diff --git a/accounts/forms/change_password.py b/accounts/forms/change_password.py index 35705b0..66d2934 100644 --- a/accounts/forms/change_password.py +++ b/accounts/forms/change_password.py @@ -1,7 +1,10 @@ from django import forms -from ..settings import * +from django.contrib.auth.models import User +from django.contrib.auth import authenticate +from ..status_code import * + class ChangePasswordForm(forms.Form): - username = forms.CharField(label="username", max_length=USERNAME_MAX_SIZE, min_length=USERNAME_MIN_SIZE, required=True) - current_password = forms.CharField(label="current_password", max_length=PASSWORD_MAX_SIZE, min_length=PASSWORD_MIN_SIZE, required=True) - new_password = forms.CharField(label="new_password", max_length=PASSWORD_MAX_SIZE, min_length=PASSWORD_MIN_SIZE, required=True) \ No newline at end of file + new_password = forms.CharField(required=True, error_messages = { + 'required': PASSWORD_MISSING, + }) \ No newline at end of file diff --git a/accounts/forms/delete.py b/accounts/forms/delete.py deleted file mode 100644 index 2ebe431..0000000 --- a/accounts/forms/delete.py +++ /dev/null @@ -1,6 +0,0 @@ -from django import forms -from ..settings import * - -class DeleteForm(forms.Form): - username = forms.CharField(label="username", max_length=USERNAME_MAX_SIZE, min_length=USERNAME_MIN_SIZE, required=True) - password = forms.CharField(label="password", max_length=PASSWORD_MAX_SIZE, min_length=PASSWORD_MIN_SIZE, required=True) \ No newline at end of file diff --git a/accounts/forms/login.py b/accounts/forms/login.py index 21f8568..51d3c88 100644 --- a/accounts/forms/login.py +++ b/accounts/forms/login.py @@ -1,6 +1,15 @@ from django import forms -from ..settings import * +from django.contrib.auth.models import User +from django.contrib.auth import authenticate +from django.db.models.query import QuerySet +from django.core.exceptions import ValidationError +from ..status_code import * + class LoginForm(forms.Form): - username = forms.CharField(label="username", max_length=USERNAME_MAX_SIZE, min_length=USERNAME_MIN_SIZE, required=True) - password = forms.CharField(label="password", max_length=PASSWORD_MAX_SIZE, min_length=PASSWORD_MIN_SIZE, required=True) \ No newline at end of file + username = forms.CharField(required=True, error_messages={ + 'required': USERNAME_MISSING, + }) + password = forms.CharField(required=True, error_messages = { + 'required': PASSWORD_MISSING, + }) \ No newline at end of file diff --git a/accounts/forms/register.py b/accounts/forms/register.py index 16e9fff..d9d6374 100644 --- a/accounts/forms/register.py +++ b/accounts/forms/register.py @@ -1,6 +1,22 @@ -from django import forms -from ..settings import * +from django.forms import ModelForm +from django.contrib.auth.models import User +from ..status_code import * -class RegisterForm(forms.Form): - username = forms.CharField(label="username", max_length=USERNAME_MAX_SIZE, min_length=USERNAME_MIN_SIZE, required=True) - password = forms.CharField(label="password", max_length=PASSWORD_MAX_SIZE, min_length=PASSWORD_MIN_SIZE, required=True) \ No newline at end of file +class RegisterForm(ModelForm): + class Meta: + model = User + fields = ['username', 'password'] + + error_messages = { + 'username': { + 'max_length': USERNAME_TOO_LONG, + 'min_length': USERNAME_TOO_SHORT, + 'required': USERNAME_MISSING, + 'unique': USERNAME_ALREADY_USED, + }, + 'password': { + 'max_length': PASSWORD_TOO_LONG, + 'min_length': PASSWORD_TOO_SHORT, + 'required': PASSWORD_MISSING, + } + } diff --git a/accounts/models.py b/accounts/models.py deleted file mode 100644 index d49766e..0000000 --- a/accounts/models.py +++ /dev/null @@ -1,3 +0,0 @@ -from django.db import models - -# Create your models here. \ No newline at end of file diff --git a/accounts/settings.py b/accounts/settings.py deleted file mode 100644 index 2e72297..0000000 --- a/accounts/settings.py +++ /dev/null @@ -1,4 +0,0 @@ -PASSWORD_MIN_SIZE = 3 -PASSWORD_MAX_SIZE = 128 -USERNAME_MIN_SIZE = 3 -USERNAME_MAX_SIZE = 40 \ No newline at end of file diff --git a/accounts/status_code.py b/accounts/status_code.py index c5d6964..38edf38 100644 --- a/accounts/status_code.py +++ b/accounts/status_code.py @@ -1,9 +1,18 @@ -INVALID_USERNAME: str = "error: username invalid" -INVALID_PASSWORD: str = "error: password