moviewyrm/bookwyrm/views/authentication.py

125 lines
4.1 KiB
Python
Raw Normal View History

2021-03-08 16:49:10 +00:00
""" class views for login/register views """
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
2021-01-12 16:19:08 +00:00
from django.core.exceptions import PermissionDenied
from django.shortcuts import get_object_or_404, redirect
2021-01-12 16:08:43 +00:00
from django.template.response import TemplateResponse
from django.utils import timezone
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt
2021-01-12 16:08:43 +00:00
from django.views import View
2021-01-12 16:19:08 +00:00
from bookwyrm import forms, models
2021-01-12 16:08:43 +00:00
from bookwyrm.settings import DOMAIN
2021-01-12 16:19:08 +00:00
# pylint: disable= no-self-use
2021-03-08 16:49:10 +00:00
@method_decorator(csrf_exempt, name="dispatch")
class Login(View):
2021-03-08 16:49:10 +00:00
""" authenticate an existing user """
2021-01-12 16:08:43 +00:00
def get(self, request):
2021-03-08 16:49:10 +00:00
""" login page """
2021-01-12 16:08:43 +00:00
if request.user.is_authenticated:
2021-03-08 16:49:10 +00:00
return redirect("/")
2021-01-12 17:53:04 +00:00
# sene user to the login page
2021-01-12 16:08:43 +00:00
data = {
2021-03-08 16:49:10 +00:00
"login_form": forms.LoginForm(),
"register_form": forms.RegisterForm(),
2021-01-12 16:08:43 +00:00
}
2021-03-08 16:49:10 +00:00
return TemplateResponse(request, "login.html", data)
2021-01-12 16:08:43 +00:00
def post(self, request):
2021-03-08 16:49:10 +00:00
""" authentication action """
if request.user.is_authenticated:
2021-03-08 16:49:10 +00:00
return redirect("/")
2021-01-12 16:08:43 +00:00
login_form = forms.LoginForm(request.POST)
2021-03-08 16:49:10 +00:00
localname = login_form.data["localname"]
if "@" in localname: # looks like an email address to me
email = localname
try:
username = models.User.objects.get(email=email)
2021-03-08 16:49:10 +00:00
except models.User.DoesNotExist: # maybe it's a full username?
username = localname
else:
2021-03-08 16:49:10 +00:00
username = "%s@%s" % (localname, DOMAIN)
password = login_form.data["password"]
2021-01-12 16:08:43 +00:00
user = authenticate(request, username=username, password=password)
if user is not None:
# successful login
login(request, user)
user.last_active_date = timezone.now()
user.save(broadcast=False)
2021-03-08 16:49:10 +00:00
return redirect(request.GET.get("next", "/"))
2021-01-12 16:08:43 +00:00
# login errors
2021-03-08 16:49:10 +00:00
login_form.non_field_errors = "Username or password are incorrect"
2021-01-12 16:08:43 +00:00
register_form = forms.RegisterForm()
2021-03-08 16:49:10 +00:00
data = {"login_form": login_form, "register_form": register_form}
return TemplateResponse(request, "login.html", data)
2021-01-12 16:19:08 +00:00
class Register(View):
2021-03-08 16:49:10 +00:00
""" register a user """
2021-01-12 16:19:08 +00:00
def post(self, request):
2021-03-08 16:49:10 +00:00
""" join the server """
2021-01-12 16:19:08 +00:00
if not models.SiteSettings.get().allow_registration:
2021-03-08 16:49:10 +00:00
invite_code = request.POST.get("invite_code")
2021-01-12 16:19:08 +00:00
if not invite_code:
raise PermissionDenied
invite = get_object_or_404(models.SiteInvite, code=invite_code)
if not invite.valid():
raise PermissionDenied
else:
invite = None
form = forms.RegisterForm(request.POST)
errors = False
if not form.is_valid():
errors = True
2021-03-08 16:49:10 +00:00
localname = form.data["localname"].strip()
email = form.data["email"]
password = form.data["password"]
2021-01-12 16:19:08 +00:00
# check localname and email uniqueness
if models.User.objects.filter(localname=localname).first():
2021-03-08 16:49:10 +00:00
form.errors["localname"] = ["User with this username already exists"]
2021-01-12 16:19:08 +00:00
errors = True
if errors:
data = {
2021-03-08 16:49:10 +00:00
"login_form": forms.LoginForm(),
"register_form": form,
"invite": invite,
"valid": invite.valid() if invite else True,
2021-01-12 16:19:08 +00:00
}
if invite:
2021-03-08 16:49:10 +00:00
return TemplateResponse(request, "invite.html", data)
return TemplateResponse(request, "login.html", data)
2021-01-12 16:19:08 +00:00
2021-03-08 16:49:10 +00:00
username = "%s@%s" % (localname, DOMAIN)
2021-01-12 16:19:08 +00:00
user = models.User.objects.create_user(
2021-03-08 16:49:10 +00:00
username, email, password, localname=localname, local=True
)
2021-01-12 16:19:08 +00:00
if invite:
invite.times_used += 1
invite.save()
login(request, user)
2021-04-01 19:46:38 +00:00
return redirect("get-started-profile")
2021-03-08 16:49:10 +00:00
@method_decorator(login_required, name="dispatch")
class Logout(View):
2021-03-08 16:49:10 +00:00
""" log out """
def get(self, request):
2021-03-08 16:49:10 +00:00
""" done with this place! outa here! """
logout(request)
2021-03-08 16:49:10 +00:00
return redirect("/")