def logging_in(request):
username = request.POST['username']
password = request.POST['password']
user = auth.authenticate(username=username, password=password)
if user is not None:
if user.is_superuser and user.is_active:
auth.login(request, user)
messages.add_message(request, messages.SUCCESS,
'Awesome! Your login was successful.')
return redirect_to_name('keypairs')
elif not user.is_superuser:
messages.add_message(
request, messages.ERROR,
'Sorry, your account is still awaiting admin approval.')
return redirect_to_name('login')
else:
messages.add_message(
request, messages.ERROR,
'Your account has been marked as inactive. '
'Please contact the admin to activate it.')
return redirect_to_name('login')
else:
messages.add_message(
request, messages.ERROR,
'I don\'t seem to recognize your username-password combination...')
return redirect_to_name('login')
def add_user(request):
username = request.POST['username']
password = request.POST['password']
email = request.POST['email']
## If the user didn't put in all the details...
if(username.strip() == '' or password.strip() == '' or email.strip() == ''):
messages.add_message(request, messages.ERROR, 'All the fields are required.')
return redirect_to_name('signup')
## If the user already has an entry in the database...
byUsername = User.objects.filter(username = username)
byEmailAdd = User.objects.filter(email = email)
if(len(byUsername) > 0 or len(byEmailAdd) > 0):
messages.add_message(request, messages.ERROR, 'Hmm. It looks like you already have an entry in my database...')
return redirect_to_name('signup')
## Insert user into database
user = User.objects.create_user(username=username, password=password, email=email)
## If this is the only user in the database, make this user a staff superuser
if User.objects.count() == 1:
user.is_superuser = True
user.is_staff = True
user.save()
messages.add_message(request, messages.SUCCESS, 'Sign-up successful! You may log in now.')
else:
messages.add_message(request, messages.SUCCESS, 'Your sign up was successful and is now awaiting admin approval.')
return redirect_to_name('login')
def new_keypair(request):
name = request.POST['name']
pin = request.POST['pin']
rfid_uid = request.POST['rfid_uid']
fingerprint_template = request.POST['fingerprint_template']
door_ids = request.POST['doors']
is_error = False
if not is_valid_name(name):
messages.add_message(request, messages.ERROR, 'Name must be unique and not blank.')
is_error = True
if pin and not is_valid_pin(pin):
messages.add_message(request, messages.ERROR, 'PIN must be at least 4 numeric characters.')
is_error = True
if not(rfid_uid or fingerprint_template):
messages.add_message(request, messages.ERROR, 'A fingerprint template OR an RFID card must be entered.')
is_error = True
if is_error:
return redirect_to_name('keypairs')
hashpin = hash_string(pin)
hashrfid = hash_string(rfid_uid)
keypair = Keypair.objects.create(name=name, pin=encrypt(pin), rfid_uid=encrypt(rfid_uid),
hash_pin=hashpin, hash_rfid=hashrfid, fingerprint_template=fingerprint_template, last_edited_by=request.user)
if door_ids:
door_ids = door_ids.split(',')
keypair.doors.add(*door_ids)
messages.add_message(request, messages.SUCCESS, 'Pair addition successful.')
return redirect_to_name('keypairs')
def logout(request):
if request.user.is_authenticated():
auth.logout(request)
messages.add_message(request, messages.SUCCESS, 'Logged out successfully.')
return redirect_to_name('index')
else:
messages.add_message(request, messages.ERROR, "If you're not logged in, how can you log out?")
return redirect_to_name('login')
def logout(request):
if request.user.is_authenticated():
auth.logout(request)
messages.add_message(request, messages.SUCCESS,
'Logged out successfully.')
return redirect_to_name('index')
else:
messages.add_message(request, messages.ERROR,
"If you're not logged in, how can you log out?")
return redirect_to_name('login')
def regenerate_secret_key(request):
old_key = settings.SECRET_KEY
new_key = secret_key.regenerate_secret_key(settings.SECRET_KEY_PATH)
keypairs.reencrypt_keypairs(old_key, new_key)
settings.SECRET_KEY = new_key
messages.add_message(request, messages.SUCCESS, 'Successfully regenerated the secret key.')
return redirect_to_name('index')
def regenerate_secret_key(request):
old_key = settings.SECRET_KEY
new_key = secret_key.regenerate_secret_key(settings.SECRET_KEY_PATH)
keypairs.reencrypt_keypairs(old_key, new_key)
settings.SECRET_KEY = new_key
messages.add_message(request, messages.SUCCESS,
'Successfully regenerated the secret key.')
return redirect_to_name('index')
def login_page(request):
if request.user.is_authenticated():
messages.add_message(
request, messages.ERROR,
'You have already logged in. Kindly log out first to access the login page.'
