import uuid
|
|
|
|
from django.conf import settings
|
|
from django.contrib.auth import authenticate
|
|
from django.contrib.auth import login as auth_login, logout as auth_logout
|
|
from django.contrib.auth.models import User
|
|
from django.core.urlresolvers import reverse
|
|
from django.http import HttpResponseBadRequest
|
|
from django.shortcuts import redirect, render
|
|
|
|
from hc.accounts.forms import EmailForm
|
|
from hc.api.models import Check
|
|
from hc.lib.emails import send
|
|
|
|
|
|
def _make_user(email):
|
|
username = str(uuid.uuid4())[:30]
|
|
user = User(username=username, email=email)
|
|
user.save()
|
|
|
|
return user
|
|
|
|
|
|
def _associate_demo_check(request, user):
|
|
if "welcome_code" in request.session:
|
|
check = Check.objects.get(code=request.session["welcome_code"])
|
|
|
|
# Only associate demo check if it doesn't have an owner already.
|
|
if check.user is None:
|
|
check.user = user
|
|
check.save()
|
|
del request.session["welcome_code"]
|
|
|
|
|
|
def _send_login_link(user):
|
|
token = str(uuid.uuid4())
|
|
user.set_password(token)
|
|
user.save()
|
|
|
|
login_link = reverse("hc-check-token", args=[user.username, token])
|
|
login_link = settings.SITE_ROOT + login_link
|
|
ctx = {"login_link": login_link}
|
|
|
|
send(user.email, "emails/login", ctx)
|
|
|
|
|
|
def login(request):
|
|
if request.method == 'POST':
|
|
form = EmailForm(request.POST)
|
|
if form.is_valid():
|
|
email = form.cleaned_data["email"]
|
|
try:
|
|
user = User.objects.get(email=email)
|
|
except User.DoesNotExist:
|
|
user = _make_user(email)
|
|
_associate_demo_check(request, user)
|
|
|
|
# We don't want to reset passwords of staff users :-)
|
|
if user.is_staff:
|
|
return HttpResponseBadRequest()
|
|
|
|
_send_login_link(user)
|
|
|
|
return redirect("hc-login-link-sent")
|
|
|
|
else:
|
|
form = EmailForm()
|
|
|
|
ctx = {"form": form}
|
|
return render(request, "accounts/login.html", ctx)
|
|
|
|
|
|
def logout(request):
|
|
auth_logout(request)
|
|
return redirect("hc-index")
|
|
|
|
|
|
def login_link_sent(request):
|
|
return render(request, "accounts/login_link_sent.html")
|
|
|
|
|
|
def check_token(request, username, token):
|
|
user = authenticate(username=username, password=token)
|
|
if user is not None:
|
|
if user.is_active:
|
|
user.set_unusable_password()
|
|
user.save()
|
|
auth_login(request, user)
|
|
return redirect("hc-index")
|
|
|
|
return render(request, "bad_link.html")
|