from django.contrib import messages from django.contrib.auth import ( authenticate, login as lgn, logout as lgt, update_session_auth_hash, ) from django.contrib.auth.models import User from django.http import HttpResponse, HttpResponseRedirect, HttpResponseNotAllowed from django.shortcuts import redirect, reverse from django.template.loader import render_to_string from django.utils.html import strip_tags from internal.auth_utilities import validate_auth_input, validate_verified_user_email from .accountFunctions import store_token, verify_token from .forms import UpdateUserDetailsForm from .mail_send import send_email # Create your views here. def login(request): if not request.POST: return HttpResponseNotAllowed("Method not allowed") else: next = request.POST.get("next", "core:home") username = request.POST["username"] password = request.POST["password"] if not validate_auth_input(username, password): messages.error(request, "RFEERR", extra_tags="loginError") return HttpResponseRedirect(next + "?username=" + username) else: user = authenticate(request, username=username, password=password) if user is not None: email_verified = validate_verified_user_email(user) if email_verified: lgn(request, user) return HttpResponseRedirect(next) else: messages.error(request, "ENVERR", extra_tags="loginError") return HttpResponseRedirect(next + "?username=" + username) else: messages.error(request, "IUOPERR", extra_tags="loginError") return HttpResponseRedirect(next + "?username=" + username) def logout(request): lgt(request) return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # def login_user(request): # # pass # next = request.POST.get("next", "blog:home") # username = request.POST["username"] # password = request.POST["password"] # if username == "" or password == "" or username is None or password is None: # # required fields are empty # messages.error(request, "RFEERR", extra_tags="loginError") # return HttpResponseRedirect(next + "?username=" + username) # else: # # check if email is verified # user = authenticate(request, username=username, password=password) # if user is not None: # try: # email_verified = UserProfile.objects.get(user=user.pk).email_verified # except: # # user has no profile # email_verified = False # if email_verified: # login(request, user) # return HttpResponseRedirect(next) # else: # # email not verified # messages.error(request, "ENVERR", extra_tags="loginError") # return HttpResponseRedirect(next + "?username=" + username) # else: # # invalid credentials # messages.error(request, "IUOPERR", extra_tags="loginError") # return HttpResponseRedirect(next + "?username=" + username) # def logout_user(request): # logout(request) # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # def update_user(request): # user = request.user # if user is not None: # if request.method == "POST": # form = UpdateUserDetailsForm(request.POST, user=user) # if form.is_valid(): # form.save() # messages.success(request, "Profile was successfully updated!") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error( # request, "Unable to update profile! Please try again later." # ) # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "You must be logged in to update your profile!") # return redirect("blog:home") # def delete_user(request): # user = request.user # if user is not None: # if request.method == "POST": # password = request.POST["password"] # if user.check_password(password): # # delete user, all comments, user profile details, and all posts # user.delete() # messages.success(request, "Your account was successfully deleted!") # return redirect("blog:home") # else: # messages.error(request, "Incorrect password!") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "Unable to delete account! Please try again later.") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "You must be logged in to delete your account!") # return redirect("blog:home") # def update_avatar(request): # user = request.user # if user is not None: # if request.method == "POST": # user_profile = UserProfile.objects.get(user=user) # user_profile.avatar_url = request.POST["avatar"] # user_profile.save() # messages.success(request, "Avatar was successfully updated!") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "Unable to update avatar! Please try again later.") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "You must be logged in to update your avatar!") # return redirect("blog:home") # def update_blinkie(request): # user = request.user # if user is not None: # if request.method == "POST": # user_profile = UserProfile.objects.get(user=user) # user_profile.blinkie_url = request.POST["blinkie"] # user_profile.save() # messages.success(request, "Blinkie was successfully updated!") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "Unable to update blinkie! Please try again later.") