def post(self, request): """ join the server """ if not models.SiteSettings.get().allow_registration: invite_code = request.POST.get("invite_code") if not invite_code: raise PermissionDenied invite = get_object_or_404(models.SiteInvite, code=invite_code) if not invite.valid(): raise PermissionDenied else: invite = None form = forms.RegisterForm(request.POST) errors = False if not form.is_valid(): errors = True localname = form.data["localname"].strip() email = form.data["email"] password = form.data["password"] # check localname and email uniqueness if models.User.objects.filter(localname=localname).first(): form.errors["localname"] = [ "User with this username already exists" ] errors = True if errors: data = { "login_form": forms.LoginForm(), "register_form": form, "invite": invite, "valid": invite.valid() if invite else True, } if invite: return TemplateResponse(request, "invite.html", data) return TemplateResponse(request, "login.html", data) username = "******" % (localname, DOMAIN) user = models.User.objects.create_user(username, email, password, localname=localname, local=True) if invite: invite.times_used += 1 invite.save() login(request, user) return redirect("/")
def post(self, request): ''' join the server ''' if not models.SiteSettings.get().allow_registration: invite_code = request.POST.get('invite_code') if not invite_code: raise PermissionDenied invite = get_object_or_404(models.SiteInvite, code=invite_code) if not invite.valid(): raise PermissionDenied else: invite = None form = forms.RegisterForm(request.POST) errors = False if not form.is_valid(): errors = True localname = form.data['localname'].strip() email = form.data['email'] password = form.data['password'] # check localname and email uniqueness if models.User.objects.filter(localname=localname).first(): form.errors['localname'] = [ 'User with this username already exists' ] errors = True if errors: data = { 'login_form': forms.LoginForm(), 'register_form': form, 'invite': invite, 'valid': invite.valid() if invite else True, } if invite: return TemplateResponse(request, 'invite.html', data) return TemplateResponse(request, 'login.html', data) username = '******' % (localname, DOMAIN) user = models.User.objects.create_user(username, email, password, localname=localname, local=True) if invite: invite.times_used += 1 invite.save() login(request, user) return redirect('/')
def test_login_post_email(self, _): """there are so many views, this just makes sure it LOADS""" view = views.Login.as_view() form = forms.LoginForm() form.data["localname"] = "mouse" form.data["password"] = "******" request = self.factory.post("", form.data) request.user = self.anonymous_user with patch("bookwyrm.views.authentication.login"): result = view(request) self.assertEqual(result.url, "/") self.assertEqual(result.status_code, 302)
def register(request): ''' join the server ''' if request.method == 'GET': return redirect('/login') if not models.SiteSettings.get().allow_registration: invite_code = request.POST.get('invite_code') if not invite_code: raise PermissionDenied try: invite = models.SiteInvite.objects.get(code=invite_code) except models.SiteInvite.DoesNotExist: raise PermissionDenied else: invite = None form = forms.RegisterForm(request.POST) errors = False if not form.is_valid(): errors = True username = form.data['username'] email = form.data['email'] password = form.data['password'] # check username and email uniqueness if models.User.objects.filter(localname=username).first(): form.add_error('username', 'User with this username already exists') errors = True if errors: data = { 'site_settings': models.SiteSettings.get(), 'login_form': forms.LoginForm(), 'register_form': form } return TemplateResponse(request, 'login.html', data) user = models.User.objects.create_user(username, email, password) if invite: invite.times_used += 1 invite.save() login(request, user) return redirect('/')
def test_login_post_invalid_credentials(self, _): """there are so many views, this just makes sure it LOADS""" view = views.Login.as_view() form = forms.LoginForm() form.data["localname"] = "mouse" form.data["password"] = "******" request = self.factory.post("", form.data) request.user = self.anonymous_user with patch("bookwyrm.views.authentication.login"): result = view(request) result.render() self.assertEqual(result.status_code, 200) self.assertEqual( result.context_data["login_form"].non_field_errors, "Username or password are incorrect", )
def user_login(request): ''' authenticate user login ''' login_form = forms.LoginForm(request.POST) username = login_form.data['username'] username = '******' % (username, DOMAIN) password = login_form.data['password'] user = authenticate(request, username=username, password=password) if user is not None: # successful login login(request, user) user.last_active_date = timezone.now() return redirect(request.GET.get('next', '/')) login_form.non_field_errors = 'Username or password are incorrect' register_form = forms.RegisterForm() data = {'login_form': login_form, 'register_form': register_form} return TemplateResponse(request, 'login.html', data)
def post(self, request): """authentication action""" if request.user.is_authenticated: return redirect("/") login_form = forms.LoginForm(request.POST) localname = login_form.data["localname"] if "@" in localname: # looks like an email address to me try: username = models.User.objects.get(email=localname).username except models.User.DoesNotExist: # maybe it's a full username? username = localname else: username = "******" % (localname, DOMAIN) password = login_form.data["password"] # perform authentication user = authenticate(request, username=username, password=password) if user is not None: # successful login login(request, user) user.last_active_date = timezone.now() user.save(broadcast=False, update_fields=["last_active_date"]) if request.POST.get("first_login"): return redirect("get-started-profile") return redirect(request.GET.get("next", "/")) # maybe the user is pending email confirmation if models.User.objects.filter(username=username, is_active=False, deactivation_reason="pending").exists(): return redirect("confirm-email") # login errors login_form.non_field_errors = _("Username or password are incorrect") register_form = forms.RegisterForm() data = {"login_form": login_form, "register_form": register_form} return TemplateResponse(request, "login.html", data)
def post(self, request): """join the server""" settings = models.SiteSettings.get() # no registration allowed when the site is being installed if settings.install_mode: raise PermissionDenied() if not settings.allow_registration: invite_code = request.POST.get("invite_code") if not invite_code: raise PermissionDenied() invite = get_object_or_404(models.SiteInvite, code=invite_code) if not invite.valid(): raise PermissionDenied() else: invite = None form = forms.RegisterForm(request.POST) if not form.is_valid(): data = { "login_form": forms.LoginForm(), "register_form": form, "invite": invite, "valid": invite.valid() if invite else True, } if invite: return TemplateResponse(request, "landing/invite.html", data) return TemplateResponse(request, "landing/login.html", data) localname = form.data["localname"].strip() email = form.data["email"] password = form.data["password"] # make sure the email isn't blocked as spam email_domain = email.split("@")[-1] if models.EmailBlocklist.objects.filter(domain=email_domain).exists(): # treat this like a successful registration, but don't do anything return redirect("confirm-email") username = f"{localname}@{DOMAIN}" user = models.User.objects.create_user( username, email, password, localname=localname, local=True, deactivation_reason="pending" if settings.require_confirm_email else None, is_active=not settings.require_confirm_email, ) if invite: invite.times_used += 1 invite.invitees.add(user) invite.save() if settings.require_confirm_email: emailing.email_confirmation_email(user) return redirect("confirm-email") login(request, user) return redirect("get-started-profile")