From 04997457720362bb56f48968adcf68cfbf9f0a66 Mon Sep 17 00:00:00 2001
From: vabene1111 <vabene1234@googlemail.com>
Date: Tue, 13 Feb 2024 10:56:43 +0100
Subject: [PATCH] added captcha option to password reset form

---
 cookbook/forms.py                             | 16 +++++++++--
 .../templates/account/password_reset.html     |  9 +++++++
 .../account/password_reset_done.html          | 27 ++++++++++++++++---
 recipes/settings.py                           |  8 ++++--
 4 files changed, 53 insertions(+), 7 deletions(-)

diff --git a/cookbook/forms.py b/cookbook/forms.py
index 4226af9c..a1aa4b22 100644
--- a/cookbook/forms.py
+++ b/cookbook/forms.py
@@ -1,5 +1,6 @@
 from datetime import datetime
 
+from allauth.account.forms import ResetPasswordForm, SignupForm
 from django import forms
 from django.conf import settings
 from django.core.exceptions import ValidationError
@@ -9,6 +10,8 @@ from django_scopes import scopes_disabled
 from django_scopes.forms import SafeModelChoiceField, SafeModelMultipleChoiceField
 from hcaptcha.fields import hCaptchaField
 
+
+
 from .models import (Comment, Food, InviteLink, Keyword, Recipe, RecipeBook, RecipeBookEntry,
                      SearchPreference, Space, Storage, Sync, User, UserPreference)
 
@@ -313,12 +316,12 @@ class SpaceJoinForm(forms.Form):
     token = forms.CharField()
 
 
-class AllAuthSignupForm(forms.Form):
+class AllAuthSignupForm(SignupForm):
     captcha = hCaptchaField()
     terms = forms.BooleanField(label=_('Accept Terms and Privacy'))
 
     def __init__(self, **kwargs):
-        super(AllAuthSignupForm, self).__init__(**kwargs)
+        super().__init__(**kwargs)
         if settings.PRIVACY_URL == '' and settings.TERMS_URL == '':
             self.fields.pop('terms')
         if settings.HCAPTCHA_SECRET == '':
@@ -328,6 +331,15 @@ class AllAuthSignupForm(forms.Form):
         pass
 
 
+class CustomPasswordResetForm(ResetPasswordForm):
+    captcha = hCaptchaField()
+
+    def __init__(self, **kwargs):
+        super(CustomPasswordResetForm, self).__init__(**kwargs)
+        if settings.HCAPTCHA_SECRET == '':
+            self.fields.pop('captcha')
+
+
 class UserCreateForm(forms.Form):
     name = forms.CharField(label='Username')
     password = forms.CharField(
diff --git a/cookbook/templates/account/password_reset.html b/cookbook/templates/account/password_reset.html
index 60cfd702..7337440a 100644
--- a/cookbook/templates/account/password_reset.html
+++ b/cookbook/templates/account/password_reset.html
@@ -34,5 +34,14 @@
         </div>
     </div>
 
+    <div class="row mt-3">
+        <div class="col-sm-12 col-lg-6 col-md-6 offset-lg-3 offset-md-3 text-center">
+            <a href="{% url 'account_login' %}">{% trans "Sign In" %}</a>
+            {% if SIGNUP_ENABLED %}
+                - <a href="{% url 'account_signup' %}">{% trans "Sign Up" %}</a>
+            {% endif %}
+        </div>
+    </div>
+
 
 {% endblock %}
\ No newline at end of file
diff --git a/cookbook/templates/account/password_reset_done.html b/cookbook/templates/account/password_reset_done.html
index b756e8ab..aca75783 100644
--- a/cookbook/templates/account/password_reset_done.html
+++ b/cookbook/templates/account/password_reset_done.html
@@ -7,11 +7,32 @@
 {% block title %}{% trans "Password Reset" %}{% endblock %}
 
 {% block content %}
-    <h3>{% trans "Password Reset" %}</h3>
+
 
     {% if user.is_authenticated %}
-    {% include "account/snippets/already_logged_in.html" %}
+        {% include "account/snippets/already_logged_in.html" %}
     {% endif %}
 
-    <p>{% blocktrans %}We have sent you an e-mail. Please contact us if you do not receive it within a few minutes.{% endblocktrans %}</p>
+    <div class="row">
+        <div class="col-12" style="text-align: center">
+            <h3>{% trans "Password Reset" %}</h3>
+        </div>
+    </div>
+
+    <div class="row">
+        <div class="col-sm-12 col-lg-6 col-md-6 offset-lg-3 offset-md-3">
+            <hr>
+            <p>{% blocktrans %}We have sent you an e-mail. Please contact us if you do not receive it within a few minutes.{% endblocktrans %}</p>
+        </div>
+    </div>
+
+    <div class="row mt-3">
+        <div class="col-sm-12 col-lg-6 col-md-6 offset-lg-3 offset-md-3 text-center">
+            <a href="{% url 'account_login' %}">{% trans "Sign In" %}</a>
+            {% if SIGNUP_ENABLED %}
+                - <a href="{% url 'account_signup' %}">{% trans "Sign Up" %}</a>
+            {% endif %}
+        </div>
+    </div>
+
 {% endblock %}
\ No newline at end of file
diff --git a/recipes/settings.py b/recipes/settings.py
index e4757ef8..b8bf3557 100644
--- a/recipes/settings.py
+++ b/recipes/settings.py
@@ -98,8 +98,6 @@ FDC_API_KEY = os.getenv('FDC_API_KEY', 'DEMO_KEY')
 SHARING_ABUSE = bool(int(os.getenv('SHARING_ABUSE', False)))
 SHARING_LIMIT = int(os.getenv('SHARING_LIMIT', 0))
 
-ACCOUNT_SIGNUP_FORM_CLASS = 'cookbook.forms.AllAuthSignupForm'
-
 DRF_THROTTLE_RECIPE_URL_IMPORT = os.getenv('DRF_THROTTLE_RECIPE_URL_IMPORT', '60/hour')
 
 TERMS_URL = os.getenv('TERMS_URL', '')
@@ -556,6 +554,12 @@ DEFAULT_FROM_EMAIL = os.getenv('DEFAULT_FROM_EMAIL', 'webmaster@localhost')
 ACCOUNT_EMAIL_SUBJECT_PREFIX = os.getenv(
     'ACCOUNT_EMAIL_SUBJECT_PREFIX', '[Tandoor Recipes] ')  # allauth sender prefix
 
+# ACCOUNT_SIGNUP_FORM_CLASS = 'cookbook.forms.AllAuthSignupForm'
+ACCOUNT_FORMS = {
+    'signup': 'cookbook.forms.AllAuthSignupForm',
+    'reset_password': 'cookbook.forms.CustomPasswordResetForm'
+}
+
 ACCOUNT_EMAIL_UNKNOWN_ACCOUNTS = False
 ACCOUNT_RATE_LIMITS = {
     "change_password": "1/m/user",