def login(request):
if request.user.is_authenticated():
if is_employee(request.user):
return redirect('post_admin')
else:
return redirect('initial')
context = {"user_create_form": UserCreationForm()}
if request.method == 'POST':
if request.POST['type'] == 'login':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
if is_employee(user):
return redirect('post_admin')
else:
return redirect('initial')
else:
context['error'] = 'This account has been disabled'
return render(request, 'login.html', context)
else:
context['error'] = 'Invalid username or password'
return render(request, 'login.html', context)
else:
full_user_create_form = UserCreationForm(request.POST)
if full_user_create_form.is_valid():
user = full_user_create_form.save()
group = Group.objects.get(name="Users")
group.user_set.add(user)
user = authenticate(username=user.username, password=request.POST['password1'])
auth_login(request, user)
return redirect('initial')
else:
context['user_create_form'] = full_user_create_form
context['error_on_create'] = True
return render(request, 'login.html', context)
def login(request):
if request.user.is_authenticated():
if is_employee(request.user):
return redirect('post_admin')
else:
return redirect('initial')
context = {"user_create_form": UserCreationForm}
if request.method == 'POST':
if request.POST['type'] == 'login':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
if is_employee(user):
return redirect('post_admin')
else:
return redirect('initial')
else:
context["error"] = "You're not welcome here. You know this."
return render(request, 'login.html', context)
else:
context["error"] = "Try again with your username and password."
return render(request, 'login.html', context)
else:
full_user_create_form = UserCreationForm(request.POST)
if full_user_create_form.is_valid():
user = full_user_create_form.save()
group = Group.objects.get(name="users")
group.user_set.add(user)
user = authenticate(username=user.username, password=request.POST['password1'])
auth_login(request, user)
return redirect('initial')
else:
context['user_create_form'] = full_user_create_form
context['error_on_create'] = True
return render(request, 'login.html', context)
def edit_post(request, id):
if request.method == 'DELETE':
if is_employee(request.user):
Post.objects.get(id=id).delete()
return HttpResponse(status=204)
else:
return HttpResponse(status=401)
elif request.method == 'GET':
post = Post.objects.get(id=id)
return render(request, 'post.html', {'post': post})