|
|
- import uuid
-
- from django.conf import settings
- from django.contrib import messages
- from django.contrib.auth import login as auth_login
- from django.contrib.auth import logout as auth_logout
- from django.contrib.auth import authenticate
- from django.contrib.auth.decorators import login_required
- from django.contrib.auth.models import User
- from django.core import signing
- from django.core.urlresolvers import reverse
- from django.http import HttpResponseBadRequest
- from django.shortcuts import redirect, render
- from hc.accounts.forms import EmailForm, ReportSettingsForm
- from hc.accounts.models import Profile
- from hc.api.models import Channel, Check
- from hc.lib import emails
-
-
- def _make_user(email):
- username = str(uuid.uuid4())[:30]
- user = User(username=username, email=email)
- user.save()
-
- channel = Channel()
- channel.user = user
- channel.kind = "email"
- channel.value = email
- channel.email_verified = True
- channel.save()
-
- return user
-
-
- def _associate_demo_check(request, user):
- if "welcome_code" in request.session:
- check = Check.objects.get(code=request.session["welcome_code"])
-
- # Only associate demo check if it doesn't have an owner already.
- if check.user is None:
- check.user = user
- check.save()
-
- check.assign_all_channels()
-
- del request.session["welcome_code"]
-
-
- def _send_login_link(user):
- token = str(uuid.uuid4())
- user.set_password(token)
- user.save()
-
- login_link = reverse("hc-check-token", args=[user.username, token])
- login_link = settings.SITE_ROOT + login_link
- ctx = {"login_link": login_link}
-
- emails.login(user.email, ctx)
-
-
- def login(request):
- if request.method == 'POST':
- form = EmailForm(request.POST)
- if form.is_valid():
- email = form.cleaned_data["email"]
- try:
- user = User.objects.get(email=email)
- except User.DoesNotExist:
- user = _make_user(email)
- _associate_demo_check(request, user)
-
- # We don't want to reset passwords of staff users :-)
- if user.is_staff:
- return HttpResponseBadRequest()
-
- _send_login_link(user)
-
- return redirect("hc-login-link-sent")
-
- else:
- form = EmailForm()
-
- bad_link = request.session.pop("bad_link", None)
- ctx = {"form": form, "bad_link": bad_link}
- return render(request, "accounts/login.html", ctx)
-
-
- def logout(request):
- auth_logout(request)
- return redirect("hc-index")
-
-
- def login_link_sent(request):
- return render(request, "accounts/login_link_sent.html")
-
-
- def check_token(request, username, token):
- if request.user.is_authenticated() and request.user.username == username:
- # User is already logged in
- return redirect("hc-checks")
-
- user = authenticate(username=username, password=token)
- if user is not None:
- if user.is_active:
- # This should get rid of "welcome_code" in session
- request.session.flush()
-
- user.set_unusable_password()
- user.save()
- auth_login(request, user)
-
- return redirect("hc-checks")
-
- request.session["bad_link"] = True
- return redirect("hc-login")
-
-
- @login_required
- def profile(request):
- profile = Profile.objects.for_user(request.user)
-
- if request.method == "POST":
- form = ReportSettingsForm(request.POST)
- if form.is_valid():
- profile.reports_allowed = form.cleaned_data["reports_allowed"]
- profile.save()
- messages.info(request, "Your settings have been updated!")
-
- ctx = {
- "profile": profile
- }
-
- return render(request, "accounts/profile.html", ctx)
-
-
- def unsubscribe_reports(request, username):
- try:
- signing.Signer().unsign(request.GET.get("token"))
- except signing.BadSignature:
- return HttpResponseBadRequest()
-
- user = User.objects.get(username=username)
- profile = Profile.objects.for_user(user)
- profile.reports_allowed = False
- profile.save()
-
- return render(request, "accounts/unsubscribed.html")
|
