add: delete and edit accounts page
This commit is contained in:
parent
c2b6dbb989
commit
25f315c24f
@ -1,4 +1,5 @@
|
||||
from .register import *
|
||||
from .login import *
|
||||
from .logout import *
|
||||
from .edit import *
|
||||
from .delete import *
|
@ -21,12 +21,17 @@ class DeleteTest(TestCase):
|
||||
|
||||
|
||||
def test_normal_delete(self):
|
||||
response: HttpResponse = self.client.delete(self.url)
|
||||
response: HttpResponse = self.client.delete(self.url, {"password": self.password}, content_type='application/json')
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, '"user deleted"')
|
||||
|
||||
def test_wrong_pass(self):
|
||||
response: HttpResponse = self.client.delete(self.url, {"password": "cacaman a frapper"}, content_type='application/json')
|
||||
errors: dict = eval(response.content)
|
||||
self.assertDictEqual(errors, {"password": ["Password wrong."]})
|
||||
|
||||
def test_no_logged(self):
|
||||
self.client.logout()
|
||||
response: HttpResponse = self.client.post(self.url)
|
||||
response: HttpResponse = self.client.delete(self.url, {"password": self.password}, content_type='application/json')
|
||||
errors: dict = eval(response.content)
|
||||
self.assertDictEqual(errors, {"detail":"Authentication credentials were not provided."})
|
@ -8,5 +8,12 @@ class DeleteView(APIView):
|
||||
permission_classes = (permissions.IsAuthenticated,)
|
||||
authentication_classes = (SessionAuthentication,)
|
||||
def delete(self, request: HttpRequest):
|
||||
data: dict = request.data
|
||||
|
||||
password: str = data["password"]
|
||||
if (password is None):
|
||||
return Response({"password": ["This field may not be blank."]})
|
||||
if (request.user.check_password(password) == False):
|
||||
return Response({"password": ["Password wrong."]})
|
||||
request.user.delete()
|
||||
return Response("user deleted", status=status.HTTP_200_OK)
|
@ -12,6 +12,9 @@ class EditView(APIView):
|
||||
permission_classes = (permissions.IsAuthenticated,)
|
||||
authentication_classes = (SessionAuthentication,)
|
||||
|
||||
def get(self, request: HttpRequest):
|
||||
return Response({"username": request.user.username})
|
||||
|
||||
def patch(self, request: HttpRequest):
|
||||
data: dict = request.data
|
||||
|
||||
|
59
frontend/static/js/api/account.js
Normal file
59
frontend/static/js/api/account.js
Normal file
@ -0,0 +1,59 @@
|
||||
class Account
|
||||
{
|
||||
constructor (client)
|
||||
{
|
||||
this.client = client;
|
||||
}
|
||||
|
||||
async create(username, password)
|
||||
{
|
||||
let response = await this.client._post("/api/accounts/register", {username: username, password: password});
|
||||
let response_data = await response.json()
|
||||
|
||||
if (response_data == "user created")
|
||||
{
|
||||
this._logged = true;
|
||||
return null;
|
||||
}
|
||||
return response_data
|
||||
}
|
||||
|
||||
async delete(password)
|
||||
{
|
||||
let response = await this.client._delete("/api/accounts/delete", {password: password});
|
||||
let response_data = await response.json();
|
||||
|
||||
if (response_data === "user deleted")
|
||||
this.client._logged = false;
|
||||
return response_data;
|
||||
}
|
||||
|
||||
async get()
|
||||
{
|
||||
let response = await this.client._get("/api/accounts/edit");
|
||||
let response_data = await response.json();
|
||||
|
||||
if (JSON.stringify(response_data) == JSON.stringify({'detail': 'Authentication credentials were not provided.'}))
|
||||
{
|
||||
console.log("error, client is not logged");
|
||||
return null;
|
||||
}
|
||||
return response_data;
|
||||
}
|
||||
|
||||
async update(data, password)
|
||||
{
|
||||
data.password = password;
|
||||
let response = await this.client._patch_json("/api/accounts/edit", data);
|
||||
let response_data = await response.json();
|
||||
|
||||
