def make_order(request, category): form = DonationGiftForm(data=request.POST, category=category, request=request) if form.is_valid(): form.save(request) return get_redirect(request) messages.add_message(request, messages.ERROR, 'Form-Fehler!') return get_redirect(request, next=request.META.get('HTTP_REFERER', '/'))
def make_request(request): ident = request.GET.get('ident') if not ident: messages.add_message(request, messages.ERROR, 'Fehlerhafter Link') return redirect('food-index') try: provider, _ = ident.split(':') if provider not in venue_providers: raise ValueError except ValueError: messages.add_message(request, messages.ERROR, 'Fehlerhafter Link') return redirect('food-index') place = venue_providers[provider].get_place(ident) if place is None: return redirect('food-index') return get_redirect(request, default='food-index', params={ 'query': place['name'], 'latlng': '{},{}'.format(place['lat'], place['lng']), 'ident': ident })
def confirm(request, user_id, secret, request_id=None): if request.user.is_authenticated: if request.user.id != user_id: messages.add_message(request, messages.ERROR, _('You are logged in and cannot use a confirmation link.')) return redirect('account-show') user = get_object_or_404(auth.get_user_model(), pk=int(user_id)) if user.is_active or (not user.is_active and user.email is None): return redirect('account-login') account_service = AccountService(user) result = account_service.confirm_account(secret, request_id) if not result: messages.add_message(request, messages.ERROR, _('You can only use the confirmation link once, ' 'please login with your password.')) return redirect('account-login') auth.login(request, user) params = {} if request.GET.get('ref'): params['ref'] = request.GET['ref'] if request_id is not None: req_service = ActivatePendingRequestService({ 'request_id': request_id }) foirequest = req_service.process(request=request) if foirequest: params['request'] = str(foirequest.pk).encode('utf-8') default_url = '%s?%s' % (reverse('account-confirmed'), urlencode(params)) return get_redirect(request, default=default_url, params=params)
def confirm(request, user_id, secret, request_id=None): if request.user.is_authenticated: if request.user.id != user_id: messages.add_message( request, messages.ERROR, _('You are logged in and cannot use a confirmation link.')) return redirect('account-show') user = get_object_or_404(auth.get_user_model(), pk=int(user_id)) if user.is_active or (not user.is_active and user.email is None): return redirect('account-login') account_service = AccountService(user) result = account_service.confirm_account(secret, request_id) if not result: messages.add_message( request, messages.ERROR, _('You can only use the confirmation link once, ' 'please login with your password.')) return redirect('account-login') auth.login(request, user) params = {} if request.GET.get('ref'): params['ref'] = request.GET['ref'] if request_id is not None: req_service = ActivatePendingRequestService({'request_id': request_id}) foirequest = req_service.process(request=request) if foirequest: params['request'] = str(foirequest.pk).encode('utf-8') default_url = '%s?%s' % (reverse('account-confirmed'), urlencode(params)) return get_redirect(request, default=default_url, params=params)
def go(request, user_id, secret, url): if request.user.is_authenticated: if request.user.id != int(user_id): messages.add_message( request, messages.INFO, _('You are logged in with a different user account. Please logout first before using this link.' )) return redirect(url) user = get_object_or_404(auth.get_user_model(), pk=int(user_id)) account_manager = AccountService(user) if account_manager.check_autologin_secret(secret): if user.is_superuser: # Don't allow autologin for superusers return redirect(url) if user.is_deleted or user.is_blocked: # This will fail, but that's OK here return redirect(url) if not user.is_active: # Confirm user account (link came from email) user.date_deactivated = None user.is_active = True user.save() account_activated.send_robust(sender=user) auth.login(request, user) return redirect(url) # If login-link fails, prompt login with redirect return get_redirect(request, default='account-login', params={'next': url})
def old_make_request(request, place, ident): try: pb = get_hygiene_publicbody(place['lat'], place['lng']) except ValueError as e: messages.add_message(request, messages.ERROR, str(e)) return redirect('food-index') url = make_request_url(place, pb) stopper = False request_count = 0 if request.user.is_authenticated: request_count = get_request_count(request, pb) if request_count >= MAX_REQUEST_COUNT: stopper = True if stopper or request.GET.get('stopper') is not None: return get_redirect(request, default='food-index', params={ 'query': place['name'], 'latlng': '{},{}'.format(place['lat'], place['lng']), 'ident': ident }) return redirect(url)
