1
0
Fork 0
mirror of https://github.com/retspen/webvirtcloud synced 2024-12-27 16:45:22 +00:00
webvirtcloud/accounts/views.py

216 lines
6.3 KiB
Python
Raw Normal View History

2020-10-08 11:57:51 +00:00
from admin.decorators import superuser_only
2020-10-14 08:37:46 +00:00
from django.conf import settings
from django.contrib import messages
from django.contrib.auth import get_user_model, update_session_auth_hash, login as auth_login
from django.contrib.auth.decorators import permission_required
from django.contrib.auth.forms import PasswordChangeForm
2020-06-16 12:35:08 +00:00
from django.shortcuts import get_object_or_404, redirect, render
from django.urls import reverse
from django.http import HttpResponseRedirect
2020-10-14 08:37:46 +00:00
from django.utils.translation import gettext_lazy as _
2020-10-08 11:57:51 +00:00
from instances.models import Instance
2020-06-16 05:09:55 +00:00
2020-10-19 08:26:08 +00:00
from accounts.forms import EmailOTPForm, ProfileForm, UserSSHKeyForm
from accounts.models import *
2020-06-16 12:35:08 +00:00
from . import forms
2020-10-19 08:26:08 +00:00
from .utils import get_user_totp_device, send_email_with_otp
from django.contrib.auth.views import LoginView
from logs.views import addlogmsg
2015-03-02 08:52:07 +00:00
class CustomLoginView(LoginView):
def form_valid(self, form):
username = form.cleaned_data['username']
addlogmsg(username, "-", "-", "Logged In")
auth_login(self.request, form.get_user())
return HttpResponseRedirect(self.get_success_url())
def form_invalid(self, form):
username = form.cleaned_data['username']
addlogmsg(username, "-", "-", "Failed Login Attempt")
return self.render_to_response(self.get_context_data(form=form))
2015-03-18 15:13:44 +00:00
2020-06-16 12:35:08 +00:00
def profile(request):
2015-05-27 11:10:57 +00:00
publickeys = UserSSHKey.objects.filter(user_id=request.user.id)
2020-10-14 08:37:46 +00:00
profile_form = ProfileForm(request.POST or None, instance=request.user)
ssh_key_form = UserSSHKeyForm()
2020-05-19 16:53:54 +00:00
2020-10-14 08:37:46 +00:00
if profile_form.is_valid():
profile_form.save()
messages.success(request, _("Profile updated"))
return redirect("accounts:profile")
2020-10-14 08:37:46 +00:00
return render(
request,
"profile.html",
{
"publickeys": publickeys,
"profile_form": profile_form,
"ssh_key_form": ssh_key_form,
},
)
2020-10-14 08:37:46 +00:00
def ssh_key_create(request):
key_form = UserSSHKeyForm(request.POST or None, user=request.user)
if key_form.is_valid():
key_form.save()
messages.success(request, _("SSH key added"))
return redirect("accounts:profile")
2020-10-14 08:37:46 +00:00
return render(
request,
"common/form.html",
{
"form": key_form,
"title": _("Add SSH key"),
},
)
2020-10-14 08:37:46 +00:00
def ssh_key_delete(request, pk):
ssh_key = get_object_or_404(UserSSHKey, pk=pk, user=request.user)
if request.method == "POST":
2020-10-14 08:37:46 +00:00
ssh_key.delete()
messages.success(request, _("SSH key deleted"))
return redirect("accounts:profile")
2020-10-14 08:37:46 +00:00
return render(
request,
"common/confirm_delete.html",
{
"object": ssh_key,
"title": _("Delete SSH key"),
},
)
2015-03-18 15:13:44 +00:00
2019-09-10 06:48:31 +00:00
@superuser_only
2015-03-18 15:13:44 +00:00
def account(request, user_id):
2015-03-02 08:52:07 +00:00
user = User.objects.get(id=user_id)
2015-03-10 14:24:10 +00:00
user_insts = UserInstance.objects.filter(user_id=user_id)
2020-09-25 12:57:17 +00:00
instances = Instance.objects.all().order_by("name")
publickeys = UserSSHKey.objects.filter(user_id=user_id)
2015-03-10 14:24:10 +00:00
2020-10-19 08:26:08 +00:00
return render(
request,
"account.html",
{
"user": user,
"user_insts": user_insts,
"instances": instances,
"publickeys": publickeys,
"otp_enabled": settings.OTP_ENABLED,
},
)
2020-09-25 12:57:17 +00:00
@permission_required("accounts.change_password", raise_exception=True)
def change_password(request):
2020-10-14 08:37:46 +00:00
form = PasswordChangeForm(request.user, request.POST or None)
if form.is_valid():
user = form.save()
update_session_auth_hash(request, user) # Important!