if (JSON.stringify(response_data) == JSON.stringify({'detail': 'Authentication credentials were not provided.'}))
|
||||
{
|
||||
console.log("error, client is not logged");
|
||||
return null;
|
||||
}
|
||||
return response_data;
|
||||
}
|
||||
}
|
||||
|
||||
export { Account }
|
@ -1,15 +0,0 @@
|
||||
class Accounts
|
||||
{
|
||||
constructor (client)
|
||||
{
|
||||
this.client = client;
|
||||
}
|
||||
|
||||
async create(username, password)
|
||||
{
|
||||
let response = await this.client._post("/api/accounts/register", {username: username, password: password});
|
||||
return response
|
||||
}
|
||||
}
|
||||
|
||||
export { Accounts }
|
@ -1,11 +1,21 @@
|
||||
import { Accounts } from "./accounts.js";
|
||||
import { Account } from "./account.js";
|
||||
|
||||
function getCookie(name)
|
||||
{
|
||||
let cookie = {};
|
||||
document.cookie.split(';').forEach(function(el) {
|
||||
let split = el.split('=');
|
||||
cookie[split[0].trim()] = split.slice(1).join("=");
|
||||
})
|
||||
return cookie[name];
|
||||
}
|
||||
|
||||
class Client
|
||||
{
|
||||
constructor(url)
|
||||
{
|
||||
this._url = url;
|
||||
this.accounts = new Accounts(this);
|
||||
this.account = new Account(this);
|
||||
this._logged = undefined;
|
||||
}
|
||||
|
||||
@ -30,6 +40,33 @@ class Client
|
||||
method: "POST",
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
"X-CSRFToken": getCookie("csrftoken"),
|
||||
},
|
||||
body: JSON.stringify(data),
|
||||
});
|
||||
return response;
|
||||
}
|
||||
|
||||
async _delete(uri, data)
|
||||
{
|
||||
let response = await fetch(this._url + uri, {
|
||||
method: "DELETE",
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
"X-CSRFToken": getCookie("csrftoken"),
|
||||
},
|
||||
body: JSON.stringify(data),
|
||||
});
|
||||
return response;
|
||||
}
|
||||
|
||||
async _patch_json(uri, data)
|
||||
{
|
||||
let response = await fetch(this._url + uri, {
|
||||
method: "PATCH",
|
||||
headers: {
|
||||
"X-CSRFToken": getCookie("csrftoken"),
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
body: JSON.stringify(data),
|
||||
});
|
||||
|
@ -10,6 +10,7 @@ import LogoutView from "./views/accounts/LogoutView.js";
|
||||
|
||||
import { Client } from "./api/client.js";
|
||||
import AbstractRedirectView from "./views/AbstractRedirectView.js";
|
||||
import MeView from "./views/MeView.js";
|
||||
|
||||
let client = new Client(location.protocol + "//" + location.host)
|
||||
|
||||
@ -42,6 +43,7 @@ const router = async (uri = "") => {
|
||||
{ path: "/register", view: RegisterView },
|
||||
{ path: "/chat", view: Chat },
|
||||
{ path: "/home", view: HomeView },
|
||||
{ path: "/me", view: MeView },
|
||||
];
|
||||
|
||||
// Test each route for potential match
|
||||
|
@ -9,6 +9,7 @@ export default class extends AbstractAuthentificateView {
|
||||
async getHtml() {
|
||||
return `
|
||||
<h1>HOME</h1>
|
||||
<a href="/me" class="nav__link" data-link>Me</a>
|
||||
<a href="/logout" class="nav__link" data-link>Logout</a>
|
||||
`;
|
||||
}
|
||||
|
103
frontend/static/js/views/MeView.js
Normal file
103
frontend/static/js/views/MeView.js
Normal file
@ -0,0 +1,103 @@
|
||||
import { client, navigateTo } from "../index.js";
|
||||
import AbstractAuthentificateView from "./AbstractAuthentifiedView.js";
|
||||
|
||||
export default class extends AbstractAuthentificateView
|
||||
{
|
||||
constructor(params)
|
||||
{
|
||||
super(params, "Me");
|
||||
}
|
||||
|
||||
async postInit()
|
||||
{
|
||||
if (this.fill() === null)
|
||||
return;
|
||||
document.getElementById("save-button").onclick = this.save;
|
||||
document.getElementById("delete-button").onclick = this.delete_accounts;
|
||||
}
|
||||
|
||||
async fill()
|
||||
{
|
||||
let data = await client.account.get();
|
||||
|
||||
document.getElementById("username").value = data.username;
|
||||
}
