223 lines
7.6 KiB
Python
223 lines
7.6 KiB
Python
from django.shortcuts import render, redirect
|
|
from accounts.models import *
|
|
from django.http import Http404
|
|
from accounts.forms import *
|
|
from django.contrib import messages
|
|
from django.contrib.auth import update_session_auth_hash
|
|
from accounts.utils import *
|
|
from django.contrib.auth import authenticate, login, logout
|
|
from django.contrib.auth.decorators import login_required
|
|
from core.decorators import *
|
|
from django.conf import settings
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# Admin User List #
|
|
# # # # # # # # # # # # # # # # # #
|
|
@login_required(login_url='logIn')
|
|
@admin_role_required
|
|
def usersList(request):
|
|
users = UserProfile.objects.all()
|
|
context = {
|
|
'title': 'Users',
|
|
'users': users,
|
|
}
|
|
return render(request, 'authenticate/user/users.html', context)
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# Admin User Edit #
|
|
# # # # # # # # # # # # # # # # # #
|
|
@login_required(login_url='logIn')
|
|
@admin_role_required
|
|
def editUserProfile(request, id):
|
|
try:
|
|
profile = UserProfile.objects.get(id=id)
|
|
user = profile.user
|
|
except UserProfile.DoesNotExist:
|
|
raise Http404("User profile does not exist")
|
|
|
|
if request.method == 'POST':
|
|
form = UserProfileForm(request.POST, request.FILES, instance=profile)
|
|
if form.is_valid():
|
|
form.save()
|
|
messages.success(request, 'Profile updated successfully.')
|
|
return redirect('editUserProfile', user.id)
|
|
else:
|
|
form = UserProfileForm(instance=profile)
|
|
|
|
context = {
|
|
'title': 'Edit User Profile',
|
|
'form': form,
|
|
'profile': profile,
|
|
'user': user,
|
|
}
|
|
return render(request, 'authenticate/user/edit.html', context)
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# Admin User Create #
|
|
# # # # # # # # # # # # # # # # # #
|
|
@login_required(login_url='logIn')
|
|
@admin_role_required
|
|
def createUser(request):
|
|
if request.method == 'POST':
|
|
form = CustomUserCreationForm(request.POST)
|
|
if form.is_valid():
|
|
user = form.save(commit=False) # Prevent immediate save
|
|
user.role = form.cleaned_data['role'] # Set role from form
|
|
user.save() # Save User instance to DB
|
|
|
|
# Update or Create a profile for the user
|
|
UserProfile.objects.update_or_create(
|
|
user=user,
|
|
defaults={
|
|
'name': form.cleaned_data['name'],
|
|
'email': form.cleaned_data['email']
|
|
}
|
|
)
|
|
|
|
return redirect('userList')
|
|
else:
|
|
print(form.errors)
|
|
else:
|
|
form = CustomUserCreationForm()
|
|
|
|
context = {
|
|
'title': 'Create User',
|
|
'form': form,
|
|
}
|
|
return render(request, 'authenticate/user/create.html', context)
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# Admin User Password #
|
|
# # # # # # # # # # # # # # # # # #
|
|
@login_required(login_url='logIn')
|
|
@admin_role_required
|
|
def changePassword(request, id):
|
|
|
|
user = User.objects.get(id=id)
|
|
profile = UserProfile.objects.get(user=user)
|
|
|
|
if request.method == 'POST':
|
|
form = UserPasswordChangeForm(user, request.POST)
|
|
if form.is_valid():
|
|
user = form.save()
|
|
update_session_auth_hash(request, user)
|
|
messages.success(request, 'Password changed successfully.')
