Mercurial > public > sg101

annotate gpp/accounts/views.py @ 505:a5d11471d031

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Refactor the logic in the rate limiter decorator. Check to see if the request was ajax, as the ajax view always returns 200. Have to decode the JSON response to see if an error occurred or not.
author Brian Neal <bgneal@gmail.com>
date Sat, 03 Dec 2011 19:13:38 +0000
parents 2c2df8545112
children
rev   line source
bgneal@500 1 """
bgneal@500 2 Views for the accounts application.
gremmie@1 3
bgneal@500 4 """
gremmie@1 5 import datetime
bgneal@74 6 import logging
bgneal@74 7
gremmie@1 8 from django.shortcuts import render_to_response
gremmie@1 9 from django.template import RequestContext
bgneal@500 10 from django.template.loader import render_to_string
bgneal@259 11 from django.contrib.auth.models import User
bgneal@500 12 from django.http import HttpResponse, HttpResponseRedirect
gremmie@1 13 from django.core.urlresolvers import reverse
bgneal@6 14 from django.conf import settings
bgneal@500 15 from django.contrib.auth.forms import AuthenticationForm
bgneal@500 16 from django.contrib.auth import login
bgneal@500 17 from django.utils import simplejson
gremmie@1 18
gremmie@1 19 from accounts.models import PendingUser
gremmie@1 20 from accounts.forms import RegisterForm
bgneal@347 21 from accounts import create_new_user
bgneal@472 22 from antispam.decorators import rate_limit
gremmie@1 23
gremmie@1 24
gremmie@1 25 #######################################################################
gremmie@1 26
bgneal@472 27 @rate_limit(count=10, interval=datetime.timedelta(minutes=1))
gremmie@1 28 def register(request):
bgneal@74 29 if request.user.is_authenticated():
bgneal@74 30 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 31
bgneal@74 32 if request.method == 'POST':
bgneal@74 33 form = RegisterForm(request.POST, ip=request.META.get('REMOTE_ADDR', '?'))
bgneal@74 34 if form.is_valid():
bgneal@74 35 form.save()
bgneal@74 36 return HttpResponseRedirect(reverse('accounts.views.register_thanks'))
bgneal@74 37 else:
bgneal@74 38 form = RegisterForm()
gremmie@1 39
bgneal@74 40 return render_to_response('accounts/register.html', {
bgneal@74 41 'form': form,
bgneal@74 42 },
bgneal@74 43 context_instance = RequestContext(request))
gremmie@1 44
gremmie@1 45 #######################################################################
gremmie@1 46
gremmie@1 47 def register_thanks(request):
bgneal@74 48 if request.user.is_authenticated():
bgneal@74 49 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
gremmie@1 50
bgneal@74 51 return render_to_response('accounts/register_thanks.html',
bgneal@74 52 context_instance = RequestContext(request))
gremmie@1 53
gremmie@1 54 #######################################################################
gremmie@1 55
gremmie@1 56 def register_confirm(request, username, key):
bgneal@74 57 if request.user.is_authenticated():
bgneal@74 58 return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
bgneal@316 59
bgneal@74 60 # purge expired users
gremmie@1 61
bgneal@74 62 PendingUser.objects.purge_expired()
gremmie@1 63
bgneal@74 64 ip = request.META.get('REMOTE_ADDR', '?')
bgneal@74 65 try:
bgneal@74 66 pending_user = PendingUser.objects.get(username = username)
bgneal@74 67 except PendingUser.DoesNotExist:
bgneal@316 68 logging.error('Accounts register_confirm [%s]: user does not exist: %s', ip, username)
bgneal@74 69 return render_to_response('accounts/register_failure.html', {
bgneal@74 70 'username': username,
bgneal@74 71 },
bgneal@74 72 context_instance = RequestContext(request))
gremmie@1 73
bgneal@74 74 if pending_user.key != key:
bgneal@316 75 logging.error('Accounts register_confirm [%s]: key error: %s', ip, username)
bgneal@74 76 return render_to_response('accounts/register_failure.html', {
bgneal@74 77 'username': username,
bgneal@74 78 },
bgneal@74 79 context_instance = RequestContext(request))
gremmie@1 80
bgneal@347 81 create_new_user(pending_user, ip)
gremmie@1 82
bgneal@74 83 return render_to_response('accounts/register_success.html', {
bgneal@74 84 'username': username,
bgneal@74 85 },
bgneal@74 86 context_instance = RequestContext(request))
bgneal@500 87
bgneal@500 88 #######################################################################
bgneal@500 89
bgneal@503 90 @rate_limit(count=10, interval=datetime.timedelta(minutes=1),
bgneal@503 91 lockout=datetime.timedelta(minutes=2))
bgneal@500 92 def login_ajax(request):
bgneal@500 93 """
bgneal@500 94 This view function handles a login via AJAX.
bgneal@500 95
bgneal@500 96 """
bgneal@500 97 if not request.is_ajax():
bgneal@500 98 return HttpResponseRedirect(reverse('accounts-login'))
bgneal@500 99
bgneal@500 100 response = {
bgneal@500 101 'success': False,
bgneal@500 102 'error': '',
bgneal@500 103 'navbar_html': ''
bgneal@500 104 }
bgneal@500 105
bgneal@500 106 if request.method == "POST":
bgneal@500 107 form = AuthenticationForm(data=request.POST)
bgneal@500 108 if form.is_valid():
bgneal@500 109 login(request, form.get_user())
bgneal@500 110 response['success'] = True
bgneal@500 111 response['navbar_html'] = render_to_string('navbar.html',
bgneal@500 112 {'user': request.user}, RequestContext(request))
bgneal@500 113 else:
bgneal@500 114 response['error'] = 'Invalid username or password'
bgneal@500 115
bgneal@500 116 return HttpResponse(simplejson.dumps(response),
bgneal@500 117 content_type='application/json')