users/views.py

from .context import context_adaption
from django.shortcuts import render, redirect
from django.conf import settings
from django.contrib import messages
from django.contrib.auth import authenticate
from django.contrib.auth import login as django_login
from django.contrib.auth import logout as django_logout
from django.contrib.auth.decorators import login_required
from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth.models import User
from django.utils.encoding import force_str
from django.utils.http import urlsafe_base64_decode
from django.utils.translation import gettext as _
from .forms import UserRegistrationForm, UserProfileForm, UserActivationForm
import logging
from .models import get_userprofile
from themes import Context
from . tokens import generate_token
import users
from users import emails
from users import parameter

logger = logging.getLogger(settings.ROOT_LOGGER_NAME).getChild(__name__)


def password_recovery(request):
    messages.error(request, "Password recovery is not yet implemented!")
    return redirect(request.GET.get('next') or '/')


def profile_post_actions(request, context):
    if request.POST:
        form = context.get('form_userprofile')
        if form.is_valid():
            form.save()
        return redirect(request.GET.get('next') or '/')


def profile_pre_actions(request, context, form_to_be_used=UserProfileForm):
    profile = get_userprofile(request.user)
    if request.POST:
        form = form_to_be_used(request.POST, instance=profile)
    else:
        form = form_to_be_used(instance=profile)
    context['form_userprofile'] = form


@login_required
def profile(request):
    context = Context(request)      # needs to be executed first because of time mesurement
    profile_pre_actions(request, context)
    response = profile_post_actions(request, context)
    if response is not None:
        return response
    else:
        context_adaption(
            context,
            request,
            _('Profile for %(username)s') % {'username': request.user.username},
        )
        return render(request, 'users/profile.html', context=context)


def register(request):
    context = Context(request)      # needs to be executed first because of time mesurement
    if parameter.get(parameter.USERS_SELF_REGISTRATION):
        context_adaption(context, request, _('Register'))
        if not request.POST:
            form = UserRegistrationForm()
            messages.info(request, _('If you already have an account, login <a href="%(url)s">here</a>.') % {'url': users.url_login(request)})
        else:
            form = UserRegistrationForm(request.POST)
            if form.is_valid():
                # Deactivate the user, if validation or activation is required
                if parameter.get(parameter.USERS_MAIL_VALIDATION) or parameter.get(parameter.USERS_ADMIN_ACTIVATION):
                    form.instance.is_active = False
                form.save()
                # Send welcome message
                emails.send_welcome_mail(form.instance)
                if parameter.get(parameter.USERS_MAIL_VALIDATION):
                    emails.send_validation_mail(form.instance, request)
                # Add success message
                messages.success(request, parameter.registration_flow_description(form.cleaned_data.get('username')))
                return redirect('users-login')
            else:
                messages.error(request, _('Registration failed!'))
        context['form'] = form
        return render(request, 'users/register.html', context)
    else:
        messages.info(request, _("Self registration is deactivated. Contact your system administrator."))
        return redirect('users-login')


def login(request):
    context = Context(request)      # needs to be executed first because of time mesurement
    context_adaption(context, request, _('Login'))
    if not request.POST:
        form = AuthenticationForm()
        if parameter.get(parameter.USERS_SELF_REGISTRATION):
            messages.info(request, _('If you don\'t have an acount, register <a href="%(url)s">here</a>.') % {'url': users.url_register(request)})
    else:
        form = AuthenticationForm(request, data=request.POST)
        if form.is_valid():
            username = form.cleaned_data.get('username')
            user = authenticate(username=username, password=form.cleaned_data.get('password'))
            django_login(request, user)
            messages.success(request, _('You are now logged in as %(username)s.') % {'username': username})
            return redirect(request.GET.get('next') or '/')
        else:
            username = form.cleaned_data.get('username')
            user = User.objects.get(username=username)
            if user.is_active:
                if parameter.get(parameter.USERS_SELF_REGISTRATION):
                    messages.error(request, _('Login failed! You can do a password recorvery <a href="%(url_recover)s">here</a> or you can register <a href="%(url_register)s">here</a>.') %
                                   {'url_register': users.url_register(request), 'url_recover': users.url_password_recovery(request)})
                else:
                    messages.error(request, _('Login failed! You can do a password recorvery <a href="%(url_recover)s">here</a>.') %
                                   {'url_recover': users.url_password_recovery(request)})
            else:
                messages.info(request, _("The account is deactivated. Confirm your email adress and wait for the administrator to activate your account."))

