feat: Restructure view of own profile, add token authorization for API

2024-11-18 22:40:59 +01:00 · 2024-11-18 22:40:59 +01:00 · 5dd1991af8
commit 5dd1991af8
parent c0edef51bd
5 changed files with 49 additions and 10 deletions
--- a/src/fellchensammlung/templates/fellchensammlung/details/detail-user.html
+++ b/src/fellchensammlung/templates/fellchensammlung/details/detail-user.html
@ -13,8 +13,23 @@
        <p>{% translate "Keine bevorzugte Sprache gesetzt." %}</p>
    {% endif %}

-    {% if user.id is request.user.id %}
+    {% if token %}
+        <form action="" class="btn2" method="POST">
+            {% csrf_token %}
+            <p class="text-muted"><strong>{% translate "API token:" %}</strong> {{ token }}</p>
+            <input class="create-token" type="submit" name="delete_token" value={% translate "Delete API token" %}>
+        </form>
+    {% else %}
+        <p>{% translate "No token set." %}</p>
+        <form action="" method="POST">
+            {% csrf_token %}
+            <input class="create-token" type="submit" name="create_token" value={% translate "Create API token" %}>
+        </form>
+    {% endif %}

+    {% if user.id is request.user.id %}
+        <p><a href="{% url 'password_change' %}">{% translate "Change password here." %}</a></p>
+        <p><a href="{% url 'index' %}">{% translate "Export your data." %}</a></p>
        <h2>{% translate 'Benachrichtigungen' %}</h2>
        {% include "fellchensammlung/lists/list-notifications.html" %}
        <h2>{% translate 'Meine Vermittlungen' %}</h2>
--- a/src/fellchensammlung/templates/fellchensammlung/header.html
+++ b/src/fellchensammlung/templates/fellchensammlung/header.html
@ -26,7 +26,7 @@

                </div>

-                <a class="btn2" href="{{ user.get_absolute_url }}"><i aria-hidden="true" class="fas fa-user"></i></a>
+                <a class="btn2" href="{% url 'user-me' %}"><i aria-hidden="true" class="fas fa-user"></i></a>
                <form class="btn2 button_darken" action="{% url 'logout' %}" method="post">
                    {% csrf_token %}
                    <button class="button" type="submit"><i aria-hidden="true" class="fas fa-sign-out"></i></button>
--- a/src/fellchensammlung/urls.py
+++ b/src/fellchensammlung/urls.py
@ -53,6 +53,7 @@ urlpatterns = [
    ###########
    # ex: user/1
    path("user/<int:user_id>/", views.user_detail, name="user-detail"),
+    path("user/me/", views.my_profile, name="user-me"),

    path('accounts/register/',
         RegistrationView.as_view(
--- a/src/fellchensammlung/views.py
+++ b/src/fellchensammlung/views.py
@ -23,6 +23,7 @@ from .tools.geo import GeoAPI
 from .tools.metrics import gather_metrics_data
 from .tools.admin import clean_locations, get_unchecked_adoption_notices, deactivate_unchecked_adoption_notices
 from .tasks import add_adoption_notice_location
+from rest_framework.authtoken.models import Token


 def user_is_trust_level_or_above(user, trust_level=User.MODERATOR):
@ -69,7 +70,9 @@ def change_language(request):
            translation.activate(language_code)
            response = HttpResponseRedirect(redirect_path)
            response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language_code)
-    return response
+            return response
+        else:
+            return render(request, 'fellchensammlung/index.html')


 def adoption_notice_detail(request, adoption_notice_id):
@ -415,12 +418,31 @@ def report_detail_success(request, report_id):
    return report_detail(request, report_id, form_complete=True)


+def user_detail(request, user, token=None):
+    context = {"user": user,
+               "adoption_notices": AdoptionNotice.objects.filter(owner=user),
+               "notifications": CommentNotification.objects.filter(user=user, read=False)}
+    if token is not None:
+        context["token"] = token
+    return render(request, 'fellchensammlung/details/detail-user.html', context=context)
+
+
@login_required
-def user_detail(request, user_id):
+def user_by_id(request, user_id):
    user = User.objects.get(id=user_id)
    # Only users that are mods or owners of the user are allowed to view
    fail_if_user_not_owner_or_trust_level(request.user, user)
-    if request.method == "POST":
+    return user_detail(request, user)
+
+
+@login_required()
+def my_profile(request):
+    if request.method == 'POST':
+        if "create_token" in request.POST:
+            Token.objects.create(user=request.user)
+        elif "delete_token" in request.POST:
+            Token.objects.get(user=request.user).delete()
+
        action = request.POST.get("action")
        if action == "notification_mark_read":
            notification_id = request.POST.get("notification_id")
@ -432,11 +454,11 @@ def user_detail(request, user_id):
            for notification in notifications:
                notification.read = True
                notification.save()
-
-    context = {"user": user,
-               "adoption_notices": AdoptionNotice.objects.filter(owner=user),
-               "notifications": CommentNotification.objects.filter(user=user, read=False)}
-    return render(request, 'fellchensammlung/details/detail-user.html', context=context)
+    try:
+        token = Token.objects.get(user=request.user)
+    except Token.DoesNotExist:
+        token = None
+    return user_detail(request, request.user, token)


@user_passes_test(user_is_trust_level_or_above)
--- a/src/notfellchen/settings.py
+++ b/src/notfellchen/settings.py
@ -169,6 +169,7 @@ INSTALLED_APPS = [
    'crispy_forms',
    "crispy_bootstrap4",
    "rest_framework",
+    'rest_framework.authtoken'
 ]

 MIDDLEWARE = [