def test_create_admin_post(self): """there are so many views, this just makes sure it LOADS""" self.site.name = "hello" self.site.save() self.assertFalse(self.site.allow_registration) self.assertTrue(self.site.require_confirm_email) self.assertTrue(self.site.install_mode) view = views.CreateAdmin.as_view() form = forms.RegisterForm() form.data["localname"] = "mouse" form.data["password"] = "******" form.data["email"] = "*****@*****.**" request = self.factory.post("", form.data) with patch("bookwyrm.views.setup.login") as mock: view(request) self.assertTrue(mock.called) self.site.refresh_from_db() self.assertFalse(self.site.install_mode) user = models.User.objects.get() self.assertTrue(user.is_active) self.assertTrue(user.is_superuser) self.assertTrue(user.is_staff) self.assertTrue(user.shelf_set.exists())
def post(self, request): """authentication action""" if request.user.is_authenticated: return redirect("/") login_form = forms.LoginForm(request.POST) localname = login_form.data["localname"] if "@" in localname: # looks like an email address to me email = localname try: username = models.User.objects.get(email=email) except models.User.DoesNotExist: # maybe it's a full username? username = localname else: username = "******" % (localname, DOMAIN) password = login_form.data["password"] user = authenticate(request, username=username, password=password) if user is not None: # successful login login(request, user) user.last_active_date = timezone.now() user.save(broadcast=False) return redirect(request.GET.get("next", "/")) # login errors login_form.non_field_errors = "Username or password are incorrect" register_form = forms.RegisterForm() data = {"login_form": login_form, "register_form": register_form} return TemplateResponse(request, "login.html", data)
def post(self, request): ''' authentication action ''' login_form = forms.LoginForm(request.POST) localname = login_form.data['localname'] if '@' in localname: # looks like an email address to me email = localname try: username = models.User.objects.get(email=email) except models.User.DoesNotExist: # maybe it's a full username? username = localname else: username = '******' % (localname, DOMAIN) password = login_form.data['password'] user = authenticate(request, username=username, password=password) if user is not None: # successful login login(request, user) user.last_active_date = timezone.now() user.save(broadcast=False) return redirect(request.GET.get('next', '/')) # login errors login_form.non_field_errors = 'Username or password are incorrect' register_form = forms.RegisterForm() data = {'login_form': login_form, 'register_form': register_form} return TemplateResponse(request, 'login.html', data)
def get(self, request): """tiled book activity page""" data = { "register_form": forms.RegisterForm(), "request_form": forms.InviteRequestForm(), } return TemplateResponse(request, "landing/landing.html", data)
def user_login(request): ''' authenticate user login ''' if request.method == 'GET': return redirect('/login') login_form = forms.LoginForm(request.POST) username = login_form.data['username'] username = '******' % (username, DOMAIN) password = login_form.data['password'] user = authenticate(request, username=username, password=password) if user is not None: # successful login login(request, user) user.last_active_date = timezone.now() return redirect(request.GET.get('next', '/')) login_form.non_field_errors = 'Username or password are incorrect' register_form = forms.RegisterForm() data = { 'site_settings': models.SiteSettings.get(), 'login_form': login_form, 'register_form': register_form } return TemplateResponse(request, 'login.html', data)
def get(self, request): ''' tiled book activity page ''' books = models.Edition.objects.filter( review__published_date__isnull=False, review__user__local=True, review__privacy__in=['public', 'unlisted'], ).exclude( cover__exact='' ).annotate( Max('review__published_date') ).order_by('-review__published_date__max')[:6] ratings = {} for book in books: reviews = models.Review.objects.filter( book__in=book.parent_work.editions.all() ) reviews = get_activity_feed( request.user, ['public', 'unlisted'], queryset=reviews) ratings[book.id] = reviews.aggregate(Avg('rating'))['rating__avg'] data = { 'title': 'Discover', 'register_form': forms.RegisterForm(), 'books': list(set(books)), 'ratings': ratings } return TemplateResponse(request, 'discover.html', data)
def get(self, request): """tiled book activity page""" data = { "register_form": forms.RegisterForm(), "request_form": forms.InviteRequestForm(), "books": helpers.get_discover_books(), } return TemplateResponse(request, "discover/discover.html", data)
def get(self, request): """Create admin user form""" # only allow this view when an instance is being configured site = models.SiteSettings.objects.get() if not site.install_mode: raise PermissionDenied() data = {"register_form": forms.RegisterForm()} return TemplateResponse(request, "setup/admin.html", data)