|
|
return redirect('changePassword', user.id)
|
|
else:
|
|
form = UserPasswordChangeForm(user)
|
|
|
|
context = {
|
|
'title': 'Change Password',
|
|
'form': form,
|
|
'profile': profile,
|
|
'user': user,
|
|
}
|
|
return render(request, 'authenticate/user/password.html', context)
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# Admin Delete User #
|
|
# # # # # # # # # # # # # # # # # #
|
|
@login_required(login_url='logIn')
|
|
@admin_role_required
|
|
def deleteUser(request, id):
|
|
try:
|
|
user = User.objects.get(id=id)
|
|
profile = UserProfile.objects.get(user=user)
|
|
user.delete()
|
|
profile.delete()
|
|
except User.DoesNotExist:
|
|
raise Http404("User does not exist")
|
|
|
|
return redirect('userList')
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# Reset Password #
|
|
# # # # # # # # # # # # # # # # # #
|
|
def initiate_password_reset(request):
|
|
if request.method == 'POST':
|
|
username = request.POST.get('username')
|
|
try:
|
|
user = User.objects.get(username=username)
|
|
generate_reset_token_and_send_email(user, request)
|
|
messages.success(request, 'An email has sent!')
|
|
return redirect('initiate_password_reset')
|
|
except User.DoesNotExist:
|
|
messages.warning(request, 'Invalid username!')
|
|
return redirect('initiate_password_reset')
|
|
context = {
|
|
'title' : 'Forgot Password'
|
|
}
|
|
return render(request, 'authenticate/auth/forgotpassword.html', context)
|
|
|
|
def reset_password(request, token):
|
|
try:
|
|
password_reset_token = PasswordResetToken.objects.get(token=token)
|
|
if password_reset_token.is_expired():
|
|
messages.warning(request, 'The password reset token has expired. Please initiate the password reset process again.')
|
|
return redirect('password_reset')
|
|
|
|
if request.method == 'POST':
|
|
new_password1 = request.POST.get('new_password1')
|
|
new_password2 = request.POST.get('new_password2')
|
|
if new_password1 == new_password2:
|
|
|
|
user = password_reset_token.user
|
|
user.set_password(new_password1)
|
|
user.save()
|
|
|
|
update_session_auth_hash(request, user)
|
|
|
|
password_reset_token.delete()
|
|
messages.success(request, 'Password reset successfully!')
|
|
return redirect('/')
|
|
else:
|
|
messages.warning(request, 'Passwords did not match. Please try again.')
|
|
return redirect('reset_password', token=token)
|
|
context = {
|
|
'title' : 'Reset Password'
|
|
}
|
|
return render(request, 'authenticate/auth/reset.html', context)
|
|
except PasswordResetToken.DoesNotExist:
|
|
messages.warning(request, 'Invalid token. Please ensure you have the correct link.')
|
|
return redirect('initiate_password_reset')
|
|
except Exception as e:
|
|
messages.warning(request, f'An error occurred: {str(e)}')
|
|
return redirect('/')
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# Login #
|
|
# # # # # # # # # # # # # # # # # #
|
|
def logIn(request):
|
|
if not request.user.is_authenticated:
|
|
if request.method == 'POST':
|
|
username = request.POST.get('username')
|
|
password = request.POST.get('login[password]')
|
|
user = authenticate(request, username=username, password=password)
|
|
if user is not None:
|
|
login(request, user)
|
|
return redirect('adminHome')
|
|
else:
|
|
messages.warning(request, 'Invalid username or password!')
|
|
return redirect('logIn')
|
|
|
|
else:
|
|
demo_mode = True if 'core.middleware.middleware.DemoModeMiddleware' in settings.MIDDLEWARE else False
|
|
context = {
|
|
'title' : 'Log In',
|
|
'demo_mode' : demo_mode
|
|
}
|
|
return render(request, 'authenticate/auth/login.html', context)
|
|
else:
|
|
return redirect('adminHome')
|
|
|
|
# # # # # # # # # # # # # # # # # #
|
|
# LogOut #
|
|
# # # # # # # # # # # # # # # # # #
|
|
@login_required(login_url='signIn')
|
|
def LogOut(request):
|
|
logout(request)
|
|
messages.success(request, 'Logout successfully!')
|
|
return redirect('logIn')
|
|
|
|
def error_404(request, exception):
|
|
return render(request, 'error/404.html', status=404) |