Mercurial > public > sg101
view gpp/core/views.py @ 507:8631d32e6b16
Some users are still having problems with the pop-up login. I think they are actually getting 403s because of the CSRF protection. So I have modified the base template to always have a javascript variable called csrf_token available when they aren't logged in. The ajax_login.js script was then modified to send this value with the ajax post. Fingers crossed.
| author | Brian Neal <bgneal@gmail.com> |
|---|---|
| date | Sun, 04 Dec 2011 03:05:21 +0000 |
| parents | be3fff614b93 |
| children |
line wrap: on
line source
""" Views for the core application. These are mainly shared, common views used by multiple applications. """ from django.contrib.auth.models import User from django.http import HttpResponse from django.shortcuts import render_to_response from django.template import RequestContext from django.contrib.auth.decorators import login_required from django.views.decorators.http import require_GET import django.utils.simplejson as json @login_required @require_GET def markdown_help(request): """ This view provides the Markdown help cheat sheet. It is expected to be called via AJAX. """ return render_to_response('core/markdown_help.html') def ajax_users(request): """ If the user is authenticated, return a JSON array of strings of usernames whose names start with the 'q' GET parameter, limited by the 'limit' GET parameter. Only active usernames are returned. If the user is not authenticated, return an empty array. """ q = request.GET.get('q', None) if q is None or not request.user.is_authenticated(): return HttpResponse(json.dumps([]), content_type='application/json') limit = int(request.GET.get('limit', 10)) users = User.objects.filter(is_active=True, username__istartswith=q).values_list('username', flat=True)[:limit] return HttpResponse(json.dumps(list(users)), content_type='application/json')