def get(self, request): """login page""" if request.user.is_authenticated: return redirect("/") # sene user to the login page data = { "login_form": forms.LoginForm(), "register_form": forms.RegisterForm(), } return TemplateResponse(request, "login.html", data)
def get(self, request, confirmed=None): """login page""" if request.user.is_authenticated: return redirect("/") # send user to the login page data = { "show_confirmed_email": confirmed, "login_form": forms.LoginForm(), "register_form": forms.RegisterForm(), } return TemplateResponse(request, "login.html", data)
def post(self, request): """join the server""" if not models.SiteSettings.get().allow_registration: invite_code = request.POST.get("invite_code") if not invite_code: raise PermissionDenied invite = get_object_or_404(models.SiteInvite, code=invite_code) if not invite.valid(): raise PermissionDenied else: invite = None form = forms.RegisterForm(request.POST) errors = False if not form.is_valid(): errors = True localname = form.data["localname"].strip() email = form.data["email"] password = form.data["password"] # check localname and email uniqueness if models.User.objects.filter(localname=localname).first(): form.errors["localname"] = [ "User with this username already exists" ] errors = True if errors: data = { "login_form": forms.LoginForm(), "register_form": form, "invite": invite, "valid": invite.valid() if invite else True, } if invite: return TemplateResponse(request, "invite.html", data) return TemplateResponse(request, "login.html", data) username = "******" % (localname, DOMAIN) user = models.User.objects.create_user(username, email, password, localname=localname, local=True) if invite: invite.times_used += 1 invite.invitees.add(user) invite.save() login(request, user) return redirect("get-started-profile")
def login_page(request): ''' authentication ''' if request.user.is_authenticated: return redirect('/') # send user to the login page data = { 'title': 'Login', 'login_form': forms.LoginForm(), 'register_form': forms.RegisterForm(), } return TemplateResponse(request, 'login.html', data)
def post(self, request): ''' join the server ''' if not models.SiteSettings.get().allow_registration: invite_code = request.POST.get('invite_code') if not invite_code: raise PermissionDenied invite = get_object_or_404(models.SiteInvite, code=invite_code) if not invite.valid(): raise PermissionDenied else: invite = None form = forms.RegisterForm(request.POST) errors = False if not form.is_valid(): errors = True localname = form.data['localname'].strip() email = form.data['email'] password = form.data['password'] # check localname and email uniqueness if models.User.objects.filter(localname=localname).first(): form.errors['localname'] = [ 'User with this username already exists' ] errors = True if errors: data = { 'login_form': forms.LoginForm(), 'register_form': form, 'invite': invite, 'valid': invite.valid() if invite else True, } if invite: return TemplateResponse(request, 'invite.html', data) return TemplateResponse(request, 'login.html', data) username = '******' % (localname, DOMAIN) user = models.User.objects.create_user(username, email, password, localname=localname, local=True) if invite: invite.times_used += 1 invite.save() login(request, user) return redirect('/')
def get(self, request, code): """ endpoint for using an invites """ if request.user.is_authenticated: return redirect("/") invite = get_object_or_404(models.SiteInvite, code=code) data = { "register_form": forms.RegisterForm(), "invite": invite, "valid": invite.valid() if invite else True, } return TemplateResponse(request, "invite.html", data)
def get(self, request, code): ''' endpoint for using an invites ''' if request.user.is_authenticated: return redirect('/') invite = get_object_or_404(models.SiteInvite, code=code) data = { 'title': 'Join', 'register_form': forms.RegisterForm(), 'invite': invite, 'valid': invite.valid() if invite else True, } return TemplateResponse(request, 'invite.html', data)
def get(self, request): """ tiled book activity page """ books = (models.Edition.objects.filter( review__published_date__isnull=False, review__deleted=False, review__user__local=True, review__privacy__in=["public", "unlisted"], ).exclude(cover__exact="").annotate( Max("review__published_date")).order_by( "-review__published_date__max")[:6]) data = { "register_form": forms.RegisterForm(), "books": list(set(books)), } return TemplateResponse(request, "discover/discover.html", data)
