def signup(request): """View that handles user registration.""" if request.user.is_authenticated(): return HttpResponseRedirect("/") if request.method == "GET": form = SignupForm() # Create an empty form if the method is GET. elif request.method == "POST": form = SignupForm(request.POST) # Populate the form with POST data. if form.is_valid(): # Get the form data. username = form.cleaned_data["username"] email = form.cleaned_data["email"] password = form.cleaned_data["password"] first_name = form.cleaned_data["first_name"] last_name = form.cleaned_data["last_name"] # Create a new user and profile. user = User.objects.create_user(username, email, password) user.first_name = first_name user.last_name = last_name user.save() # Save the user. new_profile = UserProfile() new_profile.new(user, form.cleaned_data["phone"], get_remote_ip(request)) # Send an email with the confirmation link site = Site.objects.get_current() subject = "%s User Activation" % site.name body = ( "Hello, %s, and thanks for signing up for an account at %s!" "\n\nTo activate your account, click this link within 48 hours:" "\n\nhttp://%s/login/%s" % (user.username, site.domain, site.domain, new_profile.activation_key) ) send_mail(subject, body, "settings.EMAIL_HOST_USER", [user.email]) # Redirect to a confirmation page. return HttpResponseRedirect("/signup/confirmed/") # Load signup.html on GET request and POST error. return load_page(request, "signup.html", {"form": form})
def account(request): user = request.user try: profile = UserProfile.objects.get(user=request.user) except: profile = UserProfile() profile.new(user, ip_address=get_remote_ip(request)) profile.save() form = AccountForm({"phone": profile.phone, "email": user.email}) error = "" if request.method == "POST": form = AccountForm(request.POST) if form.is_valid(): # user.email = form.cleaned_data['email'] user.save() profile.phone = form.cleaned_data["phone"] profile.save() return index(request, "Your account has successfully been edited.") else: error = form.errors return load_page(request, "account.html", {"form": form, "error": error})
def login_view(request, activation_key=""): """View that handles logging in. Verifies activation keys too.""" # Default variable values. error = u"" username = "" noverify = False # Logging in if request.method == "POST": # Get login information from the POST data username = request.POST["username"] password = request.POST["password"] # Create a new user and authenticate it user = authenticate(username=username, password=password) if user is not None: # User exists try: profile = UserProfile.objects.get(user=user) if profile.is_verified: if user.is_active: if profile.is_disabled: # Profile deactivated by user. profile.is_disabled = False profile.last_login_date = datetime.today() profile.last_login_ip = get_remote_ip(request) profile.save() login(request, user) return index(request, "Welcome back!") # Profile is active and enabled. profile.last_login_date = datetime.today() profile.last_login_ip = get_remote_ip(request) profile.save() login(request, user) else: # Profile disabled. error = ( u"Sorry, your user account has been " u"disabled by an administrator for " u"misconduct and/or violating the terms of " u"service agreement." ) else: # If the user is not verified, try verifying. if not activation_key: error = ( u"Your account has not been verified. Please " u"check your email for a verification link." ) noverify = True else: try: profile = get_object_or_404(UserProfile, activation_key=activation_key) user = profile.user except: error = "Invalid verification key." noverify = True # Error if the activation key expired. if profile.key_expires < datetime.today(): error = u"Your activation key has expired. Please " u"request a new one with the link below." noverify = True elif not noverify: profile.is_verified = True profile.last_login_date = datetime.today() profile.last_login_ip = get_remote_ip(request) profile.save() login(request, user) except: if user.is_staff: login(request, user) else: error = ( u"Error: your user profile could not be loaded. " u"Please contact an administrator or create a " u"new account. We are sorry for any " u"inconvenience." ) raise else: error = u"Invalid username and password." # GET and POST with errors # Display page if request.user.is_active: # User is logged in. if request.user.is_staff: # User is an admin. return HttpResponseRedirect("/admin") # Redirect to admin page. elif request.POST.get("next", None): # User is not an admin return HttpResponseRedirect(request.POST["next"]) else: return HttpResponseRedirect("/") # Redirect home. else: # User is not logged in. next = request.GET.get("next", "") return load_page( request, "login.html", {"error": error, "username": username, "key": activation_key, "noverify": noverify, "next": next}, )