bgneal@500: """ bgneal@500: Views for the accounts application. gremmie@1: bgneal@500: """ gremmie@1: import datetime bgneal@74: import logging bgneal@74: bgneal@659: from django.shortcuts import render gremmie@1: from django.template import RequestContext bgneal@500: from django.template.loader import render_to_string bgneal@500: from django.http import HttpResponse, HttpResponseRedirect gremmie@1: from django.core.urlresolvers import reverse bgneal@6: from django.conf import settings bgneal@500: from django.contrib.auth.forms import AuthenticationForm bgneal@500: from django.contrib.auth import login bgneal@500: from django.utils import simplejson gremmie@1: gremmie@1: from accounts.models import PendingUser bgneal@659: from accounts.forms import RegisterForm, ForgotUsernameForm bgneal@347: from accounts import create_new_user bgneal@472: from antispam.decorators import rate_limit gremmie@1: gremmie@1: gremmie@1: ####################################################################### gremmie@1: bgneal@472: @rate_limit(count=10, interval=datetime.timedelta(minutes=1)) gremmie@1: def register(request): bgneal@74: if request.user.is_authenticated(): bgneal@74: return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) gremmie@1: bgneal@74: if request.method == 'POST': bgneal@74: form = RegisterForm(request.POST, ip=request.META.get('REMOTE_ADDR', '?')) bgneal@74: if form.is_valid(): bgneal@74: form.save() bgneal@74: return HttpResponseRedirect(reverse('accounts.views.register_thanks')) bgneal@74: else: bgneal@74: form = RegisterForm() gremmie@1: bgneal@659: return render(request, 'accounts/register.html', {'form': form}) gremmie@1: gremmie@1: ####################################################################### gremmie@1: gremmie@1: def register_thanks(request): bgneal@74: if request.user.is_authenticated(): bgneal@74: return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) gremmie@1: bgneal@659: return render(request, 'accounts/register_thanks.html') gremmie@1: gremmie@1: ####################################################################### gremmie@1: gremmie@1: def register_confirm(request, username, key): bgneal@74: if request.user.is_authenticated(): bgneal@74: return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) bgneal@316: bgneal@74: # purge expired users gremmie@1: bgneal@74: PendingUser.objects.purge_expired() gremmie@1: bgneal@74: ip = request.META.get('REMOTE_ADDR', '?') bgneal@74: try: bgneal@74: pending_user = PendingUser.objects.get(username = username) bgneal@74: except PendingUser.DoesNotExist: bgneal@316: logging.error('Accounts register_confirm [%s]: user does not exist: %s', ip, username) bgneal@659: return render(request, bgneal@659: 'accounts/register_failure.html', bgneal@659: {'username': username}) gremmie@1: bgneal@74: if pending_user.key != key: bgneal@316: logging.error('Accounts register_confirm [%s]: key error: %s', ip, username) bgneal@659: return render(request, bgneal@659: 'accounts/register_failure.html', bgneal@659: {'username': username}) gremmie@1: bgneal@347: create_new_user(pending_user, ip) gremmie@1: bgneal@659: return render(request, bgneal@659: 'accounts/register_success.html', bgneal@659: {'username': username}) bgneal@500: bgneal@500: ####################################################################### bgneal@500: bgneal@503: @rate_limit(count=10, interval=datetime.timedelta(minutes=1), bgneal@503: lockout=datetime.timedelta(minutes=2)) bgneal@500: def login_ajax(request): bgneal@500: """ bgneal@500: This view function handles a login via AJAX. bgneal@500: bgneal@500: """ bgneal@500: if not request.is_ajax(): bgneal@500: return HttpResponseRedirect(reverse('accounts-login')) bgneal@500: bgneal@500: response = { bgneal@500: 'success': False, bgneal@500: 'error': '', bgneal@500: 'navbar_html': '' bgneal@500: } bgneal@500: bgneal@500: if request.method == "POST": bgneal@500: form = AuthenticationForm(data=request.POST) bgneal@500: if form.is_valid(): bgneal@500: login(request, form.get_user()) bgneal@500: response['success'] = True bgneal@500: response['navbar_html'] = render_to_string('navbar.html', bgneal@500: {'user': request.user}, RequestContext(request)) bgneal@500: else: bgneal@500: response['error'] = 'Invalid username or password' bgneal@500: bgneal@500: return HttpResponse(simplejson.dumps(response), bgneal@500: content_type='application/json') bgneal@659: bgneal@659: ####################################################################### bgneal@659: bgneal@659: def username_query(request): bgneal@659: """This view handles forgotten username queries.""" bgneal@659: if request.user.is_authenticated(): bgneal@659: return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) bgneal@659: bgneal@659: if request.method == 'POST': bgneal@659: form = ForgotUsernameForm(data=request.POST) bgneal@659: if form.is_valid(): bgneal@659: form.save() bgneal@659: return HttpResponseRedirect(reverse('accounts-username_sent')) bgneal@659: else: bgneal@659: form = ForgotUsernameForm() bgneal@659: bgneal@659: return render(request, 'accounts/username_query.html', {'form': form})