def login(request): if request.user.is_authenticated(): if is_employee(request.user): return redirect('post_admin') else: return redirect('initial') context = {"user_create_form": UserCreationForm()} if request.method == 'POST': if request.POST['type'] == 'login': username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: auth_login(request, user) if is_employee(user): return redirect('post_admin') else: return redirect('initial') else: context['error'] = 'This account has been disabled' return render(request, 'login.html', context) else: context['error'] = 'Invalid username or password' return render(request, 'login.html', context) else: full_user_create_form = UserCreationForm(request.POST) if full_user_create_form.is_valid(): user = full_user_create_form.save() group = Group.objects.get(name="Users") group.user_set.add(user) user = authenticate(username=user.username, password=request.POST['password1']) auth_login(request, user) return redirect('initial') else: context['user_create_form'] = full_user_create_form context['error_on_create'] = True return render(request, 'login.html', context)
def login(request): if request.user.is_authenticated(): if is_employee(request.user): return redirect('post_admin') else: return redirect('initial') context = {"user_create_form": UserCreationForm} if request.method == 'POST': if request.POST['type'] == 'login': username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: auth_login(request, user) if is_employee(user): return redirect('post_admin') else: return redirect('initial') else: context["error"] = "You're not welcome here. You know this." return render(request, 'login.html', context) else: context["error"] = "Try again with your username and password." return render(request, 'login.html', context) else: full_user_create_form = UserCreationForm(request.POST) if full_user_create_form.is_valid(): user = full_user_create_form.save() group = Group.objects.get(name="users") group.user_set.add(user) user = authenticate(username=user.username, password=request.POST['password1']) auth_login(request, user) return redirect('initial') else: context['user_create_form'] = full_user_create_form context['error_on_create'] = True return render(request, 'login.html', context)
def edit_post(request, id): if request.method == 'DELETE': if is_employee(request.user): Post.objects.get(id=id).delete() return HttpResponse(status=204) else: return HttpResponse(status=401) elif request.method == 'GET': post = Post.objects.get(id=id) return render(request, 'post.html', {'post': post})