-
Notifications
You must be signed in to change notification settings - Fork 2.6k
/
Copy pathviews.py
153 lines (124 loc) · 5.14 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
"""This file and its contents are licensed under the Apache License 2.0. Please see the included NOTICE for copyright information and LICENSE for a copy of the license.
"""
import logging
from urllib.parse import quote
from core.feature_flags import flag_set
from core.middleware import enforce_csrf_checks
from core.utils.common import load_func
from django.conf import settings
from django.contrib import auth
from django.contrib.auth.decorators import login_required
from django.core.exceptions import PermissionDenied
from django.shortcuts import redirect, render, reverse
from django.utils.http import url_has_allowed_host_and_scheme
from organizations.forms import OrganizationSignupForm
from organizations.models import Organization
from rest_framework.authtoken.models import Token
from users import forms
from users.functions import login, proceed_registration
logger = logging.getLogger()
@login_required
def logout(request):
auth.logout(request)
if settings.HOSTNAME:
redirect_url = settings.HOSTNAME
if not redirect_url.endswith('/'):
redirect_url += '/'
return redirect(redirect_url)
return redirect('/')
@enforce_csrf_checks
def user_signup(request):
"""Sign up page"""
user = request.user
next_page = request.GET.get('next')
token = request.GET.get('token')
# checks if the URL is a safe redirection.
if not next_page or not url_has_allowed_host_and_scheme(url=next_page, allowed_hosts=request.get_host()):
next_page = reverse('projects:project-index')
user_form = forms.UserSignupForm()
organization_form = OrganizationSignupForm()
if user.is_authenticated:
return redirect(next_page)
# make a new user
if request.method == 'POST':
organization = Organization.objects.first()
if settings.DISABLE_SIGNUP_WITHOUT_LINK is True:
if not (token and organization and token == organization.token):
raise PermissionDenied()
else:
if token and organization and token != organization.token:
raise PermissionDenied()
user_form = forms.UserSignupForm(request.POST)
organization_form = OrganizationSignupForm(request.POST)
if user_form.is_valid():
redirect_response = proceed_registration(request, user_form, organization_form, next_page)
if redirect_response:
return redirect_response
if flag_set('fflag_feat_front_lsdv_e_297_increase_oss_to_enterprise_adoption_short'):
return render(
request,
'users/new-ui/user_signup.html',
{
'user_form': user_form,
'organization_form': organization_form,
'next': quote(next_page),
'token': token,
'found_us_options': forms.FOUND_US_OPTIONS,
'elaborate': forms.FOUND_US_ELABORATE,
},
)
return render(
request,
'users/user_signup.html',
{
'user_form': user_form,
'organization_form': organization_form,
'next': quote(next_page),
'token': token,
},
)
@enforce_csrf_checks
def user_login(request):
"""Login page"""
user = request.user
next_page = request.GET.get('next')
# checks if the URL is a safe redirection.
if not next_page or not url_has_allowed_host_and_scheme(url=next_page, allowed_hosts=request.get_host()):
next_page = reverse('projects:project-index')
login_form = load_func(settings.USER_LOGIN_FORM)
form = login_form()
if user.is_authenticated:
return redirect(next_page)
if request.method == 'POST':
form = login_form(request.POST)
if form.is_valid():
user = form.cleaned_data['user']
login(request, user, backend='django.contrib.auth.backends.ModelBackend')
if form.cleaned_data['persist_session'] is not True:
# Set the session to expire when the browser is closed
request.session['keep_me_logged_in'] = False
request.session.set_expiry(0)
# user is organization member
org_pk = Organization.find_by_user(user).pk
user.active_organization_id = org_pk
user.save(update_fields=['active_organization'])
return redirect(next_page)
if flag_set('fflag_feat_front_lsdv_e_297_increase_oss_to_enterprise_adoption_short'):
return render(request, 'users/new-ui/user_login.html', {'form': form, 'next': quote(next_page)})
return render(request, 'users/user_login.html', {'form': form, 'next': quote(next_page)})
@login_required
def user_account(request):
user = request.user
if user.active_organization is None and 'organization_pk' not in request.session:
return redirect(reverse('main'))
form = forms.UserProfileForm(instance=user)
Token.objects.get(user=user)
if request.method == 'POST':
form = forms.UserProfileForm(request.POST, instance=user)
if form.is_valid():
form.save()
return redirect(reverse('user-account'))
return render(
request,
'base.html',
)