def logging_in(request): username = request.POST['username'] password = request.POST['password'] user = auth.authenticate(username=username, password=password) if user is not None: if user.is_superuser and user.is_active: auth.login(request, user) messages.add_message(request, messages.SUCCESS, 'Awesome! Your login was successful.') return redirect_to_name('keypairs') elif not user.is_superuser: messages.add_message( request, messages.ERROR, 'Sorry, your account is still awaiting admin approval.') return redirect_to_name('login') else: messages.add_message( request, messages.ERROR, 'Your account has been marked as inactive. ' 'Please contact the admin to activate it.') return redirect_to_name('login') else: messages.add_message( request, messages.ERROR, 'I don\'t seem to recognize your username-password combination...') return redirect_to_name('login')
def add_user(request): username = request.POST['username'] password = request.POST['password'] email = request.POST['email'] ## If the user didn't put in all the details... if(username.strip() == '' or password.strip() == '' or email.strip() == ''): messages.add_message(request, messages.ERROR, 'All the fields are required.') return redirect_to_name('signup') ## If the user already has an entry in the database... byUsername = User.objects.filter(username = username) byEmailAdd = User.objects.filter(email = email) if(len(byUsername) > 0 or len(byEmailAdd) > 0): messages.add_message(request, messages.ERROR, 'Hmm. It looks like you already have an entry in my database...') return redirect_to_name('signup') ## Insert user into database user = User.objects.create_user(username=username, password=password, email=email) ## If this is the only user in the database, make this user a staff superuser if User.objects.count() == 1: user.is_superuser = True user.is_staff = True user.save() messages.add_message(request, messages.SUCCESS, 'Sign-up successful! You may log in now.') else: messages.add_message(request, messages.SUCCESS, 'Your sign up was successful and is now awaiting admin approval.') return redirect_to_name('login')
def new_keypair(request): name = request.POST['name'] pin = request.POST['pin'] rfid_uid = request.POST['rfid_uid'] fingerprint_template = request.POST['fingerprint_template'] door_ids = request.POST['doors'] is_error = False if not is_valid_name(name): messages.add_message(request, messages.ERROR, 'Name must be unique and not blank.') is_error = True if pin and not is_valid_pin(pin): messages.add_message(request, messages.ERROR, 'PIN must be at least 4 numeric characters.') is_error = True if not(rfid_uid or fingerprint_template): messages.add_message(request, messages.ERROR, 'A fingerprint template OR an RFID card must be entered.') is_error = True if is_error: return redirect_to_name('keypairs') hashpin = hash_string(pin) hashrfid = hash_string(rfid_uid) keypair = Keypair.objects.create(name=name, pin=encrypt(pin), rfid_uid=encrypt(rfid_uid), hash_pin=hashpin, hash_rfid=hashrfid, fingerprint_template=fingerprint_template, last_edited_by=request.user) if door_ids: door_ids = door_ids.split(',') keypair.doors.add(*door_ids) messages.add_message(request, messages.SUCCESS, 'Pair addition successful.') return redirect_to_name('keypairs')
def logout(request): if request.user.is_authenticated(): auth.logout(request) messages.add_message(request, messages.SUCCESS, 'Logged out successfully.') return redirect_to_name('index') else: messages.add_message(request, messages.ERROR, "If you're not logged in, how can you log out?") return redirect_to_name('login')
def regenerate_secret_key(request): old_key = settings.SECRET_KEY new_key = secret_key.regenerate_secret_key(settings.SECRET_KEY_PATH) keypairs.reencrypt_keypairs(old_key, new_key) settings.SECRET_KEY = new_key messages.add_message(request, messages.SUCCESS, 'Successfully regenerated the secret key.') return redirect_to_name('index')
def login_page(request): if request.user.is_authenticated(): messages.add_message( request, messages.ERROR, 'You have already logged in. Kindly log out first to access the login page.' ) return redirect_to_name('keypairs') else: return render(request, 'login.html')
def delete_logs_older_than(request): days = request.POST['days'] if days.isdigit(): days = int(days) cursor = connection.cursor() cursor.execute("DELETE FROM records_log WHERE now() - created_on > INTERVAL '%s days'" % days) messages.add_message(request, messages.SUCCESS, '%d old logs successfully deleted.' % cursor.rowcount) else: messages.add_message(request, messages.ERROR, 'Number of days must be numeric') return redirect_to_name('logs')