|
||||
|
||||
async delete_accounts()
|
||||
{
|
||||
let current_password = document.getElementById("current_password").value;
|
||||
|
||||
let response_data = await client.account.delete(current_password);
|
||||
|
||||
if (response_data === null)
|
||||
{
|
||||
navigateTo("/login");
|
||||
return;
|
||||
}
|
||||
|
||||
["delete", "current_password"].forEach(error_field => {
|
||||
let error_display = document.getElementById(`error_${error_field}`);
|
||||
if (error_display != null)
|
||||
error_display.innerHTML = "";
|
||||
});
|
||||
|
||||
if (response_data === "user deleted")
|
||||
{
|
||||
document.getElementById(`error_delete`).innerHTML = "OK";
|
||||
navigateTo("/login")
|
||||
return;
|
||||
}
|
||||
|
||||
document.getElementById("error_current_password").innerHTML = response_data["password"]
|
||||
}
|
||||
|
||||
async save()
|
||||
{
|
||||
let username = document.getElementById("username").value;
|
||||
let new_password = document.getElementById("new_password").value;
|
||||
let current_password = document.getElementById("current_password").value;
|
||||
|
||||
let data = {};
|
||||
|
||||
data.username = username;
|
||||
if (new_password.length != 0)
|
||||
data.new_password = new_password;
|
||||
let response_data = await client.account.update(data, current_password);
|
||||
|
||||
if (response_data === null)
|
||||
{
|
||||
navigateTo(super.redirect_url);
|
||||
return;
|
||||
}
|
||||
|
||||
["username", "new_password", "current_password"].forEach(error_field => {
|
||||
let error_display = document.getElementById(`error_${error_field}`);
|
||||
if (error_display != null)
|
||||
error_display.innerHTML = "";
|
||||
});
|
||||
|
||||
Object.keys(response_data).forEach(error_field => {
|
||||
let error_display = document.getElementById(`error_${error_field}`);
|
||||
if (error_display != null)
|
||||
error_display.innerHTML = response_data[error_field];
|
||||
});
|
||||
}
|
||||
|
||||
async getHtml()
|
||||
{
|
||||
return `
|
||||
<h1>ME</h1>
|
||||
<input type=text placeholder="username" id="username">
|
||||
<span id="error_username"></span>
|
||||
<input type=password placeholder="new password" id="new_password">
|
||||
<span id="error_new_password"></span>
|
||||
<input type=password placeholder="current password" id="current_password">
|
||||
<span id="error_current_password"></span>
|
||||
<input type="button" value="Save" id="save-button">
|
||||
<span id="error_save"></span>
|
||||
<input type="button" value="Delete" id="delete-button">
|
||||
<span id="error_delete"></span>
|
||||
<a href="/logout" class="nav__link" data-link>Logout</a>
|
||||
`;
|
||||
}
|
||||
}
|
@ -6,8 +6,14 @@ async function register()
|
||||
let username = document.getElementById("username").value;
|
||||
let password = document.getElementById("password").value;
|
||||
|
||||
let response = await client.accounts.create(username, password);
|
||||
let response_data = await response.json();
|
||||
let response_data = await client.account.create(username, password);
|
||||
|
||||
if (response_data == null)
|
||||
{
|
||||
navigateTo("/home");
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
["username", "user", "password"].forEach(error_field => {
|
||||
let error_display = document.getElementById(`error_${error_field}`);
|
||||
|
@ -25,12 +25,12 @@ SECRET_KEY = 'django-insecure-18!@88-wm-!skec9^n-85n(f$my^#mh3!#@f=_e@=*arh_yyjj
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = True
|
||||
|
||||
CSRF_TRUSTED_ORIGINS = ['https://code.chauvet.pro', 'https://django.chauvet.pro']
|
||||
|
||||
ALLOWED_HOSTS = ["*"]
|
||||
|
||||
CORS_ORIGIN_ALLOW_ALL = False
|
||||
|
||||
CSRF_TRUSTED_ORIGINS = ["https://django.chauvet.pro"]
|
||||
|
||||
CORS_ORIGIN_WHITELIST = (
|
||||
'http://localhost:8000',
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user