From 69cba5af4a819ef732e3bbb7918bacf3c020808f Mon Sep 17 00:00:00 2001 From: Bobby Date: Mon, 10 Oct 2022 11:58:49 -0400 Subject: Moving login and logout functions to subdomains --- users/urls.py | 1 + users/views.py | 30 +++++++++++++++++++++--------- 2 files changed, 22 insertions(+), 9 deletions(-) (limited to 'users') diff --git a/users/urls.py b/users/urls.py index c09d7e01..3589c7e0 100644 --- a/users/urls.py +++ b/users/urls.py @@ -4,6 +4,7 @@ from django.contrib import admin app_name = 'users' urlpatterns = [ + path('', views.home, name='home'), path('login', views.login_user, name='login'), path('logout', views.logout_user, name='logout'), path('update', views.update_user, name='update'), diff --git a/users/views.py b/users/views.py index de762863..f1a6300b 100644 --- a/users/views.py +++ b/users/views.py @@ -1,4 +1,4 @@ -from django.http import HttpResponseRedirect +from django.http import HttpResponseRedirect, HttpResponse from django.shortcuts import render, redirect from django.contrib.auth import authenticate, login, logout, update_session_auth_hash from django.contrib import messages @@ -14,17 +14,28 @@ from django.contrib.sites.shortcuts import get_current_site from .tokens import account_activation_token, EmailChangeTokenGenerator from django.utils.http import urlsafe_base64_decode import django.contrib.auth.password_validation as validators +from django.views.decorators.csrf import csrf_exempt +def get_ref(request): + referrer = request.META.get('QUERY_STRING').split('referrer=')[1].split('?')[0] + return referrer or request.META.get('HTTP_REFERER') + +def home(request): + if request.user.is_authenticated: + return HttpResponse('Hello, {}! You are logged in!'.format(request.user)) + else: + return HttpResponse('Hello, World! You are not logged in!') + +@csrf_exempt # Create your views here. def login_user(request): - # pass - next = request.POST.get('next', 'blog:home') + referrer = get_ref(request) username = request.POST['username'] password = request.POST['password'] print (username, password) if username == '' or password == '': - messages.error(request, 'Please fill in all fields.') - return HttpResponseRedirect(next + '?username=' + username) + messages.error(request, 'Please fill in all fields.', extra_tags='loginError') + return HttpResponseRedirect(referrer) else: # check if email is verified user = authenticate(request, username=username, password=password) @@ -32,17 +43,18 @@ def login_user(request): email_verified = UserProfile.objects.get(user=user.pk).email_verified if email_verified: login(request, user) - return HttpResponseRedirect(next) + return HttpResponseRedirect(referrer) else: messages.error(request, 'EVERR', extra_tags='loginError') - return HttpResponseRedirect(next + '?username=' + username) + return HttpResponseRedirect(referrer + '?username=' + username) else: messages.error(request, 'Invalid username or password.', extra_tags='loginError') - return HttpResponseRedirect(next + '?username=' + username) + return HttpResponseRedirect(referrer + '?username=' + username) def logout_user(request): + referrer = get_ref(request) logout(request) - return HttpResponseRedirect(request.META.get('HTTP_REFERER')) + return HttpResponseRedirect(referrer) def update_user(request): username = request.user -- cgit v1.2.3