moviewyrm/bookwyrm/views/login.py

""" class views for login/register views """
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
from django.shortcuts import redirect
from django.template.response import TemplateResponse
from django.utils.decorators import method_decorator
from django.utils.translation import gettext_lazy as _
from django.views import View
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.debug import sensitive_variables, sensitive_post_parameters

from bookwyrm import forms, models
from bookwyrm.settings import DOMAIN
from bookwyrm.views.helpers import set_language


# pylint: disable=no-self-use
@method_decorator(csrf_exempt, name="dispatch")
class Login(View):
    """authenticate an existing user"""

    def get(self, request, confirmed=None):
        """login page"""
        if request.user.is_authenticated:
            return redirect("/")
        # send user to the login page
        data = {
            "show_confirmed_email": confirmed,
            "login_form": forms.LoginForm(),
            "register_form": forms.RegisterForm(),
        }
        return TemplateResponse(request, "login.html", data)

    @sensitive_variables("password")
    @method_decorator(sensitive_post_parameters("password"))
    def post(self, request):
        """authentication action"""
        if request.user.is_authenticated:
            return redirect("/")
        login_form = forms.LoginForm(request.POST)

        localname = login_form.data["localname"]
        if "@" in localname:  # looks like an email address to me
            try:
                username = models.User.objects.get(email=localname).username
            except models.User.DoesNotExist:  # maybe it's a full username?
                username = localname
        else:
            username = f"{localname}@{DOMAIN}"
        password = login_form.data["password"]

        # perform authentication
        user = authenticate(request, username=username, password=password)
        if user is not None:
            # successful login
            login(request, user)
            user.update_active_date()
            if request.POST.get("first_login"):
                return set_language(user, redirect("get-started-profile"))
            return set_language(user, redirect(request.GET.get("next", "/")))

        # maybe the user is pending email confirmation
        if models.User.objects.filter(
            username=username, is_active=False, deactivation_reason="pending"
        ).exists():
            return redirect("confirm-email")

        # login errors
        login_form.non_field_errors = _("Username or password are incorrect")
        register_form = forms.RegisterForm()
        data = {"login_form": login_form, "register_form": register_form}
        return TemplateResponse(request, "login.html", data)


@method_decorator(login_required, name="dispatch")
class Logout(View):
    """log out"""

    def get(self, request):
        """done with this place! outa here!"""
        logout(request)
        return redirect("/")
Split authentication views into login and register 2021-09-07 20:11:44 +00:00			`""" class views for login/register views """`
			`from django.contrib.auth import authenticate, login, logout`
			`from django.contrib.auth.decorators import login_required`
			`from django.shortcuts import redirect`
			`from django.template.response import TemplateResponse`
			`from django.utils.decorators import method_decorator`
			`from django.utils.translation import gettext_lazy as _`
			`from django.views import View`
Make sure passwords aren't exposed in error reporting 2021-09-07 20:21:40 +00:00			`from django.views.decorators.csrf import csrf_exempt`
			`from django.views.decorators.debug import sensitive_variables, sensitive_post_parameters`
Split authentication views into login and register 2021-09-07 20:11:44 +00:00
			`from bookwyrm import forms, models`
			`from bookwyrm.settings import DOMAIN`
Update language on login and edit preference 2021-10-06 20:01:29 +00:00			`from bookwyrm.views.helpers import set_language`
Split authentication views into login and register 2021-09-07 20:11:44 +00:00

			`# pylint: disable=no-self-use`
			`@method_decorator(csrf_exempt, name="dispatch")`
			`class Login(View):`
			`"""authenticate an existing user"""`

			`def get(self, request, confirmed=None):`
			`"""login page"""`
			`if request.user.is_authenticated:`
			`return redirect("/")`
			`# send user to the login page`
			`data = {`
			`"show_confirmed_email": confirmed,`
			`"login_form": forms.LoginForm(),`
			`"register_form": forms.RegisterForm(),`
			`}`
			`return TemplateResponse(request, "login.html", data)`

Make sure passwords aren't exposed in error reporting 2021-09-07 20:21:40 +00:00			`@sensitive_variables("password")`
Split out test files 2021-09-07 22:03:15 +00:00			`@method_decorator(sensitive_post_parameters("password"))`
Split authentication views into login and register 2021-09-07 20:11:44 +00:00			`def post(self, request):`
			`"""authentication action"""`
			`if request.user.is_authenticated:`
			`return redirect("/")`
			`login_form = forms.LoginForm(request.POST)`

			`localname = login_form.data["localname"]`
			`if "@" in localname: # looks like an email address to me`
			`try:`
			`username = models.User.objects.get(email=localname).username`
			`except models.User.DoesNotExist: # maybe it's a full username?`
			`username = localname`
			`else:`
Updating string format synatx part 2 2021-09-18 18:32:00 +00:00			`username = f"{localname}@{DOMAIN}"`
Split authentication views into login and register 2021-09-07 20:11:44 +00:00			`password = login_form.data["password"]`

			`# perform authentication`
			`user = authenticate(request, username=username, password=password)`
			`if user is not None:`
			`# successful login`
			`login(request, user)`
Create model function to update user last active date 2021-09-22 15:35:20 +00:00			`user.update_active_date()`
Split authentication views into login and register 2021-09-07 20:11:44 +00:00			`if request.POST.get("first_login"):`
Update language on login and edit preference 2021-10-06 20:01:29 +00:00			`return set_language(user, redirect("get-started-profile"))`
			`return set_language(user, redirect(request.GET.get("next", "/")))`
Split authentication views into login and register 2021-09-07 20:11:44 +00:00
			`# maybe the user is pending email confirmation`
			`if models.User.objects.filter(`
			`username=username, is_active=False, deactivation_reason="pending"`
			`).exists():`
			`return redirect("confirm-email")`

			`# login errors`
			`login_form.non_field_errors = _("Username or password are incorrect")`
			`register_form = forms.RegisterForm()`
			`data = {"login_form": login_form, "register_form": register_form}`
			`return TemplateResponse(request, "login.html", data)`


			`@method_decorator(login_required, name="dispatch")`
			`class Logout(View):`
			`"""log out"""`

			`def get(self, request):`
			`"""done with this place! outa here!"""`
			`logout(request)`
			`return redirect("/")`