def new_keypair(request): name = request.POST['name'] pin = request.POST['pin'] rfid_uid = request.POST['rfid_uid'] fingerprint_template = request.POST['fingerprint_template'] door_ids = request.POST['doors'] is_error = False if not is_valid_name(name): messages.add_message(request, messages.ERROR, 'Name must be unique and not blank.') is_error = True if pin and not is_valid_pin(pin): messages.add_message(request, messages.ERROR, 'PIN must be at least 4 numeric characters.') is_error = True if not (rfid_uid or fingerprint_template): messages.add_message( request, messages.ERROR, 'A fingerprint template OR an RFID card must be entered.') is_error = True if is_error: return redirect_to_name('keypairs') hashpin = hash_string(pin) hashrfid = hash_string(rfid_uid) keypair = Keypair.objects.create(name=name, pin=encrypt(pin), rfid_uid=encrypt(rfid_uid), hash_pin=hashpin, hash_rfid=hashrfid, fingerprint_template=fingerprint_template, last_edited_by=request.user) if door_ids: door_ids = door_ids.split(',') keypair.doors.add(*door_ids) messages.add_message(request, messages.SUCCESS, 'Pair addition successful.') return redirect_to_name('keypairs')
def logging_in(request): username = request.POST['username'] password = request.POST['password'] user = auth.authenticate(username=username, password=password) if user is not None: if user.is_superuser and user.is_active: auth.login(request, user) messages.add_message(request, messages.SUCCESS, 'Awesome! Your login was successful.') return redirect_to_name('keypairs') elif not user.is_superuser: messages.add_message(request, messages.ERROR, 'Sorry, your account is still awaiting admin approval.') return redirect_to_name('login') else: messages.add_message(request, messages.ERROR, 'Your account has been marked as inactive. ' 'Please contact the admin to activate it.') return redirect_to_name('login') else: messages.add_message(request, messages.ERROR, 'I don\'t seem to recognize your username-password combination...') return redirect_to_name('login')
def add_user(request): username = request.POST['username'] password = request.POST['password'] email = request.POST['email'] ## If the user didn't put in all the details... if (username.strip() == '' or password.strip() == '' or email.strip() == ''): messages.add_message(request, messages.ERROR, 'All the fields are required.') return redirect_to_name('signup') ## If the user already has an entry in the database... byUsername = User.objects.filter(username=username) byEmailAdd = User.objects.filter(email=email) if (len(byUsername) > 0 or len(byEmailAdd) > 0): messages.add_message( request, messages.ERROR, 'Hmm. It looks like you already have an entry in my database...') return redirect_to_name('signup') ## Insert user into database user = User.objects.create_user(username=username, password=password, email=email) ## If this is the only user in the database, make this user a staff superuser if User.objects.count() == 1: user.is_superuser = True user.is_staff = True user.save() messages.add_message(request, messages.SUCCESS, 'Sign-up successful! You may log in now.') else: messages.add_message( request, messages.SUCCESS, 'Your sign up was successful and is now awaiting admin approval.') return redirect_to_name('login')
def delete_logs_older_than(request): days = request.POST['days'] if days.isdigit(): days = int(days) cursor = connection.cursor() cursor.execute( "DELETE FROM records_log WHERE now() - created_on > INTERVAL '%s days'" % days) messages.add_message( request, messages.SUCCESS, '%d old logs successfully deleted.' % cursor.rowcount) else: messages.add_message(request, messages.ERROR, 'Number of days must be numeric') return redirect_to_name('logs')
def all_users(request): if request.user.is_staff: users = User.objects.all() return render(request, 'users.html', {'users': users}) else: return redirect_to_name('index')
def must_be_logged_in(request): messages.add_message(request, messages.ERROR, 'You must be logged in to access that page.') return redirect_to_name('login')
def login_page(request): if request.user.is_authenticated(): messages.add_message(request, messages.ERROR, 'You have already logged in. Kindly log out first to access the login page.') return redirect_to_name('keypairs') else: return render(request, 'login.html')
def options_page(request): if request.user.is_staff: options = Option.objects.all() return render(request, 'options.html', {'options': options}) else: return redirect_to_name('index')