def contact(request): if request.method == 'POST': form = ContactForm(data=request.POST) if form.is_valid(): form.send_mail() messages.add_message(request, messages.SUCCESS, 'Wir haben Ihre Nachricht erhalten.') return get_redirect(request)
def newsletter_subscribe_request(request, newsletter_slug=None): newsletter = get_object_or_404(Newsletter, slug=newsletter_slug or settings.DEFAULT_NEWSLETTER) if request.method == 'POST': form = NewsletterForm( data=request.POST, request=request, ) if form.is_valid(): email = form.cleaned_data['email'] result = subscribe(newsletter, email, user=request.user) if request.is_ajax(): # No-CSRF ajax request # are allowed to access current user if result == SubscriptionResult.ALREADY_SUBSCRIBED: return HttpResponse( content='''<div class="alert alert-info" role="alert"> Sie haben unseren Newsletter schon abonniert! </div>'''.encode('utf-8')) elif result == SubscriptionResult.SUBSCRIBED: return HttpResponse( content='''<div class="alert alert-primary" role="alert"> Sie haben unseren Newsletter erfolgreich abonniert! </div>'''.encode('utf-8')) elif result == SubscriptionResult.CONFIRM: return HttpResponse( content='''<div class="alert alert-primary" role="alert"> Sie haben eine E-Mail erhalten, um Ihr Abonnement zu bestätigen. </div>'''.encode('utf-8')) return HttpResponse('/') if result == SubscriptionResult.CONFIRM: messages.add_message( request, messages.INFO, 'Sie haben eine E-Mail erhalten, um Ihr Abonnement zu bestätigen.' ) return get_redirect(request, default='/') else: messages.add_message(request, messages.WARNING, 'Bitte überprüfen Sie Ihre Eingabe.') else: form = NewsletterForm(request=request, initial={'email': request.GET.get('email', '')}) if request.is_ajax(): url = '{}?{}'.format( reverse('fds_newsletter_subscribe_request', kwargs={'newsletter_slug': newsletter.slug}), urlencode({'email': form.data.get('email', '')})) return HttpResponse(url) return render(request, "fds_newsletter/subscribe.html", { 'newsletter': newsletter, 'form': form })
def delete_request(request, foirequest): if foirequest.status != 'awaiting_user_confirmation': return render_400(request) if foirequest.user != request.user: return render_400(request) foirequest.delete() return get_redirect(request)
def contact(request): if request.method == 'POST': form = ContactForm(data=request.POST) if form.is_valid(): form.send_mail() messages.add_message( request, messages.SUCCESS, 'Wir haben Ihre Nachricht erhalten.' ) return get_redirect(request)
def subscribe_newsletter(request): if not request.user.is_authenticated: return render_403(request) messages.add_message(request, messages.SUCCESS, _('You successfully subscribed to our newsletter!')) user = request.user user.newsletter = True user.save() return get_redirect(request)
def login(request, base="account/base.html", context=None, template='account/login.html', status=200): simple = False initial = None if not context: context = {} if "reset_form" not in context: context['reset_form'] = PasswordResetForm(prefix='pwreset') if "signup_form" not in context: context['signup_form'] = NewUserForm() if request.GET.get("simple") is not None: base = "simple_base.html" simple = True if request.GET.get('email'): initial = {'email': request.GET.get('email')} else: if request.user.is_authenticated: return redirect('account-show') if request.method == "POST" and status == 200: status = 400 # if ok, we are going to redirect anyways form = UserLoginForm(request.POST) if form.is_valid(): user = auth.authenticate(username=form.cleaned_data['email'], password=form.cleaned_data['password']) if user is not None: if user.is_active: auth.login(request, user) messages.add_message(request, messages.INFO, _('You are now logged in.')) if simple: return redirect(reverse('account-login') + "?simple") else: return get_redirect(request, default='account-show') else: messages.add_message( request, messages.ERROR, _('Please activate your mail address before logging in.' )) else: messages.add_message(request, messages.ERROR, _('E-mail and password do not match.')) else: form = UserLoginForm(initial=initial) context.update({ "form": form, "custom_base": base, "simple": simple, 'next': request.GET.get('next') }) return render(request, template, context, status=status)
def reset_token(request): if not request.user.is_authenticated: return render_403(request) form = ResetTokenForm(data=request.POST, user=request.user) if form.is_valid(): message = form.save() messages.add_message(request, messages.SUCCESS, message) else: messages.add_message(request, messages.ERROR, _('Failed to reset token.')) return get_redirect(request)
