def post(self, request):
""" join the server """
if not models.SiteSettings.get().allow_registration:
invite_code = request.POST.get("invite_code")
if not invite_code:
raise PermissionDenied
invite = get_object_or_404(models.SiteInvite, code=invite_code)
if not invite.valid():
raise PermissionDenied
else:
invite = None
form = forms.RegisterForm(request.POST)
errors = False
if not form.is_valid():
errors = True
localname = form.data["localname"].strip()
email = form.data["email"]
password = form.data["password"]
# check localname and email uniqueness
if models.User.objects.filter(localname=localname).first():
form.errors["localname"] = [
"User with this username already exists"
]
errors = True
if errors:
data = {
"login_form": forms.LoginForm(),
"register_form": form,
"invite": invite,
"valid": invite.valid() if invite else True,
}
if invite:
return TemplateResponse(request, "invite.html", data)
return TemplateResponse(request, "login.html", data)
username = "******" % (localname, DOMAIN)
user = models.User.objects.create_user(username,
email,
password,
localname=localname,
local=True)
if invite:
invite.times_used += 1
invite.save()
login(request, user)
return redirect("/")
def post(self, request):
''' join the server '''
if not models.SiteSettings.get().allow_registration:
invite_code = request.POST.get('invite_code')
if not invite_code:
raise PermissionDenied
invite = get_object_or_404(models.SiteInvite, code=invite_code)
if not invite.valid():
raise PermissionDenied
else:
invite = None
form = forms.RegisterForm(request.POST)
errors = False
if not form.is_valid():
errors = True
localname = form.data['localname'].strip()
email = form.data['email']
password = form.data['password']
# check localname and email uniqueness
if models.User.objects.filter(localname=localname).first():
form.errors['localname'] = [
'User with this username already exists'
]
errors = True
if errors:
data = {
'login_form': forms.LoginForm(),
'register_form': form,
'invite': invite,
'valid': invite.valid() if invite else True,
}
if invite:
return TemplateResponse(request, 'invite.html', data)
return TemplateResponse(request, 'login.html', data)
username = '******' % (localname, DOMAIN)
user = models.User.objects.create_user(username,
email,
password,
localname=localname,
local=True)
if invite:
invite.times_used += 1
invite.save()
login(request, user)
return redirect('/')
def test_login_post_email(self, _):
"""there are so many views, this just makes sure it LOADS"""
view = views.Login.as_view()
form = forms.LoginForm()
form.data["localname"] = "mouse"
form.data["password"] = "******"
request = self.factory.post("", form.data)
request.user = self.anonymous_user
with patch("bookwyrm.views.authentication.login"):
result = view(request)
self.assertEqual(result.url, "/")
self.assertEqual(result.status_code, 302)
def register(request):
''' join the server '''
if request.method == 'GET':
return redirect('/login')
if not models.SiteSettings.get().allow_registration:
invite_code = request.POST.get('invite_code')
if not invite_code:
raise PermissionDenied
try:
invite = models.SiteInvite.objects.get(code=invite_code)
except models.SiteInvite.DoesNotExist:
raise PermissionDenied
else:
invite = None
form = forms.RegisterForm(request.POST)
errors = False
if not form.is_valid():
errors = True
username = form.data['username']
email = form.data['email']
password = form.data['password']
# check username and email uniqueness
if models.User.objects.filter(localname=username).first():
form.add_error('username', 'User with this username already exists')
errors = True
if errors:
data = {
'site_settings': models.SiteSettings.get(),
'login_form': forms.LoginForm(),
'register_form': form
}
return TemplateResponse(request, 'login.html', data)
user = models.User.objects.create_user(username, email, password)
if invite:
invite.times_used += 1
invite.save()
login(request, user)
return redirect('/')
def test_login_post_invalid_credentials(self, _):
"""there are so many views, this just makes sure it LOADS"""
view = views.Login.as_view()
form = forms.LoginForm()
form.data["localname"] = "mouse"
form.data["password"] = "******"
request = self.factory.post("", form.data)
request.user = self.anonymous_user
with patch("bookwyrm.views.authentication.login"):
result = view(request)
result.render()
self.assertEqual(result.status_code, 200)
self.assertEqual(
result.context_data["login_form"].non_field_errors,
"Username or password are incorrect",
)
def user_login(request):
''' authenticate user login '''
login_form = forms.LoginForm(request.POST)
username = login_form.data['username']
username = '******' % (username, DOMAIN)
password = login_form.data['password']
user = authenticate(request, username=username, password=password)
if user is not None:
# successful login
login(request, user)
user.last_active_date = timezone.now()
return redirect(request.GET.get('next', '/'))
login_form.non_field_errors = 'Username or password are incorrect'
register_form = forms.RegisterForm()
data = {'login_form': login_form, 'register_form': register_form}
return TemplateResponse(request, 'login.html', data)
def post(self, request):
"""authentication action"""
if request.user.is_authenticated:
return redirect("/")
login_form = forms.LoginForm(request.POST)
localname = login_form.data["localname"]
if "@" in localname: # looks like an email address to me
try:
username = models.User.objects.get(email=localname).username
except models.User.DoesNotExist: # maybe it's a full username?
username = localname
else:
username = "******" % (localname, DOMAIN)
password = login_form.data["password"]
# perform authentication
user = authenticate(request, username=username, password=password)
if user is not None:
# successful login
login(request, user)
user.last_active_date = timezone.now()
user.save(broadcast=False, update_fields=["last_active_date"])
if request.POST.get("first_login"):
return redirect("get-started-profile")
return redirect(request.GET.get("next", "/"))
# maybe the user is pending email confirmation
if models.User.objects.filter(username=username,
is_active=False,
deactivation_reason="pending").exists():
return redirect("confirm-email")
# login errors
login_form.non_field_errors = _("Username or password are incorrect")
register_form = forms.RegisterForm()
data = {"login_form": login_form, "register_form": register_form}
return TemplateResponse(request, "login.html", data)
def post(self, request):
"""join the server"""
settings = models.SiteSettings.get()
# no registration allowed when the site is being installed
if settings.install_mode:
raise PermissionDenied()
if not settings.allow_registration:
invite_code = request.POST.get("invite_code")
if not invite_code:
raise PermissionDenied()
invite = get_object_or_404(models.SiteInvite, code=invite_code)
if not invite.valid():
raise PermissionDenied()
else:
invite = None
form = forms.RegisterForm(request.POST)
if not form.is_valid():
data = {
"login_form": forms.LoginForm(),
"register_form": form,
"invite": invite,
"valid": invite.valid() if invite else True,
}
if invite:
return TemplateResponse(request, "landing/invite.html", data)
return TemplateResponse(request, "landing/login.html", data)
localname = form.data["localname"].strip()
email = form.data["email"]
password = form.data["password"]
# make sure the email isn't blocked as spam
email_domain = email.split("@")[-1]
if models.EmailBlocklist.objects.filter(domain=email_domain).exists():
# treat this like a successful registration, but don't do anything
return redirect("confirm-email")
username = f"{localname}@{DOMAIN}"
user = models.User.objects.create_user(
username,
email,
password,
localname=localname,
local=True,
deactivation_reason="pending" if settings.require_confirm_email else None,
is_active=not settings.require_confirm_email,
)
if invite:
invite.times_used += 1
invite.invitees.add(user)
invite.save()
if settings.require_confirm_email:
emailing.email_confirmation_email(user)
return redirect("confirm-email")
login(request, user)
return redirect("get-started-profile")
