aboutsummaryrefslogtreecommitdiff
path: root/services/users/views.py
diff options
context:
space:
mode:
Diffstat (limited to 'services/users/views.py')
-rw-r--r--services/users/views.py300
1 files changed, 300 insertions, 0 deletions
diff --git a/services/users/views.py b/services/users/views.py
new file mode 100644
index 00000000..5dba135b
--- /dev/null
+++ b/services/users/views.py
@@ -0,0 +1,300 @@
+from django.contrib import messages
+from django.contrib.auth import authenticate, login, logout, update_session_auth_hash
+from django.contrib.auth.models import User
+from django.http import HttpResponse, HttpResponseRedirect
+from django.shortcuts import redirect, reverse
+from django.template.loader import render_to_string
+from django.utils.html import strip_tags
+
+from .accountFunctions import store_token, verify_token
+from .forms import UpdateUserDetailsForm
+from .mail_send import send_email
+from .models import UserProfile
+
+
+# Create your views here.
+def login_user(request):
+ # pass
+ next = request.POST.get("next", "blog:home")
+ username = request.POST["username"]
+ password = request.POST["password"]
+ if username == "" or password == "" or username is None or password is None:
+ # required fields are empty
+ messages.error(request, "RFEERR", extra_tags="loginError")
+ return HttpResponseRedirect(next + "?username=" + username)
+ else:
+ # check if email is verified
+ user = authenticate(request, username=username, password=password)
+ if user is not None:
+ try:
+ email_verified = UserProfile.objects.get(user=user.pk).email_verified
+ except:
+ # user has no profile
+ email_verified = False
+ if email_verified:
+ login(request, user)
+ return HttpResponseRedirect(next)
+ else:
+ # email not verified
+ messages.error(request, "ENVERR", extra_tags="loginError")
+ return HttpResponseRedirect(next + "?username=" + username)
+ else:
+ # invalid credentials
+ messages.error(request, "IUOPERR", extra_tags="loginError")
+ return HttpResponseRedirect(next + "?username=" + username)
+
+
+def logout_user(request):
+ logout(request)
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+
+
+def update_user(request):
+ user = request.user
+ if user is not None:
+ if request.method == "POST":
+ form = UpdateUserDetailsForm(request.POST, user=user)
+ if form.is_valid():
+ form.save()
+ messages.success(request, "Profile was successfully updated!")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(
+ request, "Unable to update profile! Please try again later."
+ )
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "You must be logged in to update your profile!")
+ return redirect("blog:home")
+
+
+def delete_user(request):
+ user = request.user
+ if user is not None:
+ if request.method == "POST":
+ password = request.POST["password"]
+ if user.check_password(password):
+ # delete user, all comments, user profile details, and all posts
+ user.delete()
+ messages.success(request, "Your account was successfully deleted!")
+ return redirect("blog:home")
+ else:
+ messages.error(request, "Incorrect password!")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "Unable to delete account! Please try again later.")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "You must be logged in to delete your account!")
+ return redirect("blog:home")
+
+
+def update_avatar(request):
+ user = request.user
+ if user is not None:
+ if request.method == "POST":
+ user_profile = UserProfile.objects.get(user=user)
+ user_profile.avatar_url = request.POST["avatar"]
+ user_profile.save()
+ messages.success(request, "Avatar was successfully updated!")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "Unable to update avatar! Please try again later.")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "You must be logged in to update your avatar!")
+ return redirect("blog:home")
+
+
+def update_blinkie(request):
+ user = request.user
+ if user is not None:
+ if request.method == "POST":
+ user_profile = UserProfile.objects.get(user=user)
+ user_profile.blinkie_url = request.POST["blinkie"]
+ user_profile.save()
+ messages.success(request, "Blinkie was successfully updated!")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "Unable to update blinkie! Please try again later.")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "You must be logged in to update your blinkie!")
+ return redirect("blog:home")
+
+
+def change_password(request):
+ username = request.user
+ old_password = request.POST["oldPassword"]
+ new_password = request.POST["newPassword"]
+ confirm_password = request.POST["confirmPassword"]
+ if username is not None:
+ user = User.objects.get(username=username)
+ if user.check_password(old_password):
+ if new_password == confirm_password:
+ if len(new_password) < 8:
+ messages.error(
+ request, "The new password must be at least 8 characters long!"
