docs back into line with actual behavior.

Comments (0)

Files changed (1)

registration/models.py

         If the key is valid but the ``User`` is already active,
         returns ``False``.
         
+        To prevent reactivation of an account which has been
+        deactivated by site administrators, the activation key is
+        reset to the string ``ALREADY_ACTIVATED`` after successful
+        activation.
+        
         """
         # Make sure the key we're trying conforms to the pattern of a
         # SHA1 hash; if it doesn't, no point trying to look it up in
                 user = profile.user
                 user.is_active = True
                 user.save()
+                profile.activation_key = "ALREADY_ACTIVATED"
+                profile.save()
                 return user
         return False
     
         
         Returns ``True`` if the key has expired, ``False`` otherwise.
         
-        Key expiration is determined by the setting
-        ``ACCOUNT_ACTIVATION_DAYS``, which should be the number of
-        days a key should remain valid after an account is registered.
+        Key expiration is determined by a two-step process:
+        
+        1. If the user has already activated, the key will have been
+           reset to the string ``ALREADY_ACTIVATED``. Re-activating is
+           not permitted, and so this method returns ``True`` in this
+           case.
+
+        2. Otherwise, the date the user signed up is incremented by
+           the number of days specified in the setting
+           ``ACCOUNT_ACTIVATION_DAYS`` (which should be the number of
+           days after signup during which a user is allowed to
+           activate their account); if the result is less than or
+           equal to the current date, the key has expired and this
+           method returns ``True``.
         
         """
         expiration_date = datetime.timedelta(days=settings.ACCOUNT_ACTIVATION_DAYS)
-        return self.user.date_joined + expiration_date <= datetime.datetime.now()
+        return self.activation_key == "ALREADY_ACTIVATED" or \
+               (self.user.date_joined + expiration_date <= datetime.datetime.now())
     activation_key_expired.boolean = True
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.