def new_terms(request): next = request.GET.get('next') if not request.user.is_authenticated: return get_redirect(request, default=next) if request.user.terms: return get_redirect(request, default=next) form = TermsForm() if request.POST: form = TermsForm(request.POST) if form.is_valid(): form.save(request.user) messages.add_message(request, messages.SUCCESS, _('Thank you for accepting our new terms!')) return get_redirect(request, default=next) else: messages.add_message(request, messages.ERROR, _('You need to accept our new terms to continue.')) return render(request, 'account/new_terms.html', { 'terms_form': form, 'next': next })
def new_terms(request): next = request.GET.get('next') if not request.user.is_authenticated: return get_redirect(request, default=next) if request.user.terms: return get_redirect(request, default=next) form = TermsForm() if request.POST: form = TermsForm(request.POST) if form.is_valid(): form.save(request.user) messages.add_message(request, messages.SUCCESS, _('Thank you for accepting our new terms!')) return get_redirect(request, default=next) else: messages.add_message( request, messages.ERROR, _('You need to accept our new terms to continue.')) return render(request, 'account/new_terms.html', { 'terms_form': form, 'next': next })
def change_password(request): if not request.user.is_authenticated: messages.add_message( request, messages.ERROR, _('You are not currently logged in, you cannot change your password.' )) return render_403(request) form = request.user.get_password_change_form(request.POST) if form.is_valid(): form.save() messages.add_message(request, messages.SUCCESS, _('Your password has been changed.')) return get_redirect(request, default=reverse('account-show')) return account_settings(request, context={"password_change_form": form}, status=400)
def change_password(request): if not request.user.is_authenticated: messages.add_message(request, messages.ERROR, _('You are not currently logged in, you cannot change your password.')) return render_403(request) form = request.user.get_password_change_form(request.POST) if form.is_valid(): form.save() auth.update_session_auth_hash(request, form.user) messages.add_message(request, messages.SUCCESS, _('Your password has been changed.')) return get_redirect(request, default=reverse('account-show')) else: messages.add_message(request, messages.ERROR, _('Your password was NOT changed. Please fix the errors.')) return account_settings( request, context={"password_change_form": form}, status=400 )
def login(request, context=None, template='account/login.html', status=200): if request.user.is_authenticated: return redirect('account-show') if not context: context = {} if "reset_form" not in context: context['reset_form'] = PasswordResetForm(prefix='pwreset') if "signup_form" not in context: context['signup_form'] = NewUserForm() if request.method == "POST" and status == 200: status = 400 # if ok, we are going to redirect anyways form = UserLoginForm(request.POST) if form.is_valid(): user = auth.authenticate( request, username=form.cleaned_data['email'], password=form.cleaned_data['password'] ) if user is not None: if user.is_active: auth.login(request, user) messages.add_message(request, messages.INFO, _('You are now logged in.')) return get_redirect(request, default='account-show') else: messages.add_message(request, messages.ERROR, _('Please activate your mail address before logging in.')) else: messages.add_message(request, messages.ERROR, _('E-mail and password do not match.')) else: form = UserLoginForm(initial=None) context.update({ "form": form, 'next': request.GET.get('next') }) return render(request, template, context, status=status)
def go(request, user_id, secret, url): if request.user.is_authenticated: if request.user.id != int(user_id): messages.add_message(request, messages.INFO, _('You are logged in with a different user account. Please logout first before using this link.')) return redirect(url) user = get_object_or_404(auth.get_user_model(), pk=int(user_id)) account_manager = AccountService(user) if account_manager.check_autologin_secret(secret): if user.is_deleted or user.is_blocked: # This will fail, but that's OK here return redirect(url) if not user.is_active: # Confirm user account (link came from email) user.date_deactivated = None user.is_active = True user.save() account_activated.send_robust(sender=user) auth.login(request, user) return redirect(url) # If login-link fails, prompt login with redirect return get_redirect(request, default='account-login', params={'next': url})