base menu, about page, atom feed

2023-07-25 20:03:54 +01:00 · 2023-07-25 20:03:54 +01:00 · 0b64fd58a1
commit 0b64fd58a1
parent 013ca30765
21 changed files with 284 additions and 47 deletions
--- a/app/user/views.py
+++ b/app/user/views.py
@ -2,6 +2,7 @@ import json

 from django.shortcuts import render
 from django.shortcuts import redirect
+from django.conf import settings
 import django.contrib.auth
 from django.contrib.auth import get_user_model

@ -15,35 +16,55 @@ User = get_user_model()
@ratelimit(method="POST", block=True, rate="5/m")
 def register(request):
    response = {}
-    data = json.loads(request.body)
-    if User.objects.filter(username__iexact=data['username']).exists():
-        response['error'] = 'username not allowed'
-    elif User.objects.filter(email__iexact=data['email']).exists():
-        response['error'] = 'username not allowed'
-    elif not data['password']:
-        response['error'] = 'password too simple'
-    if not response:
-        user = User(username=data['username'], email=data['email'].lower())
-        user.set_password(data['password'])
-        user.is_active = True
-        user.save()
-        user = django.contrib.auth.authenticate(username=data['username'], password=data['password'])
-        django.contrib.auth.login(request, user)
-        response['user'] = user.username
-    return render_to_json(response)
+    if request.method == "POST":
+        data = json.loads(request.body)
+        if User.objects.filter(username__iexact=data['username']).exists():
+            response['error'] = 'username not allowed'
+        elif User.objects.filter(email__iexact=data['email']).exists():
+            response['error'] = 'username not allowed'
+        elif not data['password']:
+            response['error'] = 'password too simple'
+        if not response:
+            user = User(username=data['username'], email=data['email'].lower())
+            user.set_password(data['password'])
+            user.is_active = True
+            user.save()
+            user = django.contrib.auth.authenticate(username=data['username'], password=data['password'])
+            django.contrib.auth.login(request, user)
+            response['user'] = user.username
+        return render_to_json(response)
+    else:
+        context = {'settings': settings}
+        return render(request, 'register.html', context)


@ratelimit(method="POST", block=True, rate="5/m")
 def login(request):
+    context = {'settings': settings}
    response = {}
-    data = json.loads(request.body)
-    user = django.contrib.auth.authenticate(username=data['username'], password=data['password'])
-    if user is not None and user.is_active:
-        django.contrib.auth.login(request, user)
-        response['user'] = user.username
+    request_type = 'json'
+    if request.method == "POST":
+        if "username" in request.POST and "password" in request.POST:
+            data = request.POST
+            request_type = 'html'
+        else:
+            data = json.loads(request.body)
+        user = django.contrib.auth.authenticate(username=data['username'], password=data['password'])
+        if user is not None and user.is_active:
+            django.contrib.auth.login(request, user)
+            response['user'] = user.username
+            if request_type == 'html':
+                return redirect('/')
+        else:
+            response['error'] = 'login failed'
+            if request_type == 'html':
+                context['error'] = response['error']
+                return render(request, 'login.html', context)
+        return render_to_json(response)
    else:
-        response['error'] = 'login failed'
-    return render_to_json(response)
+        if request.user.is_authenticated:
+            return redirect('/')
+        return render(request, 'login.html', context)


 def logout(request):