    context['form'] = form
    return render(request, 'users/login.html', context)


def logout(request):
    messages.success(request, _('You are no longer logged in as %(username)s.') % {'username': request.user.username})
    session_cache = {}
    try:
        for variable in settings.PERSISTENT_SESSION_VARIABLES:
            value = request.session.get(variable)
            if value is not None:
                session_cache[variable] = value
    except AttributeError:
        pass    # PERSISTENT_SESSION_VARIABLES are possibly not defined in the settings
    django_logout(request)
    for variable in session_cache:
        request.session[variable] = session_cache[variable]
    return redirect(request.GET.get('next') or '/')


def validate(request, uidb64, token):
    context = Context(request)      # needs to be executed first because of time mesurement
    try:
        uid = force_str(urlsafe_base64_decode(uidb64))
    except (TypeError, ValueError, OverflowError, User.DoesNotExist):
        uid = None
        myuser = None
    else:
        try:
            myuser = User.objects.get(pk=uid)
        except User.DoesNotExist:
            myuser = None

    if myuser is not None and generate_token.check_token(myuser, token):
        # Store mail validation to user profile
        profile = get_userprofile(myuser)
        profile.mail_validated = True
        profile.save()
        if not parameter.get(parameter.USERS_ADMIN_ACTIVATION):
            # Activate user
            myuser.is_active = True
            myuser.save()
            messages.success(request, _("Your Account has been activated."))
            return redirect('users-login')
        else:
            emails.send_activation_mail(myuser, request)
            messages.success(request, _("Your Email has been validated. Wait for the administrator to activate your account"))
            return redirect("/")
    else:
        context_adaption(
            context,
            request,
            _('Validation failed'),
        )
        messages.info(request, _("Vaildation failed. The system administrator will be informed."))
        emails.send_validation_failed(uid, token)
        return redirect("/")


@login_required
def activate(request, pk):
    context = Context(request)      # needs to be executed first because of time mesurement
    if not request.POST:
        if request.user.is_superuser:
            user_to_be_activated = User.objects.get(pk=pk)
            if not user_to_be_activated.is_active:
                user_to_be_activated.is_active = True
                form = UserActivationForm(instance=user_to_be_activated)
                context_adaption(
                    context,
                    request,
                    _('Activation of user: %s') % f"{user_to_be_activated.username} - {user_to_be_activated.email}",
                    form=form,
                )
                return render(request, 'users/activate.html', context)
            else:
                messages.error(request, _("The user %s is already active.") % user_to_be_activated.username)
        else:
            messages.error(request, _("You are no administrator. Log in as administrator and try again!"))
    else:
        submit = request.POST.get("submit")
        delete = request.POST.get("delete")
        user_to_be_activated = User.objects.get(pk=pk)
        if submit:
            form = UserActivationForm(request.POST, instance=user_to_be_activated)
            if form.is_valid():
                form.save()
                messages.info(request, _("User permissions changed."))
            else:
                messages.error(request, _("Error while processing user change form"))
        if delete:
            user_to_be_activated.delete()
            messages.info(request, _("User deleted."))
    return redirect("/")
Initial users implementation 2020-01-26 20:47:33 +01:00			`from .context import context_adaption`
			`from django.shortcuts import render, redirect`
			`from django.conf import settings`
			`from django.contrib import messages`
			`from django.contrib.auth import authenticate`
			`from django.contrib.auth import login as django_login`
			`from django.contrib.auth import logout as django_logout`
			`from django.contrib.auth.decorators import login_required`
			`from django.contrib.auth.forms import AuthenticationForm`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`from django.contrib.auth.models import User`
			`from django.utils.encoding import force_str`
			`from django.utils.http import urlsafe_base64_decode`
Initial users implementation 2020-01-26 20:47:33 +01:00			`from django.utils.translation import gettext as _`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`from .forms import UserRegistrationForm, UserProfileForm, UserActivationForm`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`import logging`
Initial users implementation 2020-01-26 20:47:33 +01:00			`from .models import get_userprofile`
			`from themes import Context`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`from . tokens import generate_token`
Initial users implementation 2020-01-26 20:47:33 +01:00			`import users`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`from users import emails`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`from users import parameter`