messages.success(request, _("Password Changed"))
return redirect("accounts:profile")
2020-10-08 11:57:51 +00:00
return render(request, "accounts/change_password_form.html", {"form": form})
2020-06-16 12:35:08 +00:00
@superuser_only
def user_instance_create(request, user_id):
user = get_object_or_404(User, pk=user_id)
2020-09-25 12:57:17 +00:00
form = forms.UserInstanceForm(request.POST or None, initial={"user": user})
2020-06-16 12:35:08 +00:00
if form.is_valid():
form.save()
2020-10-14 08:37:46 +00:00
return redirect(reverse("accounts:account", args=[user.id]))
2020-06-16 12:35:08 +00:00
return render(
request,
2020-09-25 12:57:17 +00:00
"common/form.html",
2020-06-16 12:35:08 +00:00
{
2020-09-25 12:57:17 +00:00
"form": form,
"title": _("Create User Instance"),
2020-06-16 12:35:08 +00:00
},
)
@superuser_only
def user_instance_update(request, pk):
user_instance = get_object_or_404(UserInstance, pk=pk)
form = forms.UserInstanceForm(request.POST or None, instance=user_instance)
if form.is_valid():
form.save()
2020-10-14 08:37:46 +00:00
return redirect(reverse("accounts:account", args=[user_instance.user.id]))
2020-06-16 12:35:08 +00:00
return render(
request,
"common/form.html",
2020-06-16 12:35:08 +00:00
{
2020-09-25 12:57:17 +00:00
"form": form,
"title": _("Update User Instance"),
2020-06-16 12:35:08 +00:00
},
)
@superuser_only
def user_instance_delete(request, pk):
user_instance = get_object_or_404(UserInstance, pk=pk)
2020-09-25 12:57:17 +00:00
if request.method == "POST":
2020-06-16 12:35:08 +00:00
user = user_instance.user
user_instance.delete()
2020-09-25 12:57:17 +00:00
next = request.GET.get("next", None)
2020-07-13 09:33:09 +00:00
if next:
return redirect(next)
else:
2020-10-14 08:37:46 +00:00
return redirect(reverse("accounts:account", args=[user.id]))
2020-06-16 12:35:08 +00:00
return render(
request,
2020-09-25 12:57:17 +00:00
"common/confirm_delete.html",
{"object": user_instance},
2020-06-16 12:35:08 +00:00
)
2020-10-19 08:26:08 +00:00
def email_otp(request):
form = EmailOTPForm(request.POST or None)
if form.is_valid():
UserModel = get_user_model()
try:
user = UserModel.objects.get(email=form.cleaned_data["email"])
2020-10-19 08:26:08 +00:00
except UserModel.DoesNotExist:
pass
else:
device = get_user_totp_device(user)
send_email_with_otp(user, device)
2022-11-02 05:54:35 +00:00
messages.success(
2022-11-02 13:05:41 +00:00
request, _("OTP Sent to %(email)s") % {"email": form.cleaned_data["email"]}
2022-11-02 05:54:35 +00:00
)
return redirect("accounts:login")
2020-10-19 08:26:08 +00:00
return render(
request,
"accounts/email_otp_form.html",
{
"form": form,
"title": _("Email OTP"),
},
)
2020-10-19 08:26:08 +00:00
@superuser_only
def admin_email_otp(request, user_id):
user = get_object_or_404(get_user_model(), pk=user_id)
device = get_user_totp_device(user)
if user.email != "":
send_email_with_otp(user, device)
2022-11-02 05:54:35 +00:00
messages.success(
2022-11-02 13:05:41 +00:00
request, _("OTP QR code was emailed to user %(user)s") % {"user": user}
2022-11-02 05:54:35 +00:00
)
else:
2022-11-02 13:05:41 +00:00
messages.error(request, _("User email not set, failed to send QR code"))
return redirect("accounts:account", user.id)