logon-logout and flashes

Author: olyapka84

accounts/forms.py

@@ -0,0 +1,12 @@
+from django import forms
+from django.contrib.auth.forms import UserCreationForm
+from django.contrib.auth.models import User
+
+
+class CustomUserCreationForm(UserCreationForm):
+    first_name = forms.CharField(label='Имя', max_length=150, required=False)
+    last_name = forms.CharField(label='Фамилия', max_length=150, required=False)
+
+    class Meta(UserCreationForm.Meta):
+        model = User
+        fields = ('username', 'first_name', 'last_name', 'password1', 'password2')

accounts/urls.py

@@ -1,7 +1,7 @@
 # accounts/urls.py
 from django.urls import path
-from django.contrib.auth.views import LoginView, LogoutView
-from .views import UserListView, UserUpdateView, UserDeleteView, UserCreateView
+from django.contrib.auth.views import LoginView
+from .views import UserListView, UserUpdateView, UserDeleteView, UserCreateView, UserLogoutView, UserLoginView
 
 app_name = "users"
 
@@ -11,6 +11,6 @@
     path("<int:pk>/update/", UserUpdateView.as_view(), name="update"),
     path("<int:pk>/delete/", UserDeleteView.as_view(), name="delete"),
     # auth
-    path("login/", LoginView.as_view(template_name="users/login.html"), name="login"),
-    path("logout/", LogoutView.as_view(), name="logout"),
+    path("login/", UserLoginView.as_view(template_name="users/login.html"), name="login"),
+    path('logout/', UserLogoutView.as_view(), name='logout'),
 ]

accounts/views.py

@@ -1,9 +1,14 @@
 # accounts/views.py
+from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
 from django.contrib.auth.models import User
+from django.contrib import messages
+from django.contrib.auth.views import LogoutView, LoginView
+from django.shortcuts import redirect
 from django.views.generic import ListView, UpdateView, DeleteView
 from django.urls import reverse_lazy
 from django.views.generic import CreateView
-from django.contrib.auth.forms import UserCreationForm
+from .forms import CustomUserCreationForm
+
 
 class UserListView(ListView):
     model = User
@@ -12,20 +17,62 @@ class UserListView(ListView):
     ordering = ["username"]
 
 
-class UserUpdateView(UpdateView):
+class OnlySelfMixin(UserPassesTestMixin):
+    def test_func(self):
+        obj = self.get_object()
+        return self.request.user.is_authenticated and obj.pk == self.request.user.pk
+
+    def handle_no_permission(self):
+        messages.error(self.request, "У вас нет прав для изменения другого пользователя.")
+        return redirect("users:list")
+
+
+class UserCreateView(CreateView):
+    form_class = CustomUserCreationForm
+    template_name = "users/create.html"
+    success_url = reverse_lazy("users:list")
+
+    def form_valid(self, form):
+        response = super().form_valid(form)
+        messages.success(self.request, "Пользователь успешно создан.")
+        return response
+
+
+class UserUpdateView(LoginRequiredMixin, OnlySelfMixin, UpdateView):
     model = User
     fields = ["username", "first_name", "last_name"]
     template_name = "users/update.html"
     success_url = reverse_lazy("users:list")
 
+    def form_valid(self, form):
+        response = super().form_valid(form)
+        messages.success(self.request, "Изменения успешно сохранены.")
+        return response
 
-class UserDeleteView(DeleteView):
+
+class UserDeleteView(LoginRequiredMixin, OnlySelfMixin, DeleteView):
     model = User
     template_name = "users/delete.html"
     success_url = reverse_lazy("users:list")
 
+    def delete(self, request, *args, **kwargs):
+        messages.success(self.request, "Пользователь успешно удалён.")
+        return super().delete(request, *args, **kwargs)
+
+
+class UserLoginView(LoginView):
+    template_name = 'users/login.html'
+    next_page = reverse_lazy('home')  # куда редиректить после входа
+
+    def form_valid(self, form):
+        messages.success(self.request, "Вы успешно залогинены.")
+        return super().form_valid(form)
+
+
+class UserLogoutView(LogoutView):
+    next_page = reverse_lazy('home')
+
+    def dispatch(self, request, *args, **kwargs):
+        messages.info(request, "Вы успешно разлогинены.")
+        return super().dispatch(request, *args, **kwargs)
 
-class UserCreateView(CreateView):
-    form_class = UserCreationForm
-    template_name = "users/create.html"
-    success_url = reverse_lazy("users:list")

db.sqlite3

@@ -15,15 +15,22 @@
         <a class="navbar-brand" href="/">Менеджер Задач</a>
         <div>
           <ul class="navbar-nav me-auto mb-2 mb-md-0">
+            {% if user.is_authenticated %}
+            <form method="post" action="{% url 'users:logout' %}">
+            {% csrf_token %}
+            <button class="btn btn-outline-light btn-sm" type="submit">Выйти</button>
+            </form>
+            {% else %}
             <li class="nav-item"><a class="nav-link" href="{% url 'users:login' %}">Вход</a></li>
             <li class="nav-item"><a class="nav-link" href="{% url 'users:create' %}">Регистрация</a></li>
+            {% endif %}
             <li class="nav-item"><a class="nav-link" href="{% url 'users:list' %}">Пользователи</a></li>
           </ul>
         </div>
       </div>
     </nav>
-
     <main class="container">
+        {% bootstrap_messages %}
       {% block content %}{% endblock %}
     </main>
   </body>