From e5913055bdb5c08a410980bbf50a313a6db231e6 Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Fri, 16 Mar 2018 15:18:51 -0500
Subject: [PATCH] updating lvem password management page

---
 .../templates/profile/manage_password.html    | 22 ++++++++++++-------
 gracedb/userprofile/views.py                  | 18 +++++++++++++++
 2 files changed, 32 insertions(+), 8 deletions(-)

diff --git a/gracedb/templates/profile/manage_password.html b/gracedb/templates/profile/manage_password.html
index 0f920281e..fb62b6fa2 100644
--- a/gracedb/templates/profile/manage_password.html
+++ b/gracedb/templates/profile/manage_password.html
@@ -6,24 +6,30 @@
 
 {% block content %}
 
-<p> Passwords generated here are intended only for scripted access to GraceDB by LV-EM users. Your password allows access to the <a href={% url "basic:api-root" %}>REST API</a>. </p>
+<p>Passwords generated here are intended only for scripted access to GraceDB by LV-EM users. Your password allows access to the <a href={% url "basic:api-root" %}>REST API</a>.</p>
 
-<p> Your username is: <span style="color: red"> {{ username }} </span> </p>
+<p> Your username is: <b>{{ username }}</b></p>
+{% if has_password %}
+    {% if password %}
+    <p>Your password is: <b>{{ password }}</b></p>
+    {% endif %}
+
+    {% if expired %}
+    <p>Your password has <b>expired</b>. Please generate a new one by clicking the button below.</p>
+    {% else %}
+    <p>Your password expires in <b>{{ expiration_days }} days.</b></p>
+    {% endif %}
 
-{% if password %}
-<p>Your password is: <span style="color: red">{{ password }}</span></p>
 {% else %}
 <p>You do not currently have a password set.</p>
 {% endif %}
 
-<br/>
-
-<p> Press the button here to get a new password (or change your existing one): </p>
+<p>Press the button here to get a new password (or change your existing one):</p>
 
 <form action={% url "userprofile-manage-password" %} method="post">
     <input type="submit" value="Get me a password!">
 </form>
 
-<p><b>Note:</b>Clicking this button has the effect of changing your password, and any old passwords will no longer work. Also, passwords will expire after one year.</p>
+<p><b>Note:</b> clicking this button has the effect of changing your password, and any old passwords will no longer work. Also, passwords will expire after one year.</p>
 
 {% endblock %}
diff --git a/gracedb/userprofile/views.py b/gracedb/userprofile/views.py
index 92c18abdf..74888dcbf 100644
--- a/gracedb/userprofile/views.py
+++ b/gracedb/userprofile/views.py
@@ -38,13 +38,31 @@ def index(request):
 
 @lvem_user_required
 def managePassword(request):
+    # Set up context dictionary
     d = { 'username': request.user.username }
+
     if request.method == "POST":
         password = User.objects.make_random_password(length=20)
         d['password'] = password
         request.user.set_password(password)
         request.user.date_joined = timezone.now()
         request.user.save()
+
+    if request.user.has_usable_password():
+        d['has_password'] = True
+        # Check if password is expired
+        # NOTE: This is super hacky because we are using date_joined to store
+        # the date when the password was set.
+        password_expiry = request.user.date_joined + \
+            settings.PASSWORD_EXPIRATION_TIME - timezone.now()
+        if (password_expiry.total_seconds() < 0):
+            d['expired'] = True
+        else:
+            d['expired'] = False
+            d['expiration_days'] = password_expiry.days
+    else:
+        d['has_password'] = False
+
     return render(request, 'profile/manage_password.html', context=d)
 
 @internal_user_required
-- 
GitLab