I made small shop using Prestashop 1.6. And I need to simplify a guest checkout.
Need to remove required email from guest checkout but leave it for an account registration.
Any ideas?
You can do this from : /controllers/front/AuthController.php and remove the selected code in pic, That's all
Code Picture
Line 273, code is :
if (empty($email)) {
$this->errors[] = Tools::displayError('An email address required.');
}
Related
So, I have been able to connect social accounts (fb or google) to be connected to the local email account if already exists.
However, I also want the reverse functionality, i.e. I would like to allow user to sign up even if the (google or FB) social account exists. Currently it says:
{ A user is already registered with this email address }
I am using django-all-auth and django-rest-auth with Django 2.1
Yes, you can do that. You should be able to modify the password reset endpoint provided by django-rest-auth to set a password and then be able to login:
from django.contrib.auth import get_user_model
from django.contrib.auth.forms import PasswordResetForm as DjangoPasswordResetForm
from rest_auth.serializers import (
PasswordResetSerializer as RestAuthPasswordResetSerializer
)
from rest_auth.views import PasswordResetView as RestAuthPasswordResetView
UserModel = get_user_model()
class PasswordResetForm(DjangoPasswordResetForm):
def get_users(self, email):
"""
Given an email, return matching user(s) who should receive a reset.
"""
active_users = UserModel._default_manager.filter(**{
'%s__iexact' % UserModel.get_email_field_name(): email,
'is_active': True,
})
return iter(active_users)
# or (u for u in active_users if not u.has_usable_password())
class PasswordResetSerializer(RestAuthPasswordResetSerializer):
password_reset_form_class = PasswordResetForm
class PasswordResetView(RestAuthPasswordResetView):
serializer_class = PasswordResetSerializer
You can add this view to your urls.py as general endpoint to reset passwords (remember to place it in front of the rest_auths' URLs) or as an additional endpoint to set passwords (see the commented line). Then you can add a note to your signup page that links to your page that serves your new endpoint.
As an alternative, you could also add a field to your user settings page where users can set a password.
You could also send an e-mail with a link via send_confirmation to set a password when a user tries to sign up and the e-mail exists already (or only in case this user has a social account). If you like I could add an example here how to do that.
We've been using django-allauth for quite some time now in production. We can enable account email verification which works great. But we now have a REST api that allows users to register through the API and the workflow doesn't go through django-allauth. Is it possible to manually invoke the django-allauth email verification feature or do we need to use a custom solution?
I'll just post my answer here as I've been searching for adding email verification with Django Built-in Authentication (And using a Custom Auth Model), I used the method mentioned by Marcus, I'll just add all the other stuff around it for anyone who wants to do the same.
First: Install django-allauth as described here
Second: Add your email configurations in the settings.py file :
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.gmail.com' #I used gmail in my case
EMAIL_HOST_USER = <Your Email>
EMAIL_HOST_PASSWORD = <Your Password>
EMAIL_PORT = 587
DEFAULT_FROM_EMAIL = <Default Sender name and email>
Third: Add configurations for verification and default login url, you'll find the documentation of all config parameters here, note that in my example I'm using a custom user model as mentioned, that's why I'm setting ACCOUNT_EMAIL_REQUIRED to True & ACCOUNT_USER_MODEL_USERNAME_FIELD and ACCOUNT_USERNAME_REQUIRED to False, also the LOGIN_URL,ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL andLOGIN_REDIRECT_URL parameters are used after the user clicks on the confirmation link sent by email to him
ACCOUNT_EMAIL_VERIFICATION='mandatory'
ACCOUNT_CONFIRM_EMAIL_ON_GET=True
ACCOUNT_EMAIL_REQUIRED=True
ACCOUNT_USER_MODEL_USERNAME_FIELD = None
ACCOUNT_USERNAME_REQUIRED = False
ACCOUNT_AUTHENTICATION_METHOD = 'email'
LOGIN_URL='app:login_user'
LOGIN_REDIRECT_URL='app:login_user'
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL='app:login_user'
Fourth: After your signup form, save the user instance with is_active parameter set to False, then call the method:
from allauth.account.utils import *
send_email_confirmation(request, user, True)
Finally: Receive the signal after the user confirms his email, and set is_active to True
from allauth.account.signals import email_confirmed
from django.dispatch import receiver
# Signal sent to activate user upon confirmation
#receiver(email_confirmed)
def email_confirmed_(request, email_address, **kwargs):
user = MyUser.objects.get(email=email_address.email)
user.is_active = True
user.save()
Finally, you would want to change the default site name from Django Admin as it will be included in the email sent.
I had the same problem, and the solution I've found was to call the original send_email_confirmation method from allauth. I am using DRF3 for my API.
from allauth.account.utils import send_email_confirmation
...
def some_view(request):
user = ...
