register: use ModelForm, and print all errors

2023-10-31 21:14:24 +01:00
parent 54cc1b1705
commit a0c0d813b6
20 changed files with 203 additions and 258 deletions
--- a/accounts/views/change_password.py
+++ b/accounts/views/change_password.py
@ -1,36 +1,29 @@
 from django.shortcuts import render
 from django.views import View
-from django.http import HttpResponse, HttpRequest
+from django.http import JsonResponse, HttpResponse, HttpRequest
 from django.contrib.auth.models import User
-from django.db.models.query import QuerySet
+from django.utils.decorators import method_decorator
+from django.contrib.auth.decorators import login_required

-from ..status_code import *
-from ..settings import *
 from ..forms.change_password import ChangePasswordForm
+from ..status_code import *

 class ChangePasswordView(View):
    def get(self, request: HttpRequest):
-        return render(request, "change_password.html")
+        return render(request, "change_password.html", ChangePasswordForm)
    
+    @method_decorator(login_required, name='dispatch') 
    def post(self, request: HttpRequest):

        form: ChangePasswordForm = ChangePasswordForm(request.POST)
        if not form.is_valid():
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
+            return JsonResponse(form.errors)
        
-        username: str = form.cleaned_data['username']
-        current_password: str = form.cleaned_data['current_password']
        new_password: str = form.cleaned_data['new_password']
        
-        query: QuerySet = User.objects.filter(username=username)
-        if (not query.exists()):
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
-        
-        user: User = User.objects.get(username=username)
-        if (not user.check_password(current_password)):
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
+        user: User = request.user
        
        user.set_password(new_password)
        user.save()
        
-        return HttpResponse(PASSWORD_UPDATED)
+        return HttpResponse(USER_PASSWORD_UPDATED)
--- a/accounts/views/delete.py
+++ b/accounts/views/delete.py
@ -1,35 +1,19 @@
 from django.shortcuts import render
 from django.views import View
 from django.http import HttpResponse, HttpRequest
-from django.contrib.auth.models import User
-from django.db.models.query import QuerySet
+from django.utils.decorators import method_decorator
+from django.contrib.auth.decorators import login_required

 from ..status_code import *
-from ..settings import *
-from ..forms.delete import DeleteForm

 class DeleteView(View):
-    def get(self, request: HttpRequest):
-        return render(request, "delete.html", {"form":  DeleteForm})
    
+    @method_decorator(login_required, name='dispatch')
+    def get(self, request: HttpRequest):
+        return HttpResponse(METHOD_INVALID)
+    
+    @method_decorator(login_required, name='dispatch')
    def post(self, request: HttpRequest):
-        
-        form: DeleteForm = DeleteForm(request.POST)
-        if (not form.is_valid()):
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
-        
-        username: str = form.cleaned_data['username']
-        password: str = form.cleaned_data['password']
-        
-        query: QuerySet = User.objects.filter(username=username)
-        if (not query.exists()):
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
-        
-        user: User = User.objects.get(username=username)
-        if (not user.check_password(password)):
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
-        
-        user.delete()
-        
+        request.user.delete()
        return HttpResponse(USER_DELETED)
    
--- a/accounts/views/login.py
+++ b/accounts/views/login.py
@ -1,31 +1,31 @@
 from django.shortcuts import render
 from django.views import View
-from django.http import HttpResponse
+from django.http import HttpResponse, HttpRequest, JsonResponse
 from django.contrib.auth.models import User
+from django.contrib.auth import authenticate, login
+from django.contrib.auth.decorators import login_required
 from django.db.models.query import QuerySet

 from ..status_code import *
-from ..settings import *
 from ..forms.login import LoginForm 

 class LoginView(View):
-    def get(self, request):
+    
+    def get(self, request: HttpRequest):
+        if request.user.is_authenticated:
+            logout(request)
        return render(request, "login.html", {"form": LoginForm})
    
-    def post(self, request):
+    def post(self, request: HttpRequest):
+        if request.user.is_authenticated:
+            logout(request)
        form: LoginForm = LoginForm(request.POST)
        if not form.is_valid():
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
+            return JsonResponse(form.errors)
        
-        username: str = form.cleaned_data["username"]
-        password: str = form.cleaned_data["password"]
+        user: User = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
+        if user is None:
+            return JsonResponse({'user': [USER_INVALID]})
        
-        query: QuerySet = User.objects.filter(username=username)
-        if (not query.exists()):
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
-        
-        user: User = User.objects.get(username=username)
-        if (not user.check_password(password)):
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
-        
-        return HttpResponse(USER_VALID)
+        login(request, user)
+        return HttpResponse(USER_LOGGED)
--- a/accounts/views/logout.py
+++ b/accounts/views/logout.py
@ -0,0 +1,15 @@
+from django.shortcuts import render
+from django.views import View
+from django.http import HttpResponse, HttpRequest
+from django.contrib.auth import logout
+from django.utils.decorators import method_decorator
+from django.contrib.auth.decorators import login_required
+
+from ..status_code import *
+
+class LogoutView(View):
+
+    @method_decorator(login_required, name='dispatch')   
+    def get(self, request: HttpRequest):
+        logout(request)
+        return HttpResponse(USER_LOGOUT)
--- a/accounts/views/register.py
+++ b/accounts/views/register.py
@ -1,29 +1,32 @@
 from django.shortcuts import render
 from django.views import View
-from django.http import HttpResponse, HttpRequest
+from django.http import HttpResponse, HttpRequest, JsonResponse
 from django.contrib.auth.models import User
+from django.contrib.auth import authenticate, login, logout
 from django.db.models.query import QuerySet
+from django.contrib.auth.decorators import user_passes_test

 from ..status_code import *
-from ..settings import *
 from ..forms.register import RegisterForm

+
 class RegisterView(View):
+    
    def get(self, request: HttpRequest):
-        return render(request, "register.html", {"form": RegisterForm}) 
+        if request.user.is_authenticated:
+            logout(request)
+        return render(request, 'register.html', {'form': RegisterForm})

    def post(self, request: HttpRequest):
+        if request.user.is_authenticated:
+            logout(request)
+
        form: RegisterForm = RegisterForm(request.POST)
        if not form.is_valid():
-            return HttpResponse(INVALID_USERNAME_PASSWORD)
+            return JsonResponse(form.errors)
        
-        username: str = form.cleaned_data["username"]
-        password: str = form.cleaned_data["password"]
+        user: User = User.objects.create_user(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
        
-        if User.objects.filter(username=username).exists():
-            return HttpResponse(USERNAME_ALREADY_USED)
-        
-        user: User = User.objects.create_user(username, password=password)
-        user.save()
+        login(request, user)
        
        return HttpResponse(USER_ADDED)