Logger creation simplified 2024-10-08 22:31:19 +02:00			`logger = logging.getLogger(settings.ROOT_LOGGER_NAME).getChild(__name__)`
Initial users implementation 2020-01-26 20:47:33 +01:00

			`def password_recovery(request):`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`messages.error(request, "Password recovery is not yet implemented!")`
Initial users implementation 2020-01-26 20:47:33 +01:00			`return redirect(request.GET.get('next') or '/')`


			`def profile_post_actions(request, context):`
			`if request.POST:`
			`form = context.get('form_userprofile')`
			`if form.is_valid():`
			`form.save()`
			`return redirect(request.GET.get('next') or '/')`


			`def profile_pre_actions(request, context, form_to_be_used=UserProfileForm):`
			`profile = get_userprofile(request.user)`
			`if request.POST:`
			`form = form_to_be_used(request.POST, instance=profile)`
			`else:`
			`form = form_to_be_used(instance=profile)`
			`context['form_userprofile'] = form`


			`@login_required`
			`def profile(request):`
			`context = Context(request) # needs to be executed first because of time mesurement`
			`profile_pre_actions(request, context)`
			`response = profile_post_actions(request, context)`
			`if response is not None:`
			`return response`
			`else:`
			`context_adaption(`
			`context,`
			`request,`
			`_('Profile for %(username)s') % {'username': request.user.username},`
			`)`
			`return render(request, 'users/profile.html', context=context)`


			`def register(request):`
			`context = Context(request) # needs to be executed first because of time mesurement`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`if parameter.get(parameter.USERS_SELF_REGISTRATION):`
			`context_adaption(context, request, _('Register'))`
			`if not request.POST:`
			`form = UserRegistrationForm()`
			`messages.info(request, _('If you already have an account, login <a href="%(url)s">here</a>.') % {'url': users.url_login(request)})`
Initial users implementation 2020-01-26 20:47:33 +01:00			`else:`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`form = UserRegistrationForm(request.POST)`
			`if form.is_valid():`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`# Deactivate the user, if validation or activation is required`
			`if parameter.get(parameter.USERS_MAIL_VALIDATION) or parameter.get(parameter.USERS_ADMIN_ACTIVATION):`
			`form.instance.is_active = False`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`form.save()`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`# Send welcome message`
			`emails.send_welcome_mail(form.instance)`
			`if parameter.get(parameter.USERS_MAIL_VALIDATION):`
			`emails.send_validation_mail(form.instance, request)`
			`# Add success message`
			`messages.success(request, parameter.registration_flow_description(form.cleaned_data.get('username')))`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`return redirect('users-login')`
			`else:`
			`messages.error(request, _('Registration failed!'))`
			`context['form'] = form`
			`return render(request, 'users/register.html', context)`
			`else:`
			`messages.info(request, _("Self registration is deactivated. Contact your system administrator."))`
			`return redirect('users-login')`
Initial users implementation 2020-01-26 20:47:33 +01:00

			`def login(request):`
			`context = Context(request) # needs to be executed first because of time mesurement`
			`context_adaption(context, request, _('Login'))`
			`if not request.POST:`
			`form = AuthenticationForm()`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`if parameter.get(parameter.USERS_SELF_REGISTRATION):`
			`messages.info(request, _('If you don\'t have an acount, register <a href="%(url)s">here</a>.') % {'url': users.url_register(request)})`
Initial users implementation 2020-01-26 20:47:33 +01:00			`else:`
			`form = AuthenticationForm(request, data=request.POST)`
			`if form.is_valid():`
			`username = form.cleaned_data.get('username')`
			`user = authenticate(username=username, password=form.cleaned_data.get('password'))`
			`django_login(request, user)`
			`messages.success(request, _('You are now logged in as %(username)s.') % {'username': username})`
			`return redirect(request.GET.get('next') or '/')`
			`else:`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`username = form.cleaned_data.get('username')`
			`user = User.objects.get(username=username)`
			`if user.is_active:`
			`if parameter.get(parameter.USERS_SELF_REGISTRATION):`
			`messages.error(request, _('Login failed! You can do a password recorvery <a href="%(url_recover)s">here</a> or you can register <a href="%(url_register)s">here</a>.') %`
			`{'url_register': users.url_register(request), 'url_recover': users.url_password_recovery(request)})`
			`else:`
			`messages.error(request, _('Login failed! You can do a password recorvery <a href="%(url_recover)s">here</a>.') %`
			`{'url_recover': users.url_password_recovery(request)})`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00			`else:`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00			`messages.info(request, _("The account is deactivated. Confirm your email adress and wait for the administrator to activate your account."))`
Parameter added, first parameter is USERS_SELF_REGISTRATION 2024-10-08 07:32:13 +02:00
Initial users implementation 2020-01-26 20:47:33 +01:00			`context['form'] = form`
			`return render(request, 'users/login.html', context)`


