ungleich-public
/
ungleich-user
6
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity
ungleich-user/dal/dal/views.py

253 lines
11 KiB
Python
Raw Blame History

from django.shortcuts import render
from django.views.generic import View
from django.contrib.auth import authenticate, login
from django.contrib.auth.models import User
from django.http import HttpResponse, HttpResponseRedirect
from django.core.validators import email_re
from django.urls import reverse_lazy
# Check to see if the username is already taken
# Helper function, not to be set up as a view
# First checks the DB, since ldap parks users there
# After that, check LDAP directly if the user just never
# logged in
def check_user_exists(username):
if User.objects.filter(username=username).exists():
return True
# TODO: Needs to look up the LDAP
else return False
# The index page
# If there's a session open, it will give the user the options he/she/it can do, if not,
# it will show a landing page explaining what this is and prompt them to login
class Index(View):
# Basic binary choice, if it is an authenticated user, go straight to the options page,
# if not, then show the landing page
def get(self, request):
if request.user.is_authenticated:
return render(request, 'useroptions.html', { 'user': request.user } )
return render(request, 'landing.html')
# Basically does the same as the GET request, just with trying to login the user beforehand
# Shows an errorpage if authentication fails, since just looping to the landing page
# would be frustrating
def post(self, request):
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(request, username=username, password=password)
if user is not None:
login(request, user)
return render(request, 'useroptions.html', { 'user': user } )
return render(request, 'loginfailed.html')
# Registering a user
class Register(View):
# Someone wants to register, throw up the page for that
def get(self, request):
return render(request, 'registeruser.html')
# Someone filled out the register page, do some basic checks and throw it at nameko
def post(self, request):
# message for the error template
service = 'register an user'
# urlname for 'go back' on the errorpage
urlname = 'register'
username = request.POST.get('username')
# Check to see if username is already taken
if check_user_exists(username):
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'User already exists.' } )
# isalnum() may be a bit harsh, but is the most logical choice to make sure it's a username we
# can use
elif not username.isalnum():
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'Username has to be alphanumeric.' } )
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
# check if the supplied passwords match
if password1 != password2:
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service,
'error': 'Your passwords didn\'t match. Please supply the same password twice.' } )
email = request.POST.get('email')
# Is the emailaddress valid?
if not email_re.match(email):
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'The supplied email address is invalid.' } )
firstname = request.POST.get('firstname')
lastname = request.POST.get('lastname')
if firstname == "" or not firstname or lastname == "" or not lastname
return render(request, 'registererror.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter your firstname and lastname.' } )
# throw it to nameko to create the user
if self.create_user(username, password1, firstname, lastname, email):
return render(request, 'usercreated.html', { 'user': username } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while creating the user.' } )
def create_user(self, username, password, firstname, lastname, email):
#TODO: write nameko function to create a user
return True
# Change user data for logged in users
class ChangeData(View):
# provide the form for the change request
def get(self, request):
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
user = request.user
login(request, user)
# get basic data (firstname, lastname, email)
(firstname, lastname, email) = self.get_data(user)
# The template puts the old data as standard in the fields
return render(request, 'changeuserdata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
# get the change request
def post(self, request):
# variables for the error page
service = 'change user data'
urlname = 'change_data'
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
user = request.user
firstname = request.POST.get('firstname')
lastname = request.POST.get('lastname')
email = request.POST.get('email')
# Some sanity checks for the supplied data
if firstname == "":
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter a firstname.' } )
elif lastname == "":
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter a lastname.' } )
elif email == "":
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Please enter an email.' } )
elif not email_re.match(email):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The supplied email address is invalid.' } )
# Trying to change the data
if self.change_data(firstname, lastname, email):
return render(request, 'changeddata.html', { 'user': user, 'firstname': firstname, 'lastname': lastname, 'email': email } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'An unknown error occurred.' } )
# TODO: call nameko to get basic data from user
def get_data(self, user):
return ("a", "b", "c")
# TODO: call nameko to change user data and think about return value
def change_data(self, firstname, lastname, email):
return True
# Resets the password for a user
# Will need to send a confirmation email to the user and we will need a backend
# to confirm the request came from someone who has access to the email
# Out of scope except for creating the workflow
class ResetPassword(View):
# Presents the form with some information
def get(self, request):
return render(request, 'resetpassword.html')
# gets the data from confirming the reset request and checks if it was not a misclick
# (by having the user type in his username
def post(self, request):
urlname = 'reset_password'
service = 'send a password reset request'
user = request.POST.get('user')
if check_user_exists(user):
# TODO: Get a good backend for reset requests
# Sending the reset request
email = self.send_resetrequest(user)
return render(request, 'send_resetrequest.html', { 'user': user, 'email': email } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'The user does not exist.' } )
def send_resetrequest(self, user):
#TODO: call nameko to get the associated email and send a confirmation mail
return "test@example.com"
# The logged in user can change the password here
class ChangePassword(View):
# Presents the page for a logged in user
def get(self, request):
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
return render(request, 'changepassword.html', { 'user': request.user } )
# Does some checks on the supplied data and changes the password
def post(self, request):
# Variables for the error page
urlname = 'change_password'
service = 'change the password'
if not request.user.is_authenticated:
return render(request, 'mustbeloggedin.html')
login(request, request.user)
user = request.user
oldpassword = request.POST.get('oldpassword')
check = authenticate(request, username=user, password=oldpassword)
# Is the right password for the user supplied?
if check is None:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for the user.' } )
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
# Are both passwords from the form the same?
if password1 != password2:
return render(request, 'error.html', { 'urlname': urlname, 'service': service,
'error': 'Please check if you typed the same password both times for the new password' } )
# Trying to change the password
if self.change_password(user, oldpassword, password1):
return render(request, 'changedpassword.html', { 'user': user } )
else:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while changing the password!' } )
# Changes the password for the supplied user
def change_password(self, user, oldpassword, password):
#TODO: write nameko function to change a password
return True
class DeleteAccount(View):
def get(self, request):
return render(request, 'deleteaccount.html')
def post(self, request):
# Variables for error page
urlname = 'account_delete'
service = 'delete an account'
# Does the user exist?
username = request.POST.get('username')
if not check_user_exists(username):
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown user.' } )
# Do user and password match?
password = request.POST.get('password')
check = authenticate(request, username=username, password=password)
if check is None:
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Wrong password for user.' } )
# Try to delete the user
if self.delete_user(username):
return render(request, 'deleteduser.html', { 'user': username } )
return render(request, 'error.html', { 'urlname': urlname, 'service': service, 'error': 'Unknown error while trying to delete the user.' } )
def delete_user(self, username):
#TODO: nameko call to delete the user
return True
Reference in New Issue View Git Blame Copy Permalink