+ )
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ user.set_password(new_password)
+ user.save()
+ update_session_auth_hash(request, user)
+ messages.success(request, "Password was successfully changed!")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(
+ request, "The new password and confirmation password do not match!"
+ )
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "Old password is incorrect!")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "Unable to change password! Please try again later.")
+ return redirect("blog:home")
+
+
+def send_change_user_email(request):
+ user = request.user
+ new_email = request.POST["email"]
+ if user is not None:
+ # Check if the new and the old email are the same
+ if user.email == new_email:
+ messages.error(request, "New email is the same as the old one!")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+
+ # check if email is already in use
+ if User.objects.filter(email=new_email).exists():
+ messages.error(request, "Email is already in use!")
+ # Redirect to referrer
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ # Send verification email
+ subject = "Change your email address"
+ uid, token = store_token(token_type="changeemail", user=user, email=new_email)
+
+ message = render_to_string(
+ "email_change_verification_email.html",
+ {
+ "user": user.username if user.first_name is None else user.first_name,
+ "site_name": "Shifoo",
+ "uid": uid,
+ "token": token,
+ "protocol": request.scheme + "://",
+ "domain": request.get_host(),
+ },
+ )
+ # message = strip_tags(message)
+ # send_mail(subject, message, 'That Computer Scientist <' + settings.EMAIL_HOST_USER + '>', [new_email])
+
+ if send_email(
+ sender="[email protected]",
+ sender_name="Shifoo",
+ recipient=new_email,
+ subject=subject,
+ body_html=message,
+ body_text=message,
+ ):
+ messages.success(
+ request, "Verification email was sent! Please check your email."
+ )
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "Unable to change email! Please try again later.")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+
+ else:
+ messages.error(request, "Unable to change email! Please try again later.")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+
+
+def send_verification_email(request):
+ # this is a post only view
+ if request.method == "POST":
+ username = request.POST.get("username")
+ subject = "Verify your email address"
+ user = User.objects.get(username=username)
+ uid, token = store_token(token_type="verifyemail", user=user, email=user.email)
+
+ message = render_to_string(
+ "verification_email.html",
+ {
+ "user": user.username if user.first_name is None else user.first_name,
+ "site_name": "Shifoo",
+ "uid": uid,
+ "token": token,
+ "protocol": "https://" if request.is_secure() else "http://",
+ "domain": request.get_host(),
+ },
+ )
+ # message = strip_tags(message)
+ if send_email(
+ sender="[email protected]",
+ sender_name="Shifoo",
+ recipient=user.email,
+ subject=subject,
+ body_html=message,
+ body_text=message,
+ ):
+ messages.success(request, "VESENT", extra_tags="loginError")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "VESENDERR", extra_tags="loginError")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+ else:
+ messages.error(request, "VESENDERR", extra_tags="loginError")
+ return HttpResponseRedirect(request.META.get("HTTP_REFERER"))
+
+
+def verify_email(request, mode, uid, token):
+ token_object = verify_token(mode, uid, token)
+ redirect_to = (
+ reverse("blog:account") + "?tab=email" if mode == "changeemail" else "blog:home"
+ )
+ success_message = (
+ "Email was successfully changed!" if mode == "changeemail" else "VESUCCESS"
+ )
+ error_message = "Unable to verify email! Please try again later."
+
+ if token_object is not None and token_object.verified:
+ user = User.objects.get(pk=token_object.user_id)
+ user.email = token_object.email
+ user.save()
+ token_object.delete()
+ messages.success(
+ request,
+ success_message,
+ extra_tags="loginError" if mode == "verifyemail" else "",
+ )
+ return redirect(redirect_to)
+ else:
+ messages.error(request, error_message)
+ return redirect(redirect_to)
+
+
+def reset_password(request, uid, token):
+ mode = "resetpassword"
+ token_object = verify_token(mode, uid, token)
+
+ # Token is not verified yet, but confirmed that it belongs to the user
+ # Now we send a form for the user to reset their password
+ if token_object is not None and token_object.verified:
+ print(token_object.user_id)
+ # redirect to forgotpassword/reset?uid=uid&token=token
+ return HttpResponseRedirect(
+ reverse("blog:resetpassword")
+ + "?uid="
+ + token_object.user_id
+ + "&token="
+ + token
+ )
+ else:
+ # Token is invalid
+ messages.error(
+ request,
+ "Unable to reset password! Please try again later.",
+ extra_tags="passwordReset",
+ )
+ return redirect("blog:forgotpassword")
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-06 01:41:36 +0000