			`def logout(request):`
			`messages.success(request, _('You are no longer logged in as %(username)s.') % {'username': request.user.username})`
			`session_cache = {}`
			`try:`
			`for variable in settings.PERSISTENT_SESSION_VARIABLES:`
			`value = request.session.get(variable)`
			`if value is not None:`
			`session_cache[variable] = value`
			`except AttributeError:`
			`pass # PERSISTENT_SESSION_VARIABLES are possibly not defined in the settings`
			`django_logout(request)`
			`for variable in session_cache:`
			`request.session[variable] = session_cache[variable]`
			`return redirect(request.GET.get('next') or '/')`
Self registration with mail validation and admin activation implemented 2024-10-26 20:04:32 +02:00

			`def validate(request, uidb64, token):`
			`context = Context(request) # needs to be executed first because of time mesurement`
			`try:`
			`uid = force_str(urlsafe_base64_decode(uidb64))`
			`except (TypeError, ValueError, OverflowError, User.DoesNotExist):`
			`uid = None`
			`myuser = None`
			`else:`
			`try:`
			`myuser = User.objects.get(pk=uid)`
			`except User.DoesNotExist:`
			`myuser = None`

			`if myuser is not None and generate_token.check_token(myuser, token):`
			`# Store mail validation to user profile`
			`profile = get_userprofile(myuser)`
			`profile.mail_validated = True`
			`profile.save()`
			`if not parameter.get(parameter.USERS_ADMIN_ACTIVATION):`
			`# Activate user`
			`myuser.is_active = True`
			`myuser.save()`
			`messages.success(request, _("Your Account has been activated."))`
			`return redirect('users-login')`
			`else:`
			`emails.send_activation_mail(myuser, request)`
			`messages.success(request, _("Your Email has been validated. Wait for the administrator to activate your account"))`
			`return redirect("/")`
			`else:`
			`context_adaption(`
			`context,`
			`request,`
			`_('Validation failed'),`
			`)`
			`messages.info(request, _("Vaildation failed. The system administrator will be informed."))`
			`emails.send_validation_failed(uid, token)`
			`return redirect("/")`


			`@login_required`
			`def activate(request, pk):`
			`context = Context(request) # needs to be executed first because of time mesurement`
			`if not request.POST:`
			`if request.user.is_superuser:`
			`user_to_be_activated = User.objects.get(pk=pk)`
			`if not user_to_be_activated.is_active:`
			`user_to_be_activated.is_active = True`
			`form = UserActivationForm(instance=user_to_be_activated)`
			`context_adaption(`
			`context,`
			`request,`
			`_('Activation of user: %s') % f"{user_to_be_activated.username} - {user_to_be_activated.email}",`
			`form=form,`
			`)`
			`return render(request, 'users/activate.html', context)`
			`else:`
			`messages.error(request, _("The user %s is already active.") % user_to_be_activated.username)`
			`else:`
			`messages.error(request, _("You are no administrator. Log in as administrator and try again!"))`
			`else:`
			`submit = request.POST.get("submit")`
			`delete = request.POST.get("delete")`
			`user_to_be_activated = User.objects.get(pk=pk)`
			`if submit:`
			`form = UserActivationForm(request.POST, instance=user_to_be_activated)`
			`if form.is_valid():`
			`form.save()`
			`messages.info(request, _("User permissions changed."))`
			`else:`
			`messages.error(request, _("Error while processing user change form"))`
			`if delete:`
			`user_to_be_activated.delete()`
			`messages.info(request, _("User deleted."))`
			`return redirect("/")`