Mercurial > public > sg101

annotate accounts/views.py @ 661:15dbe0ccda95

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Prevent exceptions when viewing downloads in the admin when the file doesn't exist on the filesystem. This is usually seen in development but can also happen in production if the file is missing.
author Brian Neal <bgneal@gmail.com>
date Tue, 14 May 2013 21:02:47 -0500
parents 8e6b8ffe5f34
children 89b240fe9297
rev   line source
bgneal@500 1 """
bgneal@500 2 Views for the accounts application.
gremmie@1 3
bgneal@500 4 """
gremmie@1 5 import datetime
bgneal@74 6 import logging
bgneal@74 7
bgneal@659 8 from django.shortcuts import render
gremmie@1 9 from django.template import RequestContext
bgneal@500 10 from django.template.loader import render_to_string
bgneal@500 11 from django.http import HttpResponse, HttpResponseRedirect
gremmie@1 12 from django.core.urlresolvers import reverse
bgneal@6 13 from django.conf import settings
bgneal@500 14 from django.contrib.auth.forms import AuthenticationForm
bgneal@500 15 from django.contrib.auth import login
bgneal@500 16 from django.utils import simplejson
gremmie@1 17
gremmie@1 18 from accounts.models import PendingUser
bgneal@659 19 from accounts.forms import RegisterForm, ForgotUsernameForm
bgneal@347 20 from accounts import create_new_user
bgneal@472 21 from antispam.decorators import rate_limit
gremmie@1 22
gremmie@1 23
gremmie@1 24 #######################################################################
gremmie@1 25
bgneal@472 26 @rate_limit(count=10, interval=datetime.timedelta(minutes=1))
gremmie@1 27 def register(request):
bgneal@74 28 if request.user.is_authenticated():
bgneal@74 29 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 30
bgneal@74 31 if request.method == 'POST':
bgneal@74 32 form = RegisterForm(request.POST, ip=request.META.get('REMOTE_ADDR', '?'))
bgneal@74 33 if form.is_valid():
bgneal@74 34 form.save()
bgneal@74 35 return HttpResponseRedirect(reverse('accounts.views.register_thanks'))
bgneal@74 36 else:
bgneal@74 37 form = RegisterForm()
gremmie@1 38
bgneal@659 39 return render(request, 'accounts/register.html', {'form': form})
gremmie@1 40
gremmie@1 41 #######################################################################
gremmie@1 42
gremmie@1 43 def register_thanks(request):
bgneal@74 44 if request.user.is_authenticated():
bgneal@74 45 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 46
bgneal@659 47 return render(request, 'accounts/register_thanks.html')
gremmie@1 48
gremmie@1 49 #######################################################################
gremmie@1 50
gremmie@1 51 def register_confirm(request, username, key):
bgneal@74 52 if request.user.is_authenticated():
bgneal@74 53 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
bgneal@316 54
bgneal@74 55 # purge expired users
gremmie@1 56
bgneal@74 57 PendingUser.objects.purge_expired()
gremmie@1 58
bgneal@74 59 ip = request.META.get('REMOTE_ADDR', '?')
bgneal@74 60 try:
bgneal@74 61 pending_user = PendingUser.objects.get(username = username)
bgneal@74 62 except PendingUser.DoesNotExist:
bgneal@316 63 logging.error('Accounts register_confirm [%s]: user does not exist: %s', ip, username)
bgneal@659 64 return render(request,
bgneal@659 65 'accounts/register_failure.html',
bgneal@659 66 {'username': username})
gremmie@1 67
bgneal@74 68 if pending_user.key != key:
bgneal@316 69 logging.error('Accounts register_confirm [%s]: key error: %s', ip, username)
bgneal@659 70 return render(request,
bgneal@659 71 'accounts/register_failure.html',
bgneal@659 72 {'username': username})
gremmie@1 73
bgneal@347 74 create_new_user(pending_user, ip)
gremmie@1 75
bgneal@659 76 return render(request,
bgneal@659 77 'accounts/register_success.html',
bgneal@659 78 {'username': username})
bgneal@500 79
bgneal@500 80 #######################################################################
bgneal@500 81
bgneal@503 82 @rate_limit(count=10, interval=datetime.timedelta(minutes=1),
bgneal@503 83 lockout=datetime.timedelta(minutes=2))
bgneal@500 84 def login_ajax(request):
bgneal@500 85 """
bgneal@500 86 This view function handles a login via AJAX.
bgneal@500 87
bgneal@500 88 """
bgneal@500 89 if not request.is_ajax():
bgneal@500 90 return HttpResponseRedirect(reverse('accounts-login'))
bgneal@500 91
bgneal@500 92 response = {
bgneal@500 93 'success': False,
bgneal@500 94 'error': '',
bgneal@500 95 'navbar_html': ''
bgneal@500 96 }
bgneal@500 97
bgneal@500 98 if request.method == "POST":
bgneal@500 99 form = AuthenticationForm(data=request.POST)
bgneal@500 100 if form.is_valid():
bgneal@500 101 login(request, form.get_user())
bgneal@500 102 response['success'] = True
bgneal@500 103 response['navbar_html'] = render_to_string('navbar.html',
bgneal@500 104 {'user': request.user}, RequestContext(request))
bgneal@500 105 else:
bgneal@500 106 response['error'] = 'Invalid username or password'
bgneal@500 107
bgneal@500 108 return HttpResponse(simplejson.dumps(response),
bgneal@500 109 content_type='application/json')
bgneal@659 110
bgneal@659 111 #######################################################################
bgneal@659 112
bgneal@659 113 def username_query(request):
bgneal@659 114 """This view handles forgotten username queries."""
bgneal@659 115 if request.user.is_authenticated():
bgneal@659 116 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
bgneal@659 117
bgneal@659 118 if request.method == 'POST':
bgneal@659 119 form = ForgotUsernameForm(data=request.POST)
bgneal@659 120 if form.is_valid():
bgneal@659 121 form.save()
bgneal@659 122 return HttpResponseRedirect(reverse('accounts-username_sent'))
bgneal@659 123 else:
bgneal@659 124 form = ForgotUsernameForm()
bgneal@659 125
bgneal@659 126 return render(request, 'accounts/username_query.html', {'form': form})