def register(request): ''' join the server ''' if request.method == 'GET': return redirect('/login') if not models.SiteSettings.get().allow_registration: invite_code = request.POST.get('invite_code') if not invite_code: raise PermissionDenied try: invite = models.SiteInvite.objects.get(code=invite_code) except models.SiteInvite.DoesNotExist: raise PermissionDenied else: invite = None form = forms.RegisterForm(request.POST) errors = False if not form.is_valid(): errors = True username = form.data['username'] email = form.data['email'] password = form.data['password'] # check username and email uniqueness if models.User.objects.filter(localname=username).first(): form.add_error('username', 'User with this username already exists') errors = True if errors: data = { 'site_settings': models.SiteSettings.get(), 'login_form': forms.LoginForm(), 'register_form': form } return TemplateResponse(request, 'login.html', data) user = models.User.objects.create_user(username, email, password) if invite: invite.times_used += 1 invite.save() login(request, user) return redirect('/')
def invite_page(request, code): ''' endpoint for sending invites ''' if request.user.is_authenticated: return redirect('/') try: invite = models.SiteInvite.objects.get(code=code) if not invite.valid(): raise PermissionDenied except models.SiteInvite.DoesNotExist: raise PermissionDenied data = { 'title': 'Join', 'register_form': forms.RegisterForm(), 'invite': invite, } return TemplateResponse(request, 'invite.html', data)
def post(self, request): """authentication action""" if request.user.is_authenticated: return redirect("/") login_form = forms.LoginForm(request.POST) localname = login_form.data["localname"] if "@" in localname: # looks like an email address to me try: username = models.User.objects.get(email=localname).username except models.User.DoesNotExist: # maybe it's a full username? username = localname else: username = "******" % (localname, DOMAIN) password = login_form.data["password"] # perform authentication user = authenticate(request, username=username, password=password) if user is not None: # successful login login(request, user) user.last_active_date = timezone.now() user.save(broadcast=False, update_fields=["last_active_date"]) if request.POST.get("first_login"): return redirect("get-started-profile") return redirect(request.GET.get("next", "/")) # maybe the user is pending email confirmation if models.User.objects.filter(username=username, is_active=False, deactivation_reason="pending").exists(): return redirect("confirm-email") # login errors login_form.non_field_errors = _("Username or password are incorrect") register_form = forms.RegisterForm() data = {"login_form": login_form, "register_form": register_form} return TemplateResponse(request, "login.html", data)
def post(self, request): """Create that user""" site = models.SiteSettings.objects.get() # you can't create an admin user if you're in config mode if not site.install_mode: raise PermissionDenied() form = forms.RegisterForm(request.POST) if not form.is_valid(): data = {"register_form": form} return TemplateResponse(request, "setup/admin.html", data) localname = form.data["localname"].strip() username = f"{localname}@{settings.DOMAIN}" user = models.User.objects.create_superuser( username, form.data["email"], form.data["password"], localname=localname, local=True, deactivation_reason=None, is_active=True, ) # Set "admin" role try: user.groups.set( Group.objects.filter(name__in=["admin", "moderator"])) except Group.DoesNotExist: # this should only happen in tests pass login(request, user) site.install_mode = False site.save() return redirect("settings-site")
def post(self, request): """join the server""" settings = models.SiteSettings.get() # no registration allowed when the site is being installed if settings.install_mode: raise PermissionDenied() if not settings.allow_registration: invite_code = request.POST.get("invite_code") if not invite_code: raise PermissionDenied() invite = get_object_or_404(models.SiteInvite, code=invite_code) if not invite.valid(): raise PermissionDenied() else: invite = None form = forms.RegisterForm(request.POST) if not form.is_valid(): data = { "login_form": forms.LoginForm(), "register_form": form, "invite": invite, "valid": invite.valid() if invite else True, } if invite: return TemplateResponse(request, "landing/invite.html", data) return TemplateResponse(request, "landing/login.html", data) localname = form.data["localname"].strip() email = form.data["email"] password = form.data["password"] # make sure the email isn't blocked as spam email_domain = email.split("@")[-1] if models.EmailBlocklist.objects.filter(domain=email_domain).exists(): # treat this like a successful registration, but don't do anything return redirect("confirm-email") username = f"{localname}@{DOMAIN}" user = models.User.objects.create_user( username, email, password, localname=localname, local=True, deactivation_reason="pending" if settings.require_confirm_email else None, is_active=not settings.require_confirm_email, ) if invite: invite.times_used += 1 invite.invitees.add(user) invite.save() if settings.require_confirm_email: emailing.email_confirmation_email(user) return redirect("confirm-email") login(request, user) return redirect("get-started-profile")