def get(self,
request,
template_name,
url_suffix,
form_data_url_suffix=None,
**kwargs):
super(ObjectUpdate, self).get(request, template_name, url_suffix,
**kwargs)
if form_data_url_suffix:
self.url = self.url + form_data_url_suffix
results = csrf_request(request=request,
url=self.url,
request_type='GET',
is_authenticated=True)
if results.status_code is 200:
try:
objects = results.json()
self.context['form_data'] = objects['form_data']
except Exception as e:
return handle_error(request=request,
error_message=str(e),
status_code=results.status_code)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
return render(request, self.template_name, context=self.context)
def csrf_request(request, url, request_type='POST', api_data={}, headers={}, is_authenticated=False):
# add authorization header to existing headers if is_authenticated == True
if is_authenticated is True:
if 'token' in request.session:
headers['Authorization'] = 'JWT ' + request.session['token']
else:
return handle_error(request=request, error_message='No token found in session',
status_code=ErrorStatus.NOT_AUTHENTICATED)
# add csrf header to existing headers
if request:
headers['HTTP_X_CSRFTOKEN'] = request.COOKIES['csrftoken']
try:
if request_type is 'POST':
return requests.post(url, data=api_data, headers=headers)
elif request_type is 'GET':
return requests.get(url, headers=headers)
elif request_type is 'DELETE':
return requests.delete(url, headers=headers)
elif request_type is 'PUT':
return requests.put(url, data=api_data, headers=headers)
except ConnectionError as e:
return handle_error(request=request, error_message='Connection Error' + str(e),
status_code=ErrorStatus.SERVER_ERROR)
def password_change(request):
template_name = 'accounts/password-change.html'
url = settings.API_BASE_URL + '/accounts/password/change/'
if request.POST:
log.debug("POST dictionary contains :: " + str(request.POST))
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
api_data = {
'new_password1': password1,
'new_password2': password2,
}
results = csrf_request(request=request,
request_type='POST',
url=url,
api_data=api_data,
is_authenticated=True)
log.debug("password change returned :: " + str(results))
if results is not None:
if results.status_code == 200:
return redirect('password-change-done')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return handle_error(request, results.status_code)
else:
return render(request, template_name)
def get(self, request, template_name, url_suffix, form_data_url_suffix, **kwargs):
super(ObjectUpdateRelated, self).get(request)
url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
url = url.format(pk)
results = csrf_request(request=request, url=url, request_type='GET', is_authenticated=True)
if results.status_code is 200:
objects = results.json()
self.context['object'] = objects
url = self.url + form_data_url_suffix
results = csrf_request(request=request, url=url, request_type='GET', is_authenticated=True)
if results.status_code is 200:
try:
objects = results.json()
self.context['form_data'] = objects['form_data']
except Exception as e:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
return render(request, self.template_name, context=self.context)
def login_ui(request):
if request.POST:
username = request.POST.get('username')
password = request.POST.get('password')
# log.debug("Attempting to authenticate :: " + username)
try:
user = authenticate(username=username,
password=password,
request=request)
if user:
if user.is_active:
try:
login(request, user)
# log.debug("Request :: " + str(request.user))
# log.debug("Is authenticated :: " + str(user.is_authenticated()))
return redirect('user-index')
except Exception as e:
return handle_error(
request=request,
status_code=ErrorStatus.NOT_AUTHENTICATED,
error_message="Unable to authenticate " + str(e))
else:
return handle_error(request=request,
status_code=ErrorStatus.NOT_AUTHENTICATED,
error_message="Authentication failure")
except Exception as e:
return handle_error(request=request,
status_code=ErrorStatus.NOT_AUTHENTICATED,
error_message="Unable to authenticate " +
str(e))
else:
return render(request, 'accounts/login.html')
def register(request):
template_name = 'accounts/register.html'
url = settings.API_BASE_URL + '/accounts/register/'
if request.POST:
log.debug("POST dictionary contains :: " + str(request.POST))
email = request.POST.get('email')
password = request.POST.get('password')
api_data = {'username': email, 'email': email, 'password': password}
results = csrf_request(request=request,
request_type='POST',
url=url,
api_data=api_data,
is_authenticated=False)
log.debug("register returned :: " + str(results))
if results is not None:
if results.status_code == 200:
