mravi/ungleich-user
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

finished up the views

Browse source
This commit is contained in:
downhill 2018-10-10 14:13:49 +02:00
parent b82ed72185
commit a92054bc0a
3 changed files with 35 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
dal/dal/templates/deleteaccount.html Normal file
View file

0
dal/dal/templates/deleteduser.html Normal file
View file

47
dal/dal/views.py
View file

@ -56,13 +56,6 @@ class Register(View):
service = 'Registering an user' service = 'Registering an user'
# urlname for 'go back' on the errorpage # urlname for 'go back' on the errorpage
urlname = 'register' urlname = 'register'
# some basic check against DoS, since a hidden reference=ungleich will be given on the registeruser page
# real defense against DoS will not be on django, but this protects a bit against filling up our ldap with a
# basic curl script
# TODO: Think about some better protection
reference = request.POST.get('reference')
if reference != 'ungleich':
return HttpResponseRedirect(reverse_lazy('index'))
username = request.POST.get('username') username = request.POST.get('username')
# Check to see if username is already taken # Check to see if username is already taken
if self.check_user_exists(username): if self.check_user_exists(username):
@ -85,8 +78,10 @@ class Register(View):
lastname = request.POST.get('lastname') lastname = request.POST.get('lastname')
if firstname == "" or not firstname or lastname == "" or not lastname if firstname == "" or not firstname or lastname == "" or not lastname
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter your firstname and lastname.' } ) return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter your firstname and lastname.' } )
# TODO: throw it to nameko to create the user # throw it to nameko to create the user
if self.create_user(username, password1, firstname, lastname, email):
return render(request, 'usercreated.html', { 'user': username } ) return render(request, 'usercreated.html', { 'user': username } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while creating the user.' } )
@ -100,7 +95,7 @@ class ChangeData(View):
if not request.user.is_authenticated: if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html') return render(request, 'mustbeloggedin.html')
user = request.user user = request.user
#TODO: nameko get basic data (firstname, lastname, email) # get basic data (firstname, lastname, email)
(firstname, lastname, email) = self.get_data(user) (firstname, lastname, email) = self.get_data(user)
# The template puts the old data as standard in the fields # The template puts the old data as standard in the fields
return render(request, 'changeuserdata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } ) return render(request, 'changeuserdata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
@ -128,7 +123,7 @@ class ChangeData(View):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter an email.' } ) return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter an email.' } )
elif not email_re.match(email): elif not email_re.match(email):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The supplied email address is invalid.' } ) return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The supplied email address is invalid.' } )
#TODO: nameko change data (firstname, lastname, email) # Trying to change the data
if self.change_data(firstname, lastname, email): if self.change_data(firstname, lastname, email):
return render(request, 'changeddata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } ) return render(request, 'changeddata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'An unknown error occurred.' } ) return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'An unknown error occurred.' } )
@ -157,7 +152,8 @@ class ResetPassword(View):
def post(self, request): def post(self, request):
user = request.POST.get('user') user = request.POST.get('user')
if check_user_exists(user): if check_user_exists(user):
#TODO: call nameko for sending a reset request # TODO: Get a good backend for reset requests
# Sending the reset request
self.send_resetrequest(user) self.send_resetrequest(user)
return render(request, 'send_resetrequest.html', { 'user': user } ) return render(request, 'send_resetrequest.html', { 'user': user } )
return render(request, 'must_confirm_reset.html') return render(request, 'must_confirm_reset.html')
@ -200,7 +196,7 @@ class ChangePassword(View):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, return render(request, 'error.html', { 'urlname': urlname, 'service': service,
'error': 'Please check if you typed the same password both times for the new password' } ) 'error': 'Please check if you typed the same password both times for the new password' } )
# TODO: nameko change password # Trying to change the password
if self.change_password(user, oldpassword, password1): if self.change_password(user, oldpassword, password1):
return render(request, 'changedpassword.html', { 'user': user } ) return render(request, 'changedpassword.html', { 'user': user } )
else: else:
@ -215,7 +211,32 @@ class ChangePassword(View):
class DeleteAccount(View): class DeleteAccount(View):
def get(self, request): def get(self, request):
return HttpResponse("Work in progress") return render(request, 'deleteaccount.html')
def post(self, request):
# Variables for error page
urlname = 'account_delete'
service = 'delete an account'
# Does the user exist?
username = request.POST.username
if not check_user_exists(username):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown user.' } )
# Do user and password match?
password = request.POST.username
check = authenticate(request, username=username, password=password)
if check is None:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } )
# Try to delete the user
if self.delete_user(username):
return render(request, 'deleteduser.html', { 'user': username } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while trying to delete the user.' } )
def delete_user(self, username):
#TODO: nameko call to delete the user
return True