invalid" -INVALID_USERNAME_PASSWORD: str = "error: username or password invalid" +USERNAME_TOO_LONG: str = "error: username too long" +USERNAME_TOO_SHORT: str = "error: username too short" +USERNAME_MISSING: str = "error: username is missing" +PASSWORD_TOO_LONG: str = "error: password too long" +PASSWORD_TOO_SHORT: str = "error: password too short" +PASSWORD_MISSING: str = "error: password is missing" USERNAME_ALREADY_USED: str = "error: username already used" +USER_ALREADY_LOGGED: str = "error: user already logged" +USER_INVALID: str = "error: username or password invalid" + USER_ADDED: str = "ok: user added" USER_DELETED: str = "ok: account has been deleted" -USER_VALID: str = "ok: account valid" -PASSWORD_UPDATED: str = "ok: password has been updated" \ No newline at end of file +USER_LOGGED: str = "ok: account valid" +USER_PASSWORD_UPDATED: str = "ok: password has been updated" +USER_LOGOUT: str = "ok: user logout" + +METHOD_INVALID: str = "error: method invalid" \ No newline at end of file diff --git a/accounts/templates/change_password.html b/accounts/templates/change_password.html index dd2240c..bccb030 100644 --- a/accounts/templates/change_password.html +++ b/accounts/templates/change_password.html @@ -1,9 +1,7 @@
{% csrf_token %} - - - + {{form.as_p}}
\ No newline at end of file diff --git a/accounts/templates/login.html b/accounts/templates/login.html index 6445c3e..d11752f 100644 --- a/accounts/templates/login.html +++ b/accounts/templates/login.html @@ -1,7 +1,7 @@
{% csrf_token %} - {{ form }} + {{ form.as_p }}
\ No newline at end of file diff --git a/accounts/templates/register.html b/accounts/templates/register.html index 6445c3e..d11752f 100644 --- a/accounts/templates/register.html +++ b/accounts/templates/register.html @@ -1,7 +1,7 @@
{% csrf_token %} - {{ form }} + {{ form.as_p }}
\ No newline at end of file diff --git a/accounts/tests/change_password.py b/accounts/tests/change_password.py index 0d3263a..757a799 100644 --- a/accounts/tests/change_password.py +++ b/accounts/tests/change_password.py @@ -3,10 +3,11 @@ from django.test import TestCase # Create your tests here. from django.test.client import Client from django.http import HttpResponse +from django.contrib.auth.models import User + import uuid from ..status_code import * -from ..settings import * class ChangePasswordTest(TestCase): def setUp(self): @@ -14,63 +15,19 @@ class ChangePasswordTest(TestCase): self.url = "/api/accounts/change_password" - self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE] - self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE] - self.new_password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE] + self.username: str = str(uuid.uuid4()) + self.password: str = str(uuid.uuid4()) + self.new_password: str = str(uuid.uuid4()) - self.client.post("/api/accounts/register", {"username": self.username, "password": self.password}) + User.objects.create_user(username = self.username, password = self.password) + + def test_normal(self): + self.client.login(username = self.username, password = self.password) + response: HttpResponse = self.client.post(self.url, {"new_password": self.new_password}) + response_text: str = response.content.decode('utf-8') + self.assertEqual(response_text, USER_PASSWORD_UPDATED) - def test_normal_login(self): - response: HttpResponse = self.client.post("/api/accounts/login", {"username": self.username, "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, USER_VALID) - - def test_invalid_username(self): - response: HttpResponse = self.client.post(self.url, {"username": self.password, "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_username(self): - response: HttpResponse = self.client.post(self.url, {"password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_password_no_username(self): - response: HttpResponse = self.client.post(self.url, {}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_no_new_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_new_password_to_short(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password, "new_password": "a" * (PASSWORD_MIN_SIZE - (PASSWORD_MIN_SIZE > 0))}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_new_password_to_long(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password, "new_password": "a" * (PASSWORD_MAX_SIZE + 