return redirect('login')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return handle_error(request, results.status_code)
else:
return render(request, template_name)
def verify_email(request):
template_name = 'accounts/verify.html'
url = settings.API_BASE_URL + '/accounts/verify-email/'
if request.GET:
key = request.GET.get('key')
api_data = {
'key': key,
}
results = csrf_request(request=request,
request_type='POST',
url=url,
api_data=api_data)
if results is not None:
if results.status_code == 200:
return render(request, template_name)
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return handle_error(request, results.status_code)
else:
return redirect('login')
def register(request):
template_name = 'accounts/register.html'
url = settings.API_BASE_URL + '/accounts/register/'
if request.POST:
log.debug("POST dictionary contains :: " + str(request.POST))
email = request.POST.get('email')
password = request.POST.get('password')
api_data = {'username': email,
'email': email,
'password': password}
results = csrf_request(request=request, request_type='POST', url=url, api_data=api_data, is_authenticated=False)
log.debug("register returned :: " + str(results))
if results is not None:
if results.status_code == 200:
return redirect('login')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return handle_error(request, results.status_code)
else:
return render(request, template_name)
def login_ui(request):
if request.POST:
username = request.POST.get('username')
password = request.POST.get('password')
# log.debug("Attempting to authenticate :: " + username)
try:
user = authenticate(username=username, password=password, request=request)
if user:
if user.is_active:
try:
login(request, user)
# log.debug("Request :: " + str(request.user))
# log.debug("Is authenticated :: " + str(user.is_authenticated()))
return redirect('user-index')
except Exception as e:
return handle_error(request=request, status_code=ErrorStatus.NOT_AUTHENTICATED,
error_message="Unable to authenticate " + str(e))
else:
return handle_error(request=request, status_code=ErrorStatus.NOT_AUTHENTICATED,
error_message="Authentication failure")
except Exception as e:
return handle_error(request=request, status_code=ErrorStatus.NOT_AUTHENTICATED,
error_message="Unable to authenticate " + str(e))
else:
return render(request, 'accounts/login.html')
def post(self,
request,
template_name,
url_suffix,
expected_fields,
related_fields,
redirect_url,
multiple_fields=[],
**kwargs):
super(ObjectCreateRelated, self).post(request, **kwargs)
self.url = self.url + url_suffix
api_data = {}
for field in expected_fields:
# TODO explore validation here
if field in related_fields:
if field in request.POST:
api_data[field] = int(request.POST.get(field))
else:
api_data[field] = None
else:
if field in request.POST:
api_data[field] = request.POST.get(field)
else:
api_data[field] = None
# log.debug(" POST data " + str(request.POST))
for field in multiple_fields:
if field in request.POST:
string_values = request.POST.getlist(field)
int_values = []
for value in string_values:
int_values.append(int(value))
api_data[field] = int_values
api_data = json.dumps(api_data)
headers = {'Content-Type': 'application/json'}
results = csrf_request(request=request,
url=self.url,
request_type='POST',
api_data=api_data,
headers=headers,
is_authenticated=True)
if results.status_code is 201:
objects = results.json()
self.context['object'] = objects
return redirect(redirect_url)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def post(self, request, template_name, url_suffix, expected_fields,
redirect_url, **kwargs):
super(ObjectCreate, self).post(request, **kwargs)
self.url = self.url + url_suffix
api_data = {}
for field in expected_fields:
# TODO explore validation here
api_data[field] = request.POST.get(field)
api_data = json.dumps(api_data)
headers = {'Content-Type': 'application/json'}
results = csrf_request(request=request,
url=self.url,
request_type='POST',
api_data=api_data,
headers=headers,
is_authenticated=True)
if results.status_code is 201:
objects = results.json()
self.context['object'] = objects
return redirect(redirect_url)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def post(self, request, template_name, url_suffix, expected_fields,
redirect_url, **kwargs):
super(ObjectUpdate, self).post(request, **kwargs)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
api_data = {}
for field in expected_fields:
# TODO explore validation here
api_data[field] = request.POST.get(field)
api_data = json.dumps(api_data)
headers = {'Content-Type': 'application/json'}
results = csrf_request(request=request,
url=self.url,
request_type='PUT',
api_data=api_data,
headers=headers,
is_authenticated=True)
if results.status_code is 200:
