forked from lrvick/django-barcode-auth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
views.py
99 lines (90 loc) · 3.59 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
from backends import BarcodeAuthBackend
from django.conf import settings
from django.contrib import auth
#from django.contrib.auth.forms import UserCreationForm
from django.contrib.auth.models import User
from django.core.urlresolvers import reverse
from django.forms.models import model_to_dict
from django.http import HttpResponseRedirect, HttpResponse
from django.middleware.csrf import get_token
from django.shortcuts import render_to_response
from django.template import RequestContext
#from django.views.decorators.csrf import csrf_exempt
from barauth.forms import UserCreationForm
from barauth.models import UserBarcode
from barauth.utils import print_card
barcode_auth = BarcodeAuthBackend()
# BE AWARE that uncommenting this introduces security risks. Only do this if
# you need to login from something outside of the Django install
#@csrf_exempt
def login(request):
if hasattr(settings,'BARAUTH_REDIRECT_URL'):
referer = settings.BARAUTH_REDIRECT_URL
else:
referer = request.META.get('HTTP_REFERER', '/')
ctxt = None
user = None
if 'barcode_data' in request.REQUEST:
auth.logout(request)
barcode_data = request.REQUEST['barcode_data']
try:
user_id, password = barcode_data.lstrip('#').split('|')
user = barcode_auth.authenticate(
user_id=user_id,
password=password
)
except ValueError:
user = None
ctxt = {'referer': referer}
if user:
if user.is_active:
user.backend = 'django.contrib.auth.backends.ModelBackend'
auth.login(request, user)
else:
ctxt['error'] = True
if user:
return HttpResponseRedirect('%s?login=true&email=%s&full_name=%s %s' % (referer,user.email,user.first_name,user.last_name))
else:
return HttpResponseRedirect('%s?login=false' % referer)
def logout(request):
auth.logout(request)
return HttpResponseRedirect('/')
def register(request):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
if request.method == 'POST':
form = UserCreationForm(request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect('login')
else:
form = UserCreationForm()
return render_to_response("register.html", {
'form': form,
}, context_instance=RequestContext(request))
def profile(request, userprofile):
if not request.user.is_authenticated():
return HttpResponseRedirect(reverse('barauth.views.login', current_app='barauth'))
else:
user = User.objects.get(username=userprofile)
if request.user == user:
prefill = model_to_dict(user)
form = UserCreationForm(initial=prefill)
return render_to_response("profile.html", {
'form': form,
'user': user,
'enable_printing': settings.PRINT_CARDS,
}, context_instance=RequestContext(request))
else:
# Users can only see their own profiles
return HttpResponseRedirect('/')
def reprint(request, username=None):
if not request.user.is_authenticated():
return HttpResponseRedirect(reverse('barauth.views.login', current_app='barauth'))
else:
user = User.objects.get(username=username)
if request.user == user:
barcode = UserBarcode.objects.get(user=user).barcode.name
print_card(user, barcode)
# Now they should go get their card, so let's log them out for security
return HttpResponseRedirect(reverse('barauth.views.logout'))