django-musician/musician/views.py

109 lines
3.3 KiB
Python

from django.http import HttpResponseRedirect
from django.shortcuts import render
from django.urls import reverse_lazy
from django.utils.http import is_safe_url
from django.views.generic.base import RedirectView, TemplateView
from django.views.generic.edit import FormView
from django.views.generic.list import ListView
from . import api, get_version
from .auth import login as auth_login
from .auth import logout as auth_logout
from .forms import LoginForm
from .mixins import CustomContextMixin, UserTokenRequiredMixin
class DashboardView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
template_name = "musician/dashboard.html"
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
# TODO retrieve all data needed from orchestra
raw_domains = self.orchestra.retrieve_service_list('domain')
context.update({
'domains': raw_domains
})
return context
class MailView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
template_name = "musician/mail.html"
class MailingListsView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
template_name = "musician/mailinglists.html"
class DatabasesView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
template_name = "musician/databases.html"
class SaasView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
template_name = "musician/saas.html"
class LoginView(FormView):
template_name = 'auth/login.html'
form_class = LoginForm
success_url = reverse_lazy('musician:dashboard')
redirect_field_name = 'next'
extra_context = {'version': get_version()}
def get_form_kwargs(self):
kwargs = super().get_form_kwargs()
kwargs['request'] = self.request
return kwargs
def form_valid(self, form):
"""Security check complete. Log the user in."""
auth_login(self.request, form.username, form.token)
return HttpResponseRedirect(self.get_success_url())
def get_success_url(self):
url = self.get_redirect_url()
return url or self.success_url
def get_redirect_url(self):
"""Return the user-originating redirect URL if it's safe."""
redirect_to = self.request.POST.get(
self.redirect_field_name,
self.request.GET.get(self.redirect_field_name, '')
)
url_is_safe = is_safe_url(
url=redirect_to,
allowed_hosts={self.request.get_host()},
require_https=self.request.is_secure(),
)
return redirect_to if url_is_safe else ''
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context.update({
self.redirect_field_name: self.get_redirect_url(),
**(self.extra_context or {})
})
return context
class LogoutView(RedirectView):
"""
Log out the user.
"""
permanent = False
pattern_name = 'musician:login'
def get_redirect_url(self, *args, **kwargs):
"""
Logs out the user.
"""
auth_logout(self.request)
return super().get_redirect_url(*args, **kwargs)
def post(self, request, *args, **kwargs):
"""Logout may be done via POST."""
return self.get(request, *args, **kwargs)