feat: Restructure view of own profile, add token authorization for API

This commit is contained in:
moanos [he/him] 2024-11-18 22:40:59 +01:00
parent c0edef51bd
commit 5dd1991af8
5 changed files with 49 additions and 10 deletions

View File

@ -13,8 +13,23 @@
<p>{% translate "Keine bevorzugte Sprache gesetzt." %}</p> <p>{% translate "Keine bevorzugte Sprache gesetzt." %}</p>
{% endif %} {% endif %}
{% if user.id is request.user.id %} {% if token %}
<form action="" class="btn2" method="POST">
{% csrf_token %}
<p class="text-muted"><strong>{% translate "API token:" %}</strong> {{ token }}</p>
<input class="create-token" type="submit" name="delete_token" value={% translate "Delete API token" %}>
</form>
{% else %}
<p>{% translate "No token set." %}</p>
<form action="" method="POST">
{% csrf_token %}
<input class="create-token" type="submit" name="create_token" value={% translate "Create API token" %}>
</form>
{% endif %}
{% if user.id is request.user.id %}
<p><a href="{% url 'password_change' %}">{% translate "Change password here." %}</a></p>
<p><a href="{% url 'index' %}">{% translate "Export your data." %}</a></p>
<h2>{% translate 'Benachrichtigungen' %}</h2> <h2>{% translate 'Benachrichtigungen' %}</h2>
{% include "fellchensammlung/lists/list-notifications.html" %} {% include "fellchensammlung/lists/list-notifications.html" %}
<h2>{% translate 'Meine Vermittlungen' %}</h2> <h2>{% translate 'Meine Vermittlungen' %}</h2>

View File

@ -26,7 +26,7 @@
</div> </div>
<a class="btn2" href="{{ user.get_absolute_url }}"><i aria-hidden="true" class="fas fa-user"></i></a> <a class="btn2" href="{% url 'user-me' %}"><i aria-hidden="true" class="fas fa-user"></i></a>
<form class="btn2 button_darken" action="{% url 'logout' %}" method="post"> <form class="btn2 button_darken" action="{% url 'logout' %}" method="post">
{% csrf_token %} {% csrf_token %}
<button class="button" type="submit"><i aria-hidden="true" class="fas fa-sign-out"></i></button> <button class="button" type="submit"><i aria-hidden="true" class="fas fa-sign-out"></i></button>

View File

@ -53,6 +53,7 @@ urlpatterns = [
########### ###########
# ex: user/1 # ex: user/1
path("user/<int:user_id>/", views.user_detail, name="user-detail"), path("user/<int:user_id>/", views.user_detail, name="user-detail"),
path("user/me/", views.my_profile, name="user-me"),
path('accounts/register/', path('accounts/register/',
RegistrationView.as_view( RegistrationView.as_view(

View File

@ -23,6 +23,7 @@ from .tools.geo import GeoAPI
from .tools.metrics import gather_metrics_data from .tools.metrics import gather_metrics_data
from .tools.admin import clean_locations, get_unchecked_adoption_notices, deactivate_unchecked_adoption_notices from .tools.admin import clean_locations, get_unchecked_adoption_notices, deactivate_unchecked_adoption_notices
from .tasks import add_adoption_notice_location from .tasks import add_adoption_notice_location
from rest_framework.authtoken.models import Token
def user_is_trust_level_or_above(user, trust_level=User.MODERATOR): def user_is_trust_level_or_above(user, trust_level=User.MODERATOR):
@ -69,7 +70,9 @@ def change_language(request):
translation.activate(language_code) translation.activate(language_code)
response = HttpResponseRedirect(redirect_path) response = HttpResponseRedirect(redirect_path)
response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language_code) response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language_code)
return response return response
else:
return render(request, 'fellchensammlung/index.html')
def adoption_notice_detail(request, adoption_notice_id): def adoption_notice_detail(request, adoption_notice_id):
@ -415,12 +418,31 @@ def report_detail_success(request, report_id):
return report_detail(request, report_id, form_complete=True) return report_detail(request, report_id, form_complete=True)
def user_detail(request, user, token=None):
context = {"user": user,
"adoption_notices": AdoptionNotice.objects.filter(owner=user),
"notifications": CommentNotification.objects.filter(user=user, read=False)}
if token is not None:
context["token"] = token
return render(request, 'fellchensammlung/details/detail-user.html', context=context)
@login_required @login_required
def user_detail(request, user_id): def user_by_id(request, user_id):
user = User.objects.get(id=user_id) user = User.objects.get(id=user_id)
# Only users that are mods or owners of the user are allowed to view # Only users that are mods or owners of the user are allowed to view
fail_if_user_not_owner_or_trust_level(request.user, user) fail_if_user_not_owner_or_trust_level(request.user, user)
if request.method == "POST": return user_detail(request, user)
@login_required()
def my_profile(request):
if request.method == 'POST':
if "create_token" in request.POST:
Token.objects.create(user=request.user)
elif "delete_token" in request.POST:
Token.objects.get(user=request.user).delete()
action = request.POST.get("action") action = request.POST.get("action")
if action == "notification_mark_read": if action == "notification_mark_read":
notification_id = request.POST.get("notification_id") notification_id = request.POST.get("notification_id")
@ -432,11 +454,11 @@ def user_detail(request, user_id):
for notification in notifications: for notification in notifications:
notification.read = True notification.read = True
notification.save() notification.save()
try:
context = {"user": user, token = Token.objects.get(user=request.user)
"adoption_notices": AdoptionNotice.objects.filter(owner=user), except Token.DoesNotExist:
"notifications": CommentNotification.objects.filter(user=user, read=False)} token = None
return render(request, 'fellchensammlung/details/detail-user.html', context=context) return user_detail(request, request.user, token)
@user_passes_test(user_is_trust_level_or_above) @user_passes_test(user_is_trust_level_or_above)

View File

@ -169,6 +169,7 @@ INSTALLED_APPS = [
'crispy_forms', 'crispy_forms',
"crispy_bootstrap4", "crispy_bootstrap4",
"rest_framework", "rest_framework",
'rest_framework.authtoken'
] ]
MIDDLEWARE = [ MIDDLEWARE = [