def logout(request):
if User.userAuth(request, tokkening=True):
user = User.objects.get(id=request.session['id'])
user.logout(request)
return redirect('/')
else:
return redirect('/')
def login(request):
if User.userAuth(request, tokkening=True):
return redirect('/users/')
if request.method == 'POST':
print 'loging..'
username = request.POST['username']
password = request.POST['password']
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
msg = 'Error. User not found.'
print msg
return render_to_response('login.html', {'msg': msg}, context_instance=RequestContext(request))
except User.MultipleObjectsReturned:
msg = 'Error. Multiple user. Please contact with administrator.'
return render_to_response('login.html', {'msg': msg}, context_instance=RequestContext(request))
if user.passwordCompare(password):
user.login(request)
msg = 'Login successfully'
print msg
return redirect('/users/')
else:
msg = 'Error. Wrong password.'
return render_to_response('login.html', {'msg': msg}, context_instance=RequestContext(request))
else:
return render_to_response('login.html', context_instance=RequestContext(request))
def token_detail(request, format=None):
if User.userAuth(request, tokkening=False) == False:
print u"Access denied"
return render_to_response('denied.html', context_instance=RequestContext(request))
if request.method == 'GET':
try:
user = User.objects.get(id=request.session['id'])
token = Token.objects.get(id=user.token_id)
except Token.DoesNotExist or User.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
serializer = TokenSerializer(token)
return Response(serializer.data)
def user_list(request, format=None):
if User.userAuth(request, tokkening=True) == False:
print u"Access denied"
return render_to_response('denied.html', context_instance=RequestContext(request))
if request.method == 'GET':
users = User.objects.all()
serializer = UserSerializer(users, many=True)
return Response(serializer.data)
elif request.method == 'POST':
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def user_detail(request, pk, format=None):
if User.userAuth(request, tokkening=True) == False:
print u"Access denied"
return Response(status=status.HTTP_403_FORBIDDEN)
try:
user = User.objects.get(id=pk)
except User.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
if request.method == 'GET':
serializer = UserSerializer(user)
return Response(serializer.data)
elif request.method == 'PUT':
serializer = UserSerializer(user, data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
elif request.method == 'DELETE':
user.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
