diff --git a/frontend/static/js/views/accounts/LoginView.js b/frontend/static/js/views/accounts/LoginView.js
index 133a000..6c81dc6 100644
--- a/frontend/static/js/views/accounts/LoginView.js
+++ b/frontend/static/js/views/accounts/LoginView.js
@@ -1,10 +1,11 @@
import { client, navigateTo } from "../../index.js";
+import { clear, fill_errors } from "../../utils/formUtils.js";
import AbstractNonAuthentifiedView from "../AbstractNonAuthentified.js";
async function login()
{
- let username = document.getElementById("username").value;
- let password = document.getElementById("password").value;
+ let username = document.getElementById("username-input").value;
+ let password = document.getElementById("password-input").value;
let response_data = await client.login(username, password);
@@ -14,17 +15,8 @@ async function login()
return;
}
- ["username", "user", "password"].forEach(error_field => {
- let error_display = document.getElementById(`error_${error_field}`);
- if (error_display != null)
- error_display.innerHTML = "";
- });
-
- Object.keys(response_data).forEach(error_field => {
- let error_display = document.getElementById(`error_${error_field}`);
- if (error_display != null)
- error_display.innerHTML = response_data[error_field];
- });
+ clear("innerHTML", ["username", "user", "password"]);
+ fill_errors(response_data, "innerHTML");
}
export default class extends AbstractNonAuthentifiedView {
@@ -34,7 +26,7 @@ export default class extends AbstractNonAuthentifiedView {
async postInit()
{
- document.getElementById("button").onclick = login;
+ document.getElementById("login-button").onclick = login;
}
async getHtml() {
@@ -42,12 +34,12 @@ export default class extends AbstractNonAuthentifiedView {
`;
diff --git a/frontend/static/js/views/accounts/RegisterView.js b/frontend/static/js/views/accounts/RegisterView.js
index f4e212c..7f52a7d 100644
--- a/frontend/static/js/views/accounts/RegisterView.js
+++ b/frontend/static/js/views/accounts/RegisterView.js
@@ -14,17 +14,8 @@ async function register()
return;
}
- ["username", "user", "password"].forEach(error_field => {
- let error_display = document.getElementById(`error_${error_field}`);
- if (error_display != null)
- error_display.innerHTML = "";
- });
-
- Object.keys(response_data).forEach(error_field => {
- let error_display = document.getElementById(`error_${error_field}`);
- if (error_display != null)
- error_display.innerHTML = response_data[error_field];
- });
+ clear("innerHTML", ["username", "user", "password"]);
+ fill_errors(response_data, "innerHTML");
}
export default class extends AbstractNonAuthentifiedView {
@@ -34,7 +25,7 @@ export default class extends AbstractNonAuthentifiedView {
async postInit()
{
- document.getElementById("button").onclick = register;
+ document.getElementById("register-button").onclick = register;
}
async getHtml() {
@@ -42,12 +33,12 @@ export default class extends AbstractNonAuthentifiedView {
`;
diff --git a/profiles/viewsets.py b/profiles/viewsets.py
index 74e9be8..ecf1cd9 100644
--- a/profiles/viewsets.py
+++ b/profiles/viewsets.py
@@ -3,6 +3,7 @@ from rest_framework.parsers import MultiPartParser, FormParser
from rest_framework import permissions, status
from rest_framework import viewsets
from rest_framework.response import Response
+from rest_framework.authentication import SessionAuthentication
from django.http import HttpRequest
from django.db.models import QuerySet
@@ -33,6 +34,8 @@ class ProfileViewSet(viewsets.ModelViewSet):
class MyProfileViewSet(viewsets.ModelViewSet):
+ permission_classes = (permissions.IsAuthenticated,)
+ authentication_classes = (SessionAuthentication,)
serializer_class = ProfileSerializer
queryset = ProfileModel.objects.all