From d98b85391dec4321b9b6bd89d97579f9e436d660 Mon Sep 17 00:00:00 2001
From: downhill <downhill@geekhabitat.de>
Date: Sun, 14 Oct 2018 21:40:36 +0200
Subject: [PATCH] updated a bit

---
 dal/dal/urls.py  |  1 +
 dal/dal/views.py | 25 +++++++++++++++----------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/dal/dal/urls.py b/dal/dal/urls.py
index 0bf7d78..cdd5ee6 100644
--- a/dal/dal/urls.py
+++ b/dal/dal/urls.py
@@ -29,4 +29,5 @@ urlpatterns = [
     path('deleteaccount/', DeleteAccount.as_view(), name="account_delete"),
     path('index/', Index.as_view(), name="index"),
     path('logout/', LogOut.as_view(), name="logout"),
+    path('', Index.as_view(), name="index"),
 ]
diff --git a/dal/dal/views.py b/dal/dal/views.py
index 514df85..f5a3bdf 100644
--- a/dal/dal/views.py
+++ b/dal/dal/views.py
@@ -33,7 +33,8 @@ class Index(View):
     def post(self, request):
         username = request.POST.get('username')
         password = request.POST.get('password')
-        user = authenticate(request, username=username, password=password)
+        pwd = r'%s' % password
+        user = authenticate(request, username=username, password=pwd)
         if user is not None:
             login(request, user)
             return render(request, 'useroptions.html', { 'user': user } )
@@ -59,31 +60,33 @@ class Register(View):
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please supply a username.' } )
         # Check to see if username is already taken
         if check_user_exists(username):
-            return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'User already exists.' } )
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'User already exists.' } )
         # isalnum() may be a bit harsh, but is the most logical choice to make sure it's a username we
         # can use
         elif not username.isalnum():
-            return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'Username has to be alphanumeric.' } )
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Username has to be alphanumeric.' } )
         password1 = request.POST.get('password1')
         password2 = request.POST.get('password2')
         # check if the supplied passwords match
         if password1 != password2:
-            return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 
                 'error': 'Your passwords did not match. Please supply the same password twice.' } )
         email = request.POST.get('email')
         # Is the emailaddress valid?
         try:
             validate_email(email)
         except ValidationError:
-            return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'The supplied email address is invalid.' } )
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The supplied email address is invalid.' } )
 
         firstname = request.POST.get('firstname')
         lastname = request.POST.get('lastname')
         if firstname == "" or not firstname or lastname == "" or not lastname:
-            return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter your firstname and lastname.' } )
+            return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter your firstname and lastname.' } )
         # throw it to nameko to create the user
         with get_pool().next() as rpc:
-            result = rpc.createuser.create_user(username, password1, firstname, lastname, email)
+            # so nothing strange happens if there are escapable chars
+            pwd = r'%s' % password1
+            result = rpc.createuser.create_user(username, pwd, firstname, lastname, email)
             if result == True:
                 return render(request, 'usercreated.html', { 'user': username } )
             else:
@@ -213,8 +216,9 @@ class ChangePassword(View):
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 
                 'error': 'Please check if you typed the same password both times for the new password' } )
         with get_pool().next() as rpc:
-        # Trying to change the password
-            result = rpc.changepassword.change_password(user, password1)
+            # Trying to change the password
+            pwd = r'%s' % password1
+            result = rpc.changepassword.change_password(user, pwd)
         # Password was changed
         if result == True:
             return render(request, 'changedpassword.html', { 'user': user } )
@@ -243,7 +247,8 @@ class DeleteAccount(View):
 
         # Do user and password match?
         password = request.POST.get('password')
-        check = authenticate(request, username=username, password=password)
+        pwd = r'%s' % password
+        check = authenticate(request, username=username, password=pwd)
         if check is None:
             return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } )