bgneal@500
|
1 """
|
bgneal@500
|
2 Views for the accounts application.
|
gremmie@1
|
3
|
bgneal@500
|
4 """
|
bgneal@679
|
5 import json
|
bgneal@74
|
6 import logging
|
bgneal@74
|
7
|
bgneal@659
|
8 from django.shortcuts import render
|
gremmie@1
|
9 from django.template import RequestContext
|
bgneal@500
|
10 from django.template.loader import render_to_string
|
bgneal@500
|
11 from django.http import HttpResponse, HttpResponseRedirect
|
gremmie@1
|
12 from django.core.urlresolvers import reverse
|
bgneal@6
|
13 from django.conf import settings
|
bgneal@500
|
14 from django.contrib.auth.forms import AuthenticationForm
|
bgneal@500
|
15 from django.contrib.auth import login
|
gremmie@1
|
16
|
gremmie@1
|
17 from accounts.models import PendingUser
|
bgneal@659
|
18 from accounts.forms import RegisterForm, ForgotUsernameForm
|
bgneal@347
|
19 from accounts import create_new_user
|
bgneal@690
|
20 from antispam.decorators import log_auth_failures
|
gremmie@1
|
21
|
gremmie@1
|
22
|
bgneal@690
|
23 logger = logging.getLogger('auth')
|
bgneal@690
|
24
|
gremmie@1
|
25 #######################################################################
|
gremmie@1
|
26
|
bgneal@690
|
27 @log_auth_failures('Register')
|
gremmie@1
|
28 def register(request):
|
bgneal@74
|
29 if request.user.is_authenticated():
|
bgneal@74
|
30 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
|
gremmie@1
|
31
|
bgneal@74
|
32 if request.method == 'POST':
|
bgneal@74
|
33 form = RegisterForm(request.POST, ip=request.META.get('REMOTE_ADDR', '?'))
|
bgneal@74
|
34 if form.is_valid():
|
bgneal@74
|
35 form.save()
|
bgneal@74
|
36 return HttpResponseRedirect(reverse('accounts.views.register_thanks'))
|
bgneal@74
|
37 else:
|
bgneal@74
|
38 form = RegisterForm()
|
gremmie@1
|
39
|
bgneal@659
|
40 return render(request, 'accounts/register.html', {'form': form})
|
gremmie@1
|
41
|
gremmie@1
|
42 #######################################################################
|
gremmie@1
|
43
|
gremmie@1
|
44 def register_thanks(request):
|
bgneal@74
|
45 if request.user.is_authenticated():
|
bgneal@74
|
46 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
|
gremmie@1
|
47
|
bgneal@659
|
48 return render(request, 'accounts/register_thanks.html')
|
gremmie@1
|
49
|
gremmie@1
|
50 #######################################################################
|
gremmie@1
|
51
|
gremmie@1
|
52 def register_confirm(request, username, key):
|
bgneal@74
|
53 if request.user.is_authenticated():
|
bgneal@74
|
54 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
|
bgneal@316
|
55
|
bgneal@74
|
56 # purge expired users
|
gremmie@1
|
57
|
bgneal@74
|
58 PendingUser.objects.purge_expired()
|
gremmie@1
|
59
|
bgneal@74
|
60 ip = request.META.get('REMOTE_ADDR', '?')
|
bgneal@74
|
61 try:
|
bgneal@74
|
62 pending_user = PendingUser.objects.get(username = username)
|
bgneal@74
|
63 except PendingUser.DoesNotExist:
|
bgneal@690
|
64 logger.error('Accounts register_confirm [%s]: user does not exist: %s', ip, username)
|
bgneal@659
|
65 return render(request,
|
bgneal@659
|
66 'accounts/register_failure.html',
|
bgneal@659
|
67 {'username': username})
|
gremmie@1
|
68
|
bgneal@74
|
69 if pending_user.key != key:
|
bgneal@690
|
70 logger.error('Accounts register_confirm [%s]: key error: %s', ip, username)
|
bgneal@659
|
71 return render(request,
|
bgneal@659
|
72 'accounts/register_failure.html',
|
bgneal@659
|
73 {'username': username})
|
gremmie@1
|
74
|
bgneal@347
|
75 create_new_user(pending_user, ip)
|
gremmie@1
|
76
|
bgneal@659
|
77 return render(request,
|
bgneal@659
|
78 'accounts/register_success.html',
|
bgneal@659
|
79 {'username': username})
|
bgneal@500
|
80
|
bgneal@500
|
81 #######################################################################
|
bgneal@500
|
82
|
bgneal@691
|
83 @log_auth_failures('Login')
|
bgneal@500
|
84 def login_ajax(request):
|
bgneal@500
|
85 """
|
bgneal@500
|
86 This view function handles a login via AJAX.
|
bgneal@500
|
87
|
bgneal@500
|
88 """
|
bgneal@500
|
89 if not request.is_ajax():
|
bgneal@500
|
90 return HttpResponseRedirect(reverse('accounts-login'))
|
bgneal@500
|
91
|
bgneal@500
|
92 response = {
|
bgneal@500
|
93 'success': False,
|
bgneal@500
|
94 'error': '',
|
bgneal@500
|
95 'navbar_html': ''
|
bgneal@500
|
96 }
|
bgneal@500
|
97
|
bgneal@500
|
98 if request.method == "POST":
|
bgneal@500
|
99 form = AuthenticationForm(data=request.POST)
|
bgneal@500
|
100 if form.is_valid():
|
bgneal@500
|
101 login(request, form.get_user())
|
bgneal@500
|
102 response['success'] = True
|
bgneal@500
|
103 response['navbar_html'] = render_to_string('navbar.html',
|
bgneal@500
|
104 {'user': request.user}, RequestContext(request))
|
bgneal@500
|
105 else:
|
bgneal@500
|
106 response['error'] = 'Invalid username or password'
|
bgneal@500
|
107
|
bgneal@679
|
108 return HttpResponse(json.dumps(response), content_type='application/json')
|
bgneal@659
|
109
|
bgneal@659
|
110 #######################################################################
|
bgneal@659
|
111
|
bgneal@659
|
112 def username_query(request):
|
bgneal@659
|
113 """This view handles forgotten username queries."""
|
bgneal@659
|
114 if request.user.is_authenticated():
|
bgneal@659
|
115 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
|
bgneal@659
|
116
|
bgneal@659
|
117 if request.method == 'POST':
|
bgneal@659
|
118 form = ForgotUsernameForm(data=request.POST)
|
bgneal@659
|
119 if form.is_valid():
|
bgneal@659
|
120 form.save()
|
bgneal@659
|
121 return HttpResponseRedirect(reverse('accounts-username_sent'))
|
bgneal@659
|
122 else:
|
bgneal@659
|
123 form = ForgotUsernameForm()
|
bgneal@659
|
124
|
bgneal@659
|
125 return render(request, 'accounts/username_query.html', {'form': form})
|