1)}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_normal_change_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password, "new_password": self.new_password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, PASSWORD_UPDATED) \ No newline at end of file + def test_nologged(self): + response: HttpResponse = self.client.post(self.url, {"new_password": self.new_password}) + response_text: str = response.content.decode('utf-8') + self.assertEqual(response_text, '') \ No newline at end of file diff --git a/accounts/tests/delete.py b/accounts/tests/delete.py index 3c683db..12e7a97 100644 --- a/accounts/tests/delete.py +++ b/accounts/tests/delete.py @@ -3,10 +3,11 @@ from django.test import TestCase # Create your tests here. from django.test.client import Client from django.http import HttpResponse +from django.contrib.auth.models import User + import uuid from ..status_code import * -from ..settings import * class DeleteTest(TestCase): def setUp(self): @@ -14,42 +15,20 @@ class DeleteTest(TestCase): self.url = "/api/accounts/delete" - self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE] - self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE] + self.username: str = str(uuid.uuid4()) + self.password: str = str(uuid.uuid4()) + + user: User = User.objects.create_user(username=self.username, password=self.password) + self.client.login(username=self.username, password=self.password) - self.client.post("/api/accounts/register", {"username": self.username, "password": self.password}) - def test_invalid_username(self): - response: HttpResponse = self.client.post(self.url, {"username": self.password, "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_username(self): - response: HttpResponse = self.client.post(self.url, {"password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_password(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_invalid_no_password_no_username(self): - response: HttpResponse = self.client.post(self.url, {}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - def test_normal_delete(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password}) + response: HttpResponse = self.client.post(self.url) response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, USER_DELETED) \ No newline at end of file + self.assertEqual(response_text, USER_DELETED) + + def test_no_logged(self): + self.client.logout() + response: HttpResponse = self.client.post(self.url) + response_text: str = response.content.decode("utf-8") + self.assertEqual(response_text, '') \ No newline at end of file diff --git a/accounts/tests/login.py b/accounts/tests/login.py index 01892ce..87b6240 100644 --- a/accounts/tests/login.py +++ b/accounts/tests/login.py @@ -2,11 +2,11 @@ from django.test import TestCase # Create your tests here. from django.test.client import Client +from django.contrib.auth.models import User from django.http import HttpResponse import uuid from ..status_code import * -from ..settings import * class LoginTest(TestCase): def setUp(self): @@ -14,37 +14,43 @@ class LoginTest(TestCase): self.url = "/api/accounts/login" - self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE] - self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE] - - self.client.post("/api/accounts/register", {"username": self.username, "password": self.password}) + self.username: str = str(uuid.uuid4()) + self.password: str = str(uuid.uuid4()) + + User.objects.create_user(username=self.username, password=self.password) def test_normal_login(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, USER_VALID) + #User(username=self.username, password=self.password).save() + response: HttpResponse = self.client.post(self.url, {'username': self.username, 'password': self.password}) + response_text = response.content.decode('utf-8') + self.assertEqual(response_text, USER_LOGGED) def test_invalid_username(self): response: HttpResponse = self.client.post(self.url, {"username": self.password, "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) + errors: dict = eval(response.content) + errors_expected: dict = {'user': [USER_INVALID]} + self.assertEqual(errors, errors_expected) def test_invalid_password(self): response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - + errors: dict = eval(response.content) + errors_expected: dict = {'user': [USER_INVALID]} + self.assertEqual(errors, errors_expected) + def test_invalid_no_username(self): response: HttpResponse = self.client.post(self.url, {"password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) + errors: dict = eval(response.content) + errors_expected: dict = {'username': [USERNAME_MISSING]} + self.assertEqual(errors, errors_expected) def test_invalid_no_password(self): response: HttpResponse = self.client.post(self.url, {"username": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) + errors: dict = eval(response.content) + errors_expected: dict = {'password': [PASSWORD_MISSING]} + self.assertEqual(errors, errors_expected) def test_invalid_no_password_no_username(self): response: HttpResponse = self.client.post(self.url, {}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) + errors: dict = eval(response.content) + errors_expected: dict = {'username': [USERNAME_MISSING], 'password': [PASSWORD_MISSING]} + self.assertEqual(errors, errors_expected) diff --git a/accounts/tests/register.py b/accounts/tests/register.py index 26efe81..688a12c 100644 --- a/accounts/tests/register.py +++ b/accounts/tests/register.py @@ -2,11 +2,11 @@ from django.test import TestCase # Create your tests here. from django.test.client import Client +from django.contrib.auth.models import User from django.http import HttpResponse import uuid from ..status_code import * -from ..settings import * class RegisterTest(TestCase): def setUp(self): @@ -14,56 +14,41 @@ class RegisterTest(TestCase): self.url: str = "/api/accounts/register" - self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE] - self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE] + self.username: str = str(uuid.uuid4()) + self.password: str = str(uuid.uuid4()) + + def test_normal_register(self): + response: HttpResponse = self.client.post(self.url, {'username': self.username, 'password': self.password}) + response_text: str = response.content.decode('utf-8') + self.assertEqual(USER_ADDED, response_text) def test_incomplet_form_no_username_no_password(self): response: HttpResponse = self.client.post(self.url) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) + errors: dict = eval(response.content) + errors_expected: dict = {'username': [USERNAME_MISSING], 'password': [PASSWORD_MISSING]} + self.assertEqual(errors, errors_expected) def test_incomplet_form_no_password(self): response: HttpResponse = self.client.post(self.url, {"username": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) + errors: dict = eval(response.content) + errors_expected: dict = {'password': [PASSWORD_MISSING]} + self.assertEqual(errors, errors_expected) def test_incomplet_form_no_username(self): response: HttpResponse = self.client.post(self.url, {"password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, "error: username invalid") + errors: dict = eval(response.content) + errors_expected: dict = {} + self.assertEqual(errors, errors_expected) def test_incomplet_form_no_username(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) + response: HttpResponse = self.client.post(self.url, {"password": self.password}) + errors: dict = eval(response.content) + errors_expected: dict = {'username': [USERNAME_MISSING]} + self.assertEqual(errors, errors_expected) - def test_normal_register(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, USER_ADDED) - - def test_username_too_short(self): - response: HttpResponse = self.client.post(self.url, {"username": "a" * (USERNAME_MIN_SIZE - (USERNAME_MIN_SIZE > 0)), "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_username_too_long(self): - response: HttpResponse = self.client.post(self.url, {"username": "a" * (USERNAME_MAX_SIZE + 1), "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_password_too_short(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": "a" * (PASSWORD_MIN_SIZE - (PASSWORD_MIN_SIZE > 0))}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - - def test_password_too_long(self): - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": "a" * (PASSWORD_MAX_SIZE + 1)}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, INVALID_USERNAME_PASSWORD) - def test_already_registered(self): - self.client.post(self.url, {"username": self.username, "password": self.password}) - response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password}) - response_text: str = response.content.decode("utf-8") - self.assertEqual(response_text, USERNAME_ALREADY_USED) \ No newline at end of file + User(username=self.username, password=self.password).save() + response: HttpResponse = self.client.post(self.url, {'username': self.username, 'password': self.password}) + errors: dict = eval(response.content) + errors_expected: dict = {'username': [USERNAME_ALREADY_USED]} + self.assertEqual(errors, errors_expected) \ No newline at end of file diff --git a/accounts/urls.py b/accounts/urls.py index ffbca49..3f2a5c1 100644 --- a/accounts/urls.py +++ b/accounts/urls.py @@ -1,9 +1,10 @@ from django.urls import path -from .views import login, register, delete, change_password +from .views import login, logout, register, delete, change_password urlpatterns = [ path("login", login.LoginView.as_view(), name="login"), + path("logout", logout.LogoutView.as_view(), name="logout"), path("register", register.RegisterView.as_view(), name="register"), path("delete", delete.DeleteView.as_view(), name="delete"), path("change_password", change_password.ChangePasswordView.as_view(), name="change_password"), diff --git a/accounts/views/change_password.py b/accounts/views/change_password.py index a0e4031..cdc5d9d 100644 --- a/accounts/views/change_password.py +++ b/accounts/views/change_password.py @@ -1,36 +1,29 @@ from django.shortcuts import render from django.views import View -from django.http import HttpResponse, HttpRequest +from django.http import JsonResponse, HttpResponse, HttpRequest from django.contrib.auth.models import User -from django.db.models.query import QuerySet +from django.utils.decorators import method_decorator +from django.contrib.auth.decorators import login_required -from ..status_code import * -from ..settings import * from ..forms.change_password import ChangePasswordForm +from ..status_code import * class ChangePasswordView(View): def get(self, request: HttpRequest): - return render(request, "change_password.html") + return render(request, "change_password.html", ChangePasswordForm) + @method_decorator(login_required, name='dispatch') def post(self, request: HttpRequest): form: ChangePasswordForm = ChangePasswordForm(request.POST) if not form.is_valid(): - return HttpResponse(INVALID_USERNAME_PASSWORD) + return JsonResponse(form.errors) - username: str = form.cleaned_data['username'] - current_password: str = form.cleaned_data['current_password'] new_password: str = form.cleaned_data['new_password'] - query: QuerySet = User.objects.filter(username=username) - if (not query.exists()): - return HttpResponse(INVALID_USERNAME_PASSWORD) - - user: User = User.objects.get(username=username) - if (not user.check_password(current_password)): - return HttpResponse(INVALID_USERNAME_PASSWORD) + user: User = request.user user.set_password(new_password) user.save() - return HttpResponse(PASSWORD_UPDATED) \ No newline at end of file + return HttpResponse(USER_PASSWORD_UPDATED) \ No newline at end of file diff --git a/accounts/views/delete.py b/accounts/views/delete.py index a9d5f5f..0cf4765 100644 --- a/accounts/views/delete.py +++ b/accounts/views/delete.py @@ -1,35 +1,19 @@ from django.shortcuts import render from django.views import View from django.http import HttpResponse, HttpRequest -from django.contrib.auth.models import User -from django.db.models.query import QuerySet +from django.utils.decorators import method_decorator +from django.contrib.auth.decorators import login_required from ..status_code import * -from ..settings import * -from ..forms.delete import DeleteForm class DeleteView(View): - def get(self, request: HttpRequest): - return render(request, "delete.html", {"form": DeleteForm}) + @method_decorator(login_required, name='dispatch') + def get(self, request: HttpRequest): + return HttpResponse(METHOD_INVALID) + + @method_decorator(login_required, name='dispatch') def post(self, request: HttpRequest): - - form: DeleteForm = DeleteForm(request.POST) - if (not form.is_valid()): - return HttpResponse(INVALID_USERNAME_PASSWORD) - - username: str = form.cleaned_data['username'] - password: str = form.cleaned_data['password'] - - query: QuerySet = User.objects.filter(username=username) - if (not query.exists()): - return HttpResponse(INVALID_USERNAME_PASSWORD) - - user: User = User.objects.get(username=username) - if (not user.check_password(password)): - return HttpResponse(INVALID_USERNAME_PASSWORD) - - user.delete() - + request.user.delete() return HttpResponse(USER_DELETED) \ No newline at end of file diff --git a/accounts/views/login.py b/accounts/views/login.py index 27c9f0d..5d7ba82 100644 --- a/accounts/views/login.py +++ b/accounts/views/login.py @@ -1,31 +1,31 @@ from django.shortcuts import render from django.views import View -from django.http import HttpResponse +from django.http import HttpResponse, HttpRequest, JsonResponse from django.contrib.auth.models import User +from django.contrib.auth import authenticate, login +from django.contrib.auth.decorators import login_required from django.db.models.query import QuerySet from ..status_code import * -from ..settings import * from ..forms.login import LoginForm class LoginView(View): - def get(self, request): + + def get(self, request: HttpRequest): + if request.user.is_authenticated: + logout(request) return render(request, "login.html", {"form": LoginForm}) - def post(self, request): + def post(self, request: HttpRequest): + if request.user.is_authenticated: + logout(request) form: LoginForm = LoginForm(request.POST) if not form.is_valid(): - return HttpResponse(INVALID_USERNAME_PASSWORD) + return JsonResponse(form.errors) - username: str = form.cleaned_data["username"] - password: str = form.cleaned_data["password"] + user: User = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password']) + if user is None: + return JsonResponse({'user': [USER_INVALID]}) - query: QuerySet = User.objects.filter(username=username) - if (not query.exists()): - return HttpResponse(INVALID_USERNAME_PASSWORD) - - user: User = User.objects.get(username=username) - if (not user.check_password(password)): - return HttpResponse(INVALID_USERNAME_PASSWORD) - - return HttpResponse(USER_VALID) \ No newline at end of file + login(request, user) + return HttpResponse(USER_LOGGED) \ No newline at end of file diff --git a/accounts/views/logout.py b/accounts/views/logout.py new file mode 100644 index 0000000..ceb8cef --- /dev/null +++ b/accounts/views/logout.py @@ -0,0 +1,15 @@ +from django.shortcuts import render +from django.views import View +from django.http import HttpResponse, HttpRequest +from django.contrib.auth import logout +from django.utils.decorators import method_decorator +from django.contrib.auth.decorators import login_required + +from ..status_code import * + +class LogoutView(View): + + @method_decorator(login_required, name='dispatch') + def get(self, request: HttpRequest): + logout(request) + return HttpResponse(USER_LOGOUT) \ No newline at end of file diff --git a/accounts/views/register.py b/accounts/views/register.py index de4389c..1a5a34b 100644 --- a/accounts/views/register.py +++ b/accounts/views/register.py @@ -1,29 +1,32 @@ from django.shortcuts import render from django.views import View -from django.http import HttpResponse, HttpRequest +from django.http import HttpResponse, HttpRequest, JsonResponse from django.contrib.auth.models import User +from django.contrib.auth import authenticate, login, logout from django.db.models.query import QuerySet +from django.contrib.auth.decorators import user_passes_test from ..status_code import * -from ..settings import * from ..forms.register import RegisterForm + class RegisterView(View): + def get(self, request: HttpRequest): - return render(request, "register.html", {"form": RegisterForm}) + if request.user.is_authenticated: + logout(request) + return render(request, 'register.html', {'form': RegisterForm}) def post(self, request: HttpRequest): + if request.user.is_authenticated: + logout(request) + form: RegisterForm = RegisterForm(request.POST) if not form.is_valid(): - return HttpResponse(INVALID_USERNAME_PASSWORD) + return JsonResponse(form.errors) - username: str = form.cleaned_data["username"] - password: str = form.cleaned_data["password"] + user: User = User.objects.create_user(username=form.cleaned_data['username'], password=form.cleaned_data['password']) - if User.objects.filter(username=username).exists(): - return HttpResponse(USERNAME_ALREADY_USED) - - user: User = User.objects.create_user(username, password=password) - user.save() + login(request, user) return HttpResponse(USER_ADDED) \ No newline at end of file