diff options
| author | Bobby <[email protected]> | 2022-10-10 11:58:49 -0400 |
|---|---|---|
| committer | Bobby <[email protected]> | 2022-10-10 11:58:49 -0400 |
| commit | 69cba5af4a819ef732e3bbb7918bacf3c020808f (patch) | |
| tree | 7395ea0176888fce5f8eeb75110583df0e13bbee /users | |
| parent | a3a566c83ba7ac8af82acf0955fe791811792501 (diff) | |
| download | thatcomputerscientist-69cba5af4a819ef732e3bbb7918bacf3c020808f.tar.xz thatcomputerscientist-69cba5af4a819ef732e3bbb7918bacf3c020808f.zip | |
Moving login and logout functions to subdomains
Diffstat (limited to 'users')
| -rw-r--r-- | users/urls.py | 1 | ||||
| -rw-r--r-- | users/views.py | 30 |
2 files changed, 22 insertions, 9 deletions
diff --git a/users/urls.py b/users/urls.py index c09d7e01..3589c7e0 100644 --- a/users/urls.py +++ b/users/urls.py @@ -4,6 +4,7 @@ from django.contrib import admin app_name = 'users' urlpatterns = [ + path('', views.home, name='home'), path('login', views.login_user, name='login'), path('logout', views.logout_user, name='logout'), path('update', views.update_user, name='update'), diff --git a/users/views.py b/users/views.py index de762863..f1a6300b 100644 --- a/users/views.py +++ b/users/views.py @@ -1,4 +1,4 @@ -from django.http import HttpResponseRedirect +from django.http import HttpResponseRedirect, HttpResponse from django.shortcuts import render, redirect from django.contrib.auth import authenticate, login, logout, update_session_auth_hash from django.contrib import messages @@ -14,17 +14,28 @@ from django.contrib.sites.shortcuts import get_current_site from .tokens import account_activation_token, EmailChangeTokenGenerator from django.utils.http import urlsafe_base64_decode import django.contrib.auth.password_validation as validators +from django.views.decorators.csrf import csrf_exempt +def get_ref(request): + referrer = request.META.get('QUERY_STRING').split('referrer=')[1].split('?')[0] + return referrer or request.META.get('HTTP_REFERER') + +def home(request): + if request.user.is_authenticated: + return HttpResponse('Hello, {}! You are logged in!'.format(request.user)) + else: + return HttpResponse('Hello, World! You are not logged in!') + +@csrf_exempt # Create your views here. def login_user(request): - # pass - next = request.POST.get('next', 'blog:home') + referrer = get_ref(request) username = request.POST['username'] password = request.POST['password'] print (username, password) if username == '' or password == '': - messages.error(request, 'Please fill in all fields.') - return HttpResponseRedirect(next + '?username=' + username) + messages.error(request, 'Please fill in all fields.', extra_tags='loginError') + return HttpResponseRedirect(referrer) else: # check if email is verified user = authenticate(request, username=username, password=password) @@ -32,17 +43,18 @@ def login_user(request): email_verified = UserProfile.objects.get(user=user.pk).email_verified if email_verified: login(request, user) - return HttpResponseRedirect(next) + return HttpResponseRedirect(referrer) else: messages.error(request, 'EVERR', extra_tags='loginError') - return HttpResponseRedirect(next + '?username=' + username) + return HttpResponseRedirect(referrer + '?username=' + username) else: messages.error(request, 'Invalid username or password.', extra_tags='loginError') - return HttpResponseRedirect(next + '?username=' + username) + return HttpResponseRedirect(referrer + '?username=' + username) def logout_user(request): + referrer = get_ref(request) logout(request) - return HttpResponseRedirect(request.META.get('HTTP_REFERER')) + return HttpResponseRedirect(referrer) def update_user(request): username = request.user |