# TODO might actually want to redirect to the details page here instead of the index
return redirect(redirect_url)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def post(self, request, template_name, url_suffix, expected_fields, redirect_url, **kwargs):
super(ObjectCreate, self).post(request, **kwargs)
self.url = self.url + url_suffix
api_data = {}
for field in expected_fields:
# TODO explore validation here
api_data[field] = request.POST.get(field)
api_data = json.dumps(api_data)
headers = {'Content-Type': 'application/json'}
results = csrf_request(request=request, url=self.url, request_type='POST', api_data=api_data, headers=headers,
is_authenticated=True)
if results.status_code is 201:
objects = results.json()
self.context['object'] = objects
return redirect(redirect_url)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def password_reset_token(request):
reset_template_name = 'accounts/password-reset.html'
url = settings.API_BASE_URL + '/accounts/password/reset/confirm/'
if request.GET:
token = request.GET.get('token')
uid = request.GET.get('uid')
api_data = {
'token': token,
'uid': uid,
}
results = csrf_request(request=request,
request_type='POST',
url=url,
api_data=api_data)
if results is not None:
if results.status_code == 200:
return redirect('password-reset-confirm')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return render(request, reset_template_name)
else:
return redirect('password-reset')
def post(self, request, template_name, url_suffix, expected_fields, redirect_url, **kwargs):
super(ObjectUpdate, self).post(request, **kwargs)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
api_data = {}
for field in expected_fields:
# TODO explore validation here
api_data[field] = request.POST.get(field)
api_data = json.dumps(api_data)
headers = {'Content-Type': 'application/json'}
results = csrf_request(request=request, url=self.url, request_type='PUT', api_data=api_data, headers=headers,
is_authenticated=True)
if results.status_code is 200:
# TODO might actually want to redirect to the details page here instead of the index
return redirect(redirect_url)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def password_reset_confirm(request):
template_name = 'accounts/password-reset-confirm.html'
reset_template_name = 'accounts/password-reset.html'
url = settings.API_BASE_URL + '/accounts/password/reset/confirm/'
if request.POST:
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
api_data = {
'new_password1': password1,
'new_password2': password2,
}
results = csrf_request(request=request,
request_type='POST',
url=url,
api_data=api_data)
if results is not None:
if results.status_code == 200:
return redirect('password-reset-done')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return render(request, reset_template_name)
else:
return render(request, template_name)
def get(self, request, template_name, url_suffix, form_data_url_suffix,
**kwargs):
super(ObjectUpdateRelated, self).get(request)
url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
url = url.format(pk)
results = csrf_request(request=request,
url=url,
request_type='GET',
is_authenticated=True)
if results.status_code is 200:
objects = results.json()
self.context['object'] = objects
url = self.url + form_data_url_suffix
results = csrf_request(request=request,
url=url,
request_type='GET',
is_authenticated=True)
if results.status_code is 200:
try:
objects = results.json()
self.context['form_data'] = objects['form_data']
except Exception as e:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
return render(request, self.template_name, context=self.context)
def verify_email(request):
template_name = 'accounts/verify.html'
url = settings.API_BASE_URL + '/accounts/verify-email/'
if request.GET:
key = request.GET.get('key')
api_data = {'key': key, }
results = csrf_request(request=request, request_type='POST', url=url, api_data=api_data)
if results is not None:
if results.status_code == 200:
return render(request, template_name)
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return handle_error(request, results.status_code)
else:
return redirect('login')
def get(self, request, template_name, url_suffix, form_data_url_suffix=None, **kwargs):
super(ObjectUpdate, self).get(request, template_name, url_suffix, **kwargs)
if form_data_url_suffix:
self.url = self.url + form_data_url_suffix
results = csrf_request(request=request, url=self.url, request_type='GET', is_authenticated=True)
if results.status_code is 200:
try:
objects = results.json()
self.context['form_data'] = objects['form_data']
except Exception as e:
return handle_error(request=request, error_message=str(e),
status_code=results.status_code)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
return render(request, self.template_name, context=self.context)
