annotate accounts/views.py @ 672:69e8aa135c2e

For issue #34, make social media share buttons more privacy concious.
author Brian Neal <bgneal@gmail.com>
date Sun, 26 May 2013 13:29:44 -0500
parents 8e6b8ffe5f34
children 89b240fe9297
rev   line source
bgneal@500 1 """
bgneal@500 2 Views for the accounts application.
gremmie@1 3
bgneal@500 4 """
gremmie@1 5 import datetime
bgneal@74 6 import logging
bgneal@74 7
bgneal@659 8 from django.shortcuts import render
gremmie@1 9 from django.template import RequestContext
bgneal@500 10 from django.template.loader import render_to_string
bgneal@500 11 from django.http import HttpResponse, HttpResponseRedirect
gremmie@1 12 from django.core.urlresolvers import reverse
bgneal@6 13 from django.conf import settings
bgneal@500 14 from django.contrib.auth.forms import AuthenticationForm
bgneal@500 15 from django.contrib.auth import login
bgneal@500 16 from django.utils import simplejson
gremmie@1 17
gremmie@1 18 from accounts.models import PendingUser
bgneal@659 19 from accounts.forms import RegisterForm, ForgotUsernameForm
bgneal@347 20 from accounts import create_new_user
bgneal@472 21 from antispam.decorators import rate_limit
gremmie@1 22
gremmie@1 23
gremmie@1 24 #######################################################################
gremmie@1 25
bgneal@472 26 @rate_limit(count=10, interval=datetime.timedelta(minutes=1))
gremmie@1 27 def register(request):
bgneal@74 28 if request.user.is_authenticated():
bgneal@74 29 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 30
bgneal@74 31 if request.method == 'POST':
bgneal@74 32 form = RegisterForm(request.POST, ip=request.META.get('REMOTE_ADDR', '?'))
bgneal@74 33 if form.is_valid():
bgneal@74 34 form.save()
bgneal@74 35 return HttpResponseRedirect(reverse('accounts.views.register_thanks'))
bgneal@74 36 else:
bgneal@74 37 form = RegisterForm()
gremmie@1 38
bgneal@659 39 return render(request, 'accounts/register.html', {'form': form})
gremmie@1 40
gremmie@1 41 #######################################################################
gremmie@1 42
gremmie@1 43 def register_thanks(request):
bgneal@74 44 if request.user.is_authenticated():
bgneal@74 45 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 46
bgneal@659 47 return render(request, 'accounts/register_thanks.html')
gremmie@1 48
gremmie@1 49 #######################################################################
gremmie@1 50
gremmie@1 51 def register_confirm(request, username, key):
bgneal@74 52 if request.user.is_authenticated():
bgneal@74 53 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
bgneal@316 54
bgneal@74 55 # purge expired users
gremmie@1 56
bgneal@74 57 PendingUser.objects.purge_expired()
gremmie@1 58
bgneal@74 59 ip = request.META.get('REMOTE_ADDR', '?')
bgneal@74 60 try:
bgneal@74 61 pending_user = PendingUser.objects.get(username = username)
bgneal@74 62 except PendingUser.DoesNotExist:
bgneal@316 63 logging.error('Accounts register_confirm [%s]: user does not exist: %s', ip, username)
bgneal@659 64 return render(request,
bgneal@659 65 'accounts/register_failure.html',
bgneal@659 66 {'username': username})
gremmie@1 67
bgneal@74 68 if pending_user.key != key:
bgneal@316 69 logging.error('Accounts register_confirm [%s]: key error: %s', ip, username)
bgneal@659 70 return render(request,
bgneal@659 71 'accounts/register_failure.html',
bgneal@659 72 {'username': username})
gremmie@1 73
bgneal@347 74 create_new_user(pending_user, ip)
gremmie@1 75
bgneal@659 76 return render(request,
bgneal@659 77 'accounts/register_success.html',
bgneal@659 78 {'username': username})
bgneal@500 79
bgneal@500 80 #######################################################################
bgneal@500 81
bgneal@503 82 @rate_limit(count=10, interval=datetime.timedelta(minutes=1),
bgneal@503 83 lockout=datetime.timedelta(minutes=2))
bgneal@500 84 def login_ajax(request):
bgneal@500 85 """
bgneal@500 86 This view function handles a login via AJAX.
bgneal@500 87
bgneal@500 88 """
bgneal@500 89 if not request.is_ajax():
bgneal@500 90 return HttpResponseRedirect(reverse('accounts-login'))
bgneal@500 91
bgneal@500 92 response = {
bgneal@500 93 'success': False,
bgneal@500 94 'error': '',
bgneal@500 95 'navbar_html': ''
bgneal@500 96 }
bgneal@500 97
bgneal@500 98 if request.method == "POST":
bgneal@500 99 form = AuthenticationForm(data=request.POST)
bgneal@500 100 if form.is_valid():
bgneal@500 101 login(request, form.get_user())
bgneal@500 102 response['success'] = True
bgneal@500 103 response['navbar_html'] = render_to_string('navbar.html',
bgneal@500 104 {'user': request.user}, RequestContext(request))
bgneal@500 105 else:
bgneal@500 106 response['error'] = 'Invalid username or password'
bgneal@500 107
bgneal@500 108 return HttpResponse(simplejson.dumps(response),
bgneal@500 109 content_type='application/json')
bgneal@659 110
bgneal@659 111 #######################################################################
bgneal@659 112
bgneal@659 113 def username_query(request):
bgneal@659 114 """This view handles forgotten username queries."""
bgneal@659 115 if request.user.is_authenticated():
bgneal@659 116 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
bgneal@659 117
bgneal@659 118 if request.method == 'POST':
bgneal@659 119 form = ForgotUsernameForm(data=request.POST)
bgneal@659 120 if form.is_valid():
bgneal@659 121 form.save()
bgneal@659 122 return HttpResponseRedirect(reverse('accounts-username_sent'))
bgneal@659 123 else:
bgneal@659 124 form = ForgotUsernameForm()
bgneal@659 125
bgneal@659 126 return render(request, 'accounts/username_query.html', {'form': form})