| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220 |
- from django.contrib import messages
- from django.contrib.auth import login as auth_login, logout as auth_logout, update_session_auth_hash
- from django.contrib.auth.decorators import login_required
- from django.contrib.auth.mixins import LoginRequiredMixin
- from django.core.urlresolvers import reverse
- from django.http import HttpResponseRedirect
- from django.shortcuts import get_object_or_404, redirect, render
- from django.utils.http import is_safe_url
- from django.views.generic import View
- from secrets.forms import UserKeyForm
- from secrets.models import UserKey
- from utilities.forms import ConfirmationForm
- from .forms import LoginForm, PasswordChangeForm, TokenForm
- from .models import Token
- #
- # Login/logout
- #
- def login(request):
- if request.method == 'POST':
- form = LoginForm(request, data=request.POST)
- if form.is_valid():
- # Determine where to direct user after successful login
- redirect_to = request.POST.get('next', '')
- if not is_safe_url(url=redirect_to, host=request.get_host()):
- redirect_to = reverse('home')
- # Authenticate user
- auth_login(request, form.get_user())
- messages.info(request, u"Logged in as {}.".format(request.user))
- return HttpResponseRedirect(redirect_to)
- else:
- form = LoginForm()
- return render(request, 'login.html', {
- 'form': form,
- })
- def logout(request):
- auth_logout(request)
- messages.info(request, u"You have logged out.")
- return HttpResponseRedirect(reverse('home'))
- #
- # User profiles
- #
- @login_required()
- def profile(request):
- return render(request, 'users/profile.html', {
- 'active_tab': 'profile',
- })
- @login_required()
- def change_password(request):
- if request.method == 'POST':
- form = PasswordChangeForm(user=request.user, data=request.POST)
- if form.is_valid():
- form.save()
- update_session_auth_hash(request, form.user)
- messages.success(request, u"Your password has been changed successfully.")
- return redirect('users:profile')
- else:
- form = PasswordChangeForm(user=request.user)
- return render(request, 'users/change_password.html', {
- 'form': form,
- 'active_tab': 'change_password',
- })
- @login_required()
- def userkey(request):
- try:
- userkey = UserKey.objects.get(user=request.user)
- except UserKey.DoesNotExist:
- userkey = None
- return render(request, 'users/userkey.html', {
- 'userkey': userkey,
- 'active_tab': 'userkey',
- })
- @login_required()
- def userkey_edit(request):
- try:
- userkey = UserKey.objects.get(user=request.user)
- except UserKey.DoesNotExist:
- userkey = UserKey(user=request.user)
- if request.method == 'POST':
- form = UserKeyForm(data=request.POST, instance=userkey)
- if form.is_valid():
- uk = form.save(commit=False)
- uk.user = request.user
- uk.save()
- messages.success(request, u"Your user key has been saved.")
- return redirect('users:userkey')
- else:
- form = UserKeyForm(instance=userkey)
- return render(request, 'users/userkey_edit.html', {
- 'userkey': userkey,
- 'form': form,
- 'active_tab': 'userkey',
- })
- @login_required()
- def recent_activity(request):
- return render(request, 'users/recent_activity.html', {
- 'recent_activity': request.user.actions.all()[:50],
- 'active_tab': 'recent_activity',
- })
- #
- # API tokens
- #
- class TokenListView(LoginRequiredMixin, View):
- def get(self, request):
- tokens = Token.objects.filter(user=request.user)
- return render(request, 'users/api_tokens.html', {
- 'tokens': tokens,
- 'active_tab': 'api_tokens',
- })
- class TokenEditView(LoginRequiredMixin, View):
- def get(self, request, pk=None):
- if pk is not None:
- token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
- else:
- token = Token(user=request.user)
- form = TokenForm(instance=token)
- return render(request, 'utilities/obj_edit.html', {
- 'obj': token,
- 'obj_type': token._meta.verbose_name,
- 'form': form,
- 'return_url': reverse('users:token_list'),
- })
- def post(self, request, pk=None):
- if pk is not None:
- token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
- form = TokenForm(request.POST, instance=token)
- else:
- form = TokenForm(request.POST)
- if form.is_valid():
- token = form.save(commit=False)
- token.user = request.user
- token.save()
- msg = "Token updated" if pk else "New token created"
- messages.success(request, msg)
- return redirect('users:token_list')
- class TokenDeleteView(LoginRequiredMixin, View):
- def get(self, request, pk):
- token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
- initial_data = {
- 'return_url': reverse('users:token_list'),
- }
- form = ConfirmationForm(initial=initial_data)
- return render(request, 'utilities/obj_delete.html', {
- 'obj': token,
- 'obj_type': token._meta.verbose_name,
- 'form': form,
- 'return_url': reverse('users:token_list'),
- })
- def post(self, request, pk):
- token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
- form = ConfirmationForm(request.POST)
- if form.is_valid():
- token.delete()
- messages.success(request, "Token deleted")
- return redirect('users:token_list')
- return render(request, 'utilities/obj_delete.html', {
- 'obj': token,
- 'obj_type': token._meta.verbose_name,
- 'form': form,
- 'return_url': reverse('users:token_list'),
- })
|