def password_change(request):
template_name = 'accounts/password-change.html'
url = settings.API_BASE_URL + '/accounts/password/change/'
if request.POST:
log.debug("POST dictionary contains :: " + str(request.POST))
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
api_data = {'new_password1': password1,
'new_password2': password2, }
results = csrf_request(request=request, request_type='POST', url=url, api_data=api_data, is_authenticated=True)
log.debug("password change returned :: " + str(results))
if results is not None:
if results.status_code == 200:
return redirect('password-change-done')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return handle_error(request, results.status_code)
else:
return render(request, template_name)
def post(self, request,
template_name, url_suffix, expected_fields,
related_fields, redirect_url,
multiple_fields=[], **kwargs):
super(ObjectCreateRelated, self).post(request, **kwargs)
self.url = self.url + url_suffix
api_data = {}
for field in expected_fields:
# TODO explore validation here
if field in related_fields:
if field in request.POST:
api_data[field] = int(request.POST.get(field))
else:
api_data[field] = None
else:
if field in request.POST:
api_data[field] = request.POST.get(field)
else:
api_data[field] = None
# log.debug(" POST data " + str(request.POST))
for field in multiple_fields:
if field in request.POST:
string_values = request.POST.getlist(field)
int_values = []
for value in string_values:
int_values.append(int(value))
api_data[field] = int_values
api_data = json.dumps(api_data)
headers = {'Content-Type': 'application/json'}
results = csrf_request(request=request, url=self.url, request_type='POST', api_data=api_data, headers=headers,
is_authenticated=True)
if results.status_code is 201:
objects = results.json()
self.context['object'] = objects
return redirect(redirect_url)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def get(self, request, template_name, url_suffix, **kwargs):
super(ObjectAuthorizeCallback, self).get(request)
self.url = self.url + url_suffix + '{}/'
code = request.GET.get('code')
self.url = self.url.format(code)
results = csrf_request(request=request, url=self.url, request_type='GET', is_authenticated=True)
if results.status_code is 200:
return render(request, self.template_name, context=self.context)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def get(self, request, redirect_url, url_suffix, **kwargs):
super(ObjectDelete, self).get(request)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
results = csrf_request(request=request, url=self.url, request_type='DELETE', is_authenticated=True)
if results.status_code is 204:
return redirect(to=redirect_url)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def get(self, request, template_name, url_suffix):
super(ObjectIndex, self).get(request)
self.url = self.url + url_suffix
results = csrf_request(request=request, url=self.url, request_type='GET', is_authenticated=True)
if results.status_code is 200:
objects = results.json()
self.context['object_list'] = objects['results']
return render(request, self.template_name, context=self.context)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def password_reset(request):
template_name = 'accounts/password-reset.html'
url = settings.API_BASE_URL + '/accounts/password/reset/'
if request.POST:
email = request.POST.get('email')
api_data = {'email': email}
results = csrf_request(request=request, request_type='POST', url=url, api_data=api_data)
if results is not None:
if results.status_code == 200:
return redirect(settings.LOGIN_REDIRECT_URL)
else:
return handle_error(request, results.status_code)
else:
return HttpResponseRedirect('login')
else:
return render(request, template_name)
def get(self, request, template_name, url_suffix, **kwargs):
super(ObjectAuthorize, self).get(request)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
results = csrf_request(request=request, url=self.url, request_type='GET', is_authenticated=True)
if results.status_code is 200:
authorize_url = results.json()['authorize_url']
return redirect(authorize_url)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def get(self, request, redirect_url, url_suffix, **kwargs):
super(ObjectDelete, self).get(request)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
results = csrf_request(request=request,
url=self.url,
request_type='DELETE',
is_authenticated=True)
if results.status_code is 204:
return redirect(to=redirect_url)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def get(self, request, template_name, url_suffix, **kwargs):
super(ObjectAuthorizeCallback, self).get(request)
self.url = self.url + url_suffix + '{}/'
code = request.GET.get('code')
self.url = self.url.format(code)