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "You must be logged in to update your blinkie!") # return redirect("blog:home") # def change_password(request): # username = request.user # old_password = request.POST["oldPassword"] # new_password = request.POST["newPassword"] # confirm_password = request.POST["confirmPassword"] # if username is not None: # user = User.objects.get(username=username) # if user.check_password(old_password): # if new_password == confirm_password: # if len(new_password) < 8: # messages.error( # request, "The new password must be at least 8 characters long!" # ) # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # user.set_password(new_password) # user.save() # update_session_auth_hash(request, user) # messages.success(request, "Password was successfully changed!") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error( # request, "The new password and confirmation password do not match!" # ) # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "Old password is incorrect!") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "Unable to change password! Please try again later.") # return redirect("blog:home") # def send_change_user_email(request): # user = request.user # new_email = request.POST["email"] # if user is not None: # # Check if the new and the old email are the same # if user.email == new_email: # messages.error(request, "New email is the same as the old one!") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # # check if email is already in use # if User.objects.filter(email=new_email).exists(): # messages.error(request, "Email is already in use!") # # Redirect to referrer # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # # Send verification email # subject = "Change your email address" # uid, token = store_token(token_type="changeemail", user=user, email=new_email) # message = render_to_string( # "email_change_verification_email.html", # { # "user": user.username if user.first_name is None else user.first_name, # "site_name": "Shifoo", # "uid": uid, # "token": token, # "protocol": request.scheme + "://", # "domain": request.get_host(), # }, # ) # # message = strip_tags(message) # # send_mail(subject, message, 'That Computer Scientist <' + settings.EMAIL_HOST_USER + '>', [new_email]) # if send_email( # sender="noreply@thatcomputerscientist.com", # sender_name="Shifoo", # recipient=new_email, # subject=subject, # body_html=message, # body_text=message, # ): # messages.success( # request, "Verification email was sent! Please check your email." # ) # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "Unable to change email! Please try again later.") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "Unable to change email! Please try again later.") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # def send_verification_email(request): # # this is a post only view # if request.method == "POST": # username = request.POST.get("username") # subject = "Verify your email address" # user = User.objects.get(username=username) # uid, token = store_token(token_type="verifyemail", user=user, email=user.email) # message = render_to_string( # "verification_email.html", # { # "user": user.username if user.first_name is None else user.first_name, # "site_name": "Shifoo", # "uid": uid, # "token": token, # "protocol": "https://" if request.is_secure() else "http://", # "domain": request.get_host(), # }, # ) # # message = strip_tags(message) # if send_email( # sender="noreply@thatcomputerscientist.com", # sender_name="Shifoo", # recipient=user.email, # subject=subject, # body_html=message, # body_text=message, # ): # messages.success(request, "VESENT", extra_tags="loginError") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "VESENDERR", extra_tags="loginError") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # else: # messages.error(request, "VESENDERR", extra_tags="loginError") # return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # def verify_email(request, mode, uid, token): # token_object = verify_token(mode, uid, token) # redirect_to = ( # reverse("blog:account") + "?tab=email" if mode == "changeemail" else "blog:home" # ) # success_message = ( # "Email was successfully changed!" if mode == "changeemail" else "VESUCCESS" # ) # error_message = "Unable to verify email! Please try again later." # if token_object is not None and token_object.verified: # user = User.objects.get(pk=token_object.user_id) # user.email = token_object.email # user.save() # token_object.delete() # messages.success( # request, # success_message, # extra_tags="loginError" if mode == "verifyemail" else "", # ) # return redirect(redirect_to) # else: # messages.error(request, error_message) # return redirect(redirect_to) # def reset_password(request, uid, token): # mode = "resetpassword" # token_object = verify_token(mode, uid, token) # # Token is not verified yet, but confirmed that it belongs to the user # # Now we send a form for the user to reset their password # if token_object is not None and token_object.verified: # print(token_object.user_id) # # redirect to forgotpassword/reset?uid=uid&token=token # return HttpResponseRedirect( # reverse("blog:resetpassword") # + "?uid=" # + token_object.user_id # + "&token=" # + token # ) # else: # # Token is invalid # messages.error( # request, # "Unable to reset password! Please try again later.", # extra_tags="passwordReset", # ) # return redirect("blog:forgotpassword")