from django.contrib import messages from django.contrib.auth import authenticate, login, logout, update_session_auth_hash from django.contrib.auth.models import User from django.http import HttpResponse, HttpResponseRedirect from django.shortcuts import redirect, reverse from django.template.loader import render_to_string from django.utils.html import strip_tags from .accountFunctions import store_token, verify_token from .forms import UpdateUserDetailsForm from .mail_send import send_email from .models import UserProfile # Create your views here. def login_user(request): # pass next = request.POST.get("next", "blog:home") username = request.POST["username"] password = request.POST["password"] if username == "" or password == "" or username is None or password is None: # required fields are empty messages.error(request, "RFEERR", extra_tags="loginError") return HttpResponseRedirect(next + "?username=" + username) else: # check if email is verified user = authenticate(request, username=username, password=password) if user is not None: try: email_verified = UserProfile.objects.get(user=user.pk).email_verified except: # user has no profile email_verified = False if email_verified: login(request, user) return HttpResponseRedirect(next) else: # email not verified messages.error(request, "ENVERR", extra_tags="loginError") return HttpResponseRedirect(next + "?username=" + username) else: # invalid credentials messages.error(request, "IUOPERR", extra_tags="loginError") return HttpResponseRedirect(next + "?username=" + username) def logout_user(request): logout(request) return HttpResponseRedirect(request.META.get("HTTP_REFERER")) def update_user(request): user = request.user if user is not None: if request.method == "POST": form = UpdateUserDetailsForm(request.POST, user=user) if form.is_valid(): form.save() messages.success(request, "Profile was successfully updated!") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error( request, "Unable to update profile! Please try again later." ) return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "You must be logged in to update your profile!") return redirect("blog:home") def delete_user(request): user = request.user if user is not None: if request.method == "POST": password = request.POST["password"] if user.check_password(password): # delete user, all comments, user profile details, and all posts user.delete() messages.success(request, "Your account was successfully deleted!") return redirect("blog:home") else: messages.error(request, "Incorrect password!") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "Unable to delete account! Please try again later.") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "You must be logged in to delete your account!") return redirect("blog:home") def update_avatar(request): user = request.user if user is not None: if request.method == "POST": user_profile = UserProfile.objects.get(user=user) user_profile.avatar_url = request.POST["avatar"] user_profile.save() messages.success(request, "Avatar was successfully updated!") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "Unable to update avatar! Please try again later.") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "You must be logged in to update your avatar!") return redirect("blog:home") def update_blinkie(request): user = request.user if user is not None: if request.method == "POST": user_profile = UserProfile.objects.get(user=user) user_profile.blinkie_url = request.POST["blinkie"] user_profile.save() messages.success(request, "Blinkie was successfully updated!") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "Unable to update blinkie! Please try again later.") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "You must be logged in to update your blinkie!") return redirect("blog:home") def change_password(request): username = request.user old_password = request.POST["oldPassword"] new_password = request.POST["newPassword"] confirm_password = request.POST["confirmPassword"] if username is not None: user = User.objects.get(username=username) if user.check_password(old_password): if new_password == confirm_password: if len(new_password) < 8: messages.error( request, "The new password must be at least 8 characters long!" ) return HttpResponseRedirect(request.META.get("HTTP_REFERER")) user.set_password(new_password) user.save() update_session_auth_hash(request, user) messages.success(request, "Password was successfully changed!") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error( request, "The new password and confirmation password do not match!" ) return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "Old password is incorrect!") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "Unable to change password! Please try again later.") return redirect("blog:home") def send_change_user_email(request): user = request.user new_email = request.POST["email"] if user is not None: # Check if the new and the old email are the same if user.email == new_email: messages.error(request, "New email is the same as the old one!") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # check if email is already in use if User.objects.filter(email=new_email).exists(): messages.error(request, "Email is already in use!") # Redirect to referrer return HttpResponseRedirect(request.META.get("HTTP_REFERER")) # Send verification email subject = "Change your email address" uid, token = store_token(token_type="changeemail", user=user, email=new_email) message = render_to_string( "email_change_verification_email.html", { "user": user.username if user.first_name is None else user.first_name, "site_name": "Shifoo", "uid": uid, "token": token, "protocol": request.scheme + "://", "domain": request.get_host(), }, ) # message = strip_tags(message) # send_mail(subject, message, 'That Computer Scientist <' + settings.EMAIL_HOST_USER + '>', [new_email]) if send_email( sender="noreply@thatcomputerscientist.com", sender_name="Shifoo", recipient=new_email, subject=subject, body_html=message, body_text=message, ): messages.success( request, "Verification email was sent! Please check your email." ) return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "Unable to change email! Please try again later.") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "Unable to change email! Please try again later.") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) def send_verification_email(request): # this is a post only view if request.method == "POST": username = request.POST.get("username") subject = "Verify your email address" user = User.objects.get(username=username) uid, token = store_token(token_type="verifyemail", user=user, email=user.email) message = render_to_string( "verification_email.html", { "user": user.username if user.first_name is None else user.first_name, "site_name": "Shifoo", "uid": uid, "token": token, "protocol": "https://" if request.is_secure() else "http://", "domain": request.get_host(), }, ) # message = strip_tags(message) if send_email( sender="noreply@thatcomputerscientist.com", sender_name="Shifoo", recipient=user.email, subject=subject, body_html=message, body_text=message, ): messages.success(request, "VESENT", extra_tags="loginError") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "VESENDERR", extra_tags="loginError") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) else: messages.error(request, "VESENDERR", extra_tags="loginError") return HttpResponseRedirect(request.META.get("HTTP_REFERER")) def verify_email(request, mode, uid, token): token_object = verify_token(mode, uid, token) redirect_to = ( reverse("blog:account") + "?tab=email" if mode == "changeemail" else "blog:home" ) success_message = ( "Email was successfully changed!" if mode == "changeemail" else "VESUCCESS" ) error_message = "Unable to verify email! Please try again later." if token_object is not None and token_object.verified: user = User.objects.get(pk=token_object.user_id) user.email = token_object.email user.save() token_object.delete() messages.success( request, success_message, extra_tags="loginError" if mode == "verifyemail" else "", ) return redirect(redirect_to) else: messages.error(request, error_message) return redirect(redirect_to) def reset_password(request, uid, token): mode = "resetpassword" token_object = verify_token(mode, uid, token) # Token is not verified yet, but confirmed that it belongs to the user # Now we send a form for the user to reset their password if token_object is not None and token_object.verified: print(token_object.user_id) # redirect to forgotpassword/reset?uid=uid&token=token return HttpResponseRedirect( reverse("blog:resetpassword") + "?uid=" + token_object.user_id + "&token=" + token ) else: # Token is invalid messages.error( request, "Unable to reset password! Please try again later.", extra_tags="passwordReset", ) return redirect("blog:forgotpassword")