results = csrf_request(request=request,
url=self.url,
request_type='GET',
is_authenticated=True)
if results.status_code is 200:
return render(request, self.template_name, context=self.context)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def get(self, request, template_name, url_suffix, **kwargs):
super(ObjectDetail, self).get(request)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
results = csrf_request(request=request, url=self.url, request_type='GET', is_authenticated=True)
if results.status_code is 200:
objects = results.json()
self.context['object'] = objects
return render(request, self.template_name, context=self.context)
else:
return handle_error(request=request, error_message=results.text,
status_code=results.status_code)
def get(self, request, template_name, url_suffix):
super(ObjectIndex, self).get(request)
self.url = self.url + url_suffix
results = csrf_request(request=request,
url=self.url,
request_type='GET',
is_authenticated=True)
if results.status_code is 200:
objects = results.json()
self.context['object_list'] = objects['results']
return render(request, self.template_name, context=self.context)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def password_reset(request):
template_name = 'accounts/password-reset.html'
url = settings.API_BASE_URL + '/accounts/password/reset/'
if request.POST:
email = request.POST.get('email')
api_data = {'email': email}
results = csrf_request(request=request,
request_type='POST',
url=url,
api_data=api_data)
if results is not None:
if results.status_code == 200:
return redirect(settings.LOGIN_REDIRECT_URL)
else:
return handle_error(request, results.status_code)
else:
return HttpResponseRedirect('login')
else:
return render(request, template_name)
def password_reset_token(request):
reset_template_name = 'accounts/password-reset.html'
url = settings.API_BASE_URL + '/accounts/password/reset/confirm/'
if request.GET:
token = request.GET.get('token')
uid = request.GET.get('uid')
api_data = {'token': token,
'uid': uid, }
results = csrf_request(request=request, request_type='POST', url=url, api_data=api_data)
if results is not None:
if results.status_code == 200:
return redirect('password-reset-confirm')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return render(request, reset_template_name)
else:
return redirect('password-reset')
def password_reset_confirm(request):
template_name = 'accounts/password-reset-confirm.html'
reset_template_name = 'accounts/password-reset.html'
url = settings.API_BASE_URL + '/accounts/password/reset/confirm/'
if request.POST:
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
api_data = {'new_password1': password1,
'new_password2': password2, }
results = csrf_request(request=request, request_type='POST', url=url, api_data=api_data)
if results is not None:
if results.status_code == 200:
return redirect('password-reset-done')
else:
return handle_error(request, results.status_code)
else:
# TODO is this the right template to send this to?
return render(request, reset_template_name)
else:
return render(request, template_name)
def get(self, request, template_name, url_suffix, **kwargs):
super(ObjectAuthorize, self).get(request)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
results = csrf_request(request=request,
url=self.url,
request_type='GET',
is_authenticated=True)
if results.status_code is 200:
authorize_url = results.json()['authorize_url']
return redirect(authorize_url)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def get(self, request, template_name, url_suffix, **kwargs):
super(ObjectDetail, self).get(request)
self.url = self.url + url_suffix + '{}/'
pk = self.kwargs.get('pk')
self.url = self.url.format(pk)
results = csrf_request(request=request,
url=self.url,
request_type='GET',
is_authenticated=True)
if results.status_code is 200:
objects = results.json()
self.context['object'] = objects
return render(request, self.template_name, context=self.context)
else:
return handle_error(request=request,
error_message=results.text,
status_code=results.status_code)
def refresh_jwt_token(request):
url = settings.API_BASE_URL + '/api-token-refresh/'
headers = {'Content-Type': 'application/json'}
if 'token' in request.session:
data = {'token': request.session['token']}
data = json.dumps(data)
try:
results = requests.post(url, data=data, headers=headers)
if results.status_code is 200:
objects = results.json()
request.session['token'] = objects['token']
else:
log.debug("refresh_jwt_token :: Failed to refresh token :: " + str(results.status_code) + "(" + str(
results.content) + ")")
except ConnectionError as e:
return handle_error(request=request, error_message='Connection Error' + str(e),
status_code=ErrorStatus.SERVER_ERROR)
else:
return redirect('login')