)
return redirect_to_name('keypairs')
else:
return render(request, 'login.html')
def delete_logs_older_than(request):
days = request.POST['days']
if days.isdigit():
days = int(days)
cursor = connection.cursor()
cursor.execute("DELETE FROM records_log WHERE now() - created_on > INTERVAL '%s days'" % days)
messages.add_message(request, messages.SUCCESS, '%d old logs successfully deleted.' % cursor.rowcount)
else:
messages.add_message(request, messages.ERROR, 'Number of days must be numeric')
return redirect_to_name('logs')
def new_keypair(request):
name = request.POST['name']
pin = request.POST['pin']
rfid_uid = request.POST['rfid_uid']
fingerprint_template = request.POST['fingerprint_template']
door_ids = request.POST['doors']
is_error = False
if not is_valid_name(name):
messages.add_message(request, messages.ERROR,
'Name must be unique and not blank.')
is_error = True
if pin and not is_valid_pin(pin):
messages.add_message(request, messages.ERROR,
'PIN must be at least 4 numeric characters.')
is_error = True
if not (rfid_uid or fingerprint_template):
messages.add_message(
request, messages.ERROR,
'A fingerprint template OR an RFID card must be entered.')
is_error = True
if is_error:
return redirect_to_name('keypairs')
hashpin = hash_string(pin)
hashrfid = hash_string(rfid_uid)
keypair = Keypair.objects.create(name=name,
pin=encrypt(pin),
rfid_uid=encrypt(rfid_uid),
hash_pin=hashpin,
hash_rfid=hashrfid,
fingerprint_template=fingerprint_template,
last_edited_by=request.user)
if door_ids:
door_ids = door_ids.split(',')
keypair.doors.add(*door_ids)
messages.add_message(request, messages.SUCCESS,
'Pair addition successful.')
return redirect_to_name('keypairs')
def logging_in(request):
username = request.POST['username']
password = request.POST['password']
user = auth.authenticate(username=username, password=password)
if user is not None:
if user.is_superuser and user.is_active:
auth.login(request, user)
messages.add_message(request, messages.SUCCESS, 'Awesome! Your login was successful.')
return redirect_to_name('keypairs')
elif not user.is_superuser:
messages.add_message(request, messages.ERROR, 'Sorry, your account is still awaiting admin approval.')
return redirect_to_name('login')
else:
messages.add_message(request, messages.ERROR, 'Your account has been marked as inactive. '
'Please contact the admin to activate it.')
return redirect_to_name('login')
else:
messages.add_message(request, messages.ERROR, 'I don\'t seem to recognize your username-password combination...')
return redirect_to_name('login')
def add_user(request):
username = request.POST['username']
password = request.POST['password']
email = request.POST['email']
## If the user didn't put in all the details...
if (username.strip() == '' or password.strip() == ''
or email.strip() == ''):
messages.add_message(request, messages.ERROR,
'All the fields are required.')
return redirect_to_name('signup')
## If the user already has an entry in the database...
byUsername = User.objects.filter(username=username)
byEmailAdd = User.objects.filter(email=email)
if (len(byUsername) > 0 or len(byEmailAdd) > 0):
messages.add_message(
request, messages.ERROR,
'Hmm. It looks like you already have an entry in my database...')
return redirect_to_name('signup')
## Insert user into database
user = User.objects.create_user(username=username,
password=password,
email=email)
## If this is the only user in the database, make this user a staff superuser
if User.objects.count() == 1:
user.is_superuser = True
user.is_staff = True
user.save()
messages.add_message(request, messages.SUCCESS,
'Sign-up successful! You may log in now.')
else:
messages.add_message(
request, messages.SUCCESS,
'Your sign up was successful and is now awaiting admin approval.')
return redirect_to_name('login')
def delete_logs_older_than(request):
days = request.POST['days']
if days.isdigit():
days = int(days)
cursor = connection.cursor()
cursor.execute(
"DELETE FROM records_log WHERE now() - created_on > INTERVAL '%s days'"
% days)
messages.add_message(
request, messages.SUCCESS,
'%d old logs successfully deleted.' % cursor.rowcount)
else:
messages.add_message(request, messages.ERROR,
'Number of days must be numeric')
return redirect_to_name('logs')
def all_users(request):
if request.user.is_staff:
users = User.objects.all()
return render(request, 'users.html', {'users': users})
else:
return redirect_to_name('index')
def must_be_logged_in(request):
messages.add_message(request, messages.ERROR, 'You must be logged in to access that page.')
return redirect_to_name('login')
def login_page(request):
if request.user.is_authenticated():
messages.add_message(request, messages.ERROR, 'You have already logged in. Kindly log out first to access the login page.')
return redirect_to_name('keypairs')
else:
return render(request, 'login.html')
def must_be_logged_in(request):
messages.add_message(request, messages.ERROR,
'You must be logged in to access that page.')
return redirect_to_name('login')
def options_page(request):
if request.user.is_staff:
options = Option.objects.all()
return render(request, 'options.html', {'options': options})
else:
return redirect_to_name('index')
def options_page(request):
if request.user.is_staff:
options = Option.objects.all()
return render(request, 'options.html', {'options': options})
else:
return redirect_to_name('index')
def all_users(request):
if request.user.is_staff:
users = User.objects.all()
return render(request, 'users.html', {'users': users})
else:
return redirect_to_name('index')