...
#using request._request to avoid TypeError on change made in DRF3 (from HTTPRequest to Request object)
send_email_confirmation(request._request, user)
...
I hope this helps you.
Use Case : A single user with “single user name” should be able to use data available in different tenant without relogin.
Expected Flow :
User “A” login into tenant 1
He done some activity and able to access all tenant 1 data
He clicks on the “switch tenant” link and after that he should be able to access all data related to Tenant 2
Environment :
Grails v2.1
spring-security-core v1.2.7.3
multi-tenant-single-db v0.8.3
I am using following auto generated class
SpringSecurityTenantRepository
SpringSecurityTenantResolver
I used following code in controller but it did not work.
def switchedTenentId = params.switchedTenentId
if(switchedTenentId != null && !"".equals(switchedTenentId))
{
def currUser = springSecurityService.currentUser
springSecurityService.currentUser.userTenantId = new Long(switchedTenentId)
}
I googled but did not find any solution. I like to know the logic, solution or any sample code.
Thanks
Here is what I did:
User u = User.get(springSecurityService.currentUser.id)
u.userTenantId = params.switchedTenentId.toInteger()
u.save flush: true
springSecurityService.reauthenticate u.username
It worked like a charm.
First of all, a kind user named "leppie" tried to help me but I couldn't get the answer I am looking for and it's kind of an urgent matter.
I run a windows service in Windows 7 with LocalSystem account (Since this win service will be installed many computers remotely and silently, I guess I need to use LocalSystem in ServiceInstaller.Designer.cs by the code below:
this.ProcessInstaller.Account = System.ServiceProcess.ServiceAccount.LocalSystem;
this.ProcessInstaller.Password = null;
this.ProcessInstaller.Username = null;
When I run this windows service the code below cannot get the currently logged in user's credentials (the users do not have admin privileges, not even myself).
using (DirectoryEntry de = new DirectoryEntry("LDAP://MyDomainName"))
{
using (DirectorySearcher adSearch = new DirectorySearcher(de))
{
adSearch.Filter = "(sAMAccountName=" + Environment.UserName + ")";
SearchResult adSearchResult = adSearch.FindOne();
UserInternalEmail = GetProperty(adSearchResult, "mail");
}
}
I have been suggested to run the WinService under a AD/LDAP/domain account, but which user could this be?
this.ProcessInstaller.Account = System.ServiceProcess.ServiceAccount.<User ? LocalService ? NetworkService>;
this.ProcessInstaller.Password = "adminpassword";
this.ProcessInstaller.Username = "adminusername";
I mean, lets say an ABC user is an admin and lets say I knew the password and username of this ABC admin, but when this admin changes the password, I think this will effect my winservice which will be running on 70 computers.
Is there a way to retrieve the user credentials on active directory? I would be really appreciated if you provide me some code samples..
Thank you very very much,
The problem is that Environment.UserName will always return the username of the service account under which the service is running, not the user logged into the machine.
See this question for information on how to get the names of users logged into the workstation. Keep in mind that Windows will allow multiple users to be logged in at the same time.
I had used the symfony admin generator to create an web application for athletes management. One of the last client's requirement was to add a feature to notice the user and send an e-mail to the administrators when an athlete with the same number is inserted on the database. Until now, the column number of the Athlete table had a unique constraint but the client desires that the athlete can by inserted anyway.
To accomplish that, I was trying to extend the the edit / new actions in order to implement the client requirements.
Here is the code:
public function executeEdit(sfWebRequest $request)
{
$user = $this->getUser();
if(! $user->hasCredential('admin'))
{
$clube_id = $user->getAttribute('id');
$atleta_id = $request->getParameter('id');
$atleta = Doctrine::getTable('Atleta')->find($atleta_id);
if($clube_id != $atleta->clube_id)
$this->forward404();
}
if($request->get('post'))
{
// check if the inserted athlete BI already exists; if so, display a message to the user and send an email to the system admins
$atleta_id = $request->getParameter('id');
$atletaBIExiste = Doctrine::getTable('Atleta')->findDuplicateAthleteBI($atleta_id);
if($atletaBIExiste)
{
// display a notice message to the user
$this->getUser()->setFlash('error', 'Athlete already exists');
// send an email to the system administrator
}
}
return parent::executeEdit($request);
}
Here is my problem: when I execute the edit action, I only want to check for a duplicate athlete number when the HTTP is POST but it seems that never is. I had already sent some exceptions to the output to verify which type is HTTP Request and it seems it is always GET.
The problem you will be having is that when you hit save on the Edit page the information isn't posted to the edit action, it is posted to an action called update.
Have a look at the actions.class.php file in the cache and you will see it.