meiri/alkator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

forgotten password

Browse Source
This commit is contained in:
Martin Quarda 2024-10-17 08:26:38 +02:00
parent 819536523c
commit d33c69941e
3 changed files with 64 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
alkatorapi/models.py
View File

@ -58,6 +58,7 @@ class Profile(models.Model):
first_name = models.CharField(max_length=120)
last_name = models.CharField(max_length=120)
phone = models.CharField(max_length=120, null=True, blank=True)
forgotten_password_code = models.CharField(max_length=120, null=True, blank=True)
address = models.CharField(max_length=255, null=True, blank=True)
def __str__(self):

46
alkatorapi/views.py
View File

@ -15,6 +15,7 @@ from datetime import date, datetime, timedelta
from dateutil.relativedelta import relativedelta
from weasyprint import HTML
from urllib.parse import parse_qs
import secrets
import requests
import json
import glob
@ -70,21 +71,50 @@ def register_user(request):
return HttpResponse('{"success":"Úspěšná registrace!", "redirect":"/#"}', content_type='application/json')
@csrf_exempt
def forgotten_password(request):
if not request.POST['email']:
return HttpResponse('{"reason":"Email je povinný!"}', status=400, content_type='application/json')
if not request.POST['password1'] or not request.POST['password2']:
return HttpResponse('{"reason":"Heslo je povinné!"}', status=400, content_type='application/json')
if request.POST['password1'] != request.POST['password2']:
return HttpResponse('{"reason":"Hesla se neshodují!"}', status=400, content_type='application/json')
if not request.POST['code']:
return HttpResponse('{"reason":"Kód pro obnovení hesla je povinný!"}', status=400, content_type='application/json')
user = DjangoUser.objects.get(username=request.POST['email'])
if user.profile.forgotten_password_code != request.POST['code']:
return HttpResponse('{"reason":"Špatný kód!"}', status=400, content_type='application/json')
user.set_password(request.POST['password1'])
user.save()
auth_login(request, user)
@csrf_exempt
def login(request):
try:
user = authenticate(request, username=request.POST['email'], password=request.POST['password'])
except MultiValueDictKeyError:
return HttpResponse('{"reason":"Nezadané jméno nebo heslo!"}', status=400, content_type='application/json')
if user is not None:
auth_login(request, user)
return HttpResponse('{"success":"Úspěšně přihlášen uživatel '+ user.email + '", "redirect":"/#"}', content_type='application/json')
if "forgotten_password" in request.POST:
email = request.POST["email"]
user = DjangoUser.objects.get(username=email)
code = secrets.token_urlsafe(10)
user.profile.forgotten_password_code = code
user.profile.save()
mail = EmailMessage("zapomenuté heslo v Alkátor Race", f"""{code}""", "info@alkator.cz", [request.POST["email"]])
mail.send()
return HttpResponse('{"success":"Úspěšně poslán kód pro obnovení hesla uživatele '+ user.email + '", "redirect":"/#forgotten_password"}', content_type='application/json')
else:
return HttpResponse('{"reason":"Nesprávné jméno nebo heslo!"}', status=400, content_type='application/json')
try:
user = authenticate(request, username=request.POST['email'], password=request.POST['password'])
except MultiValueDictKeyError:
return HttpResponse('{"reason":"Nezadané jméno nebo heslo!"}', status=400, content_type='application/json')
if user is not None:
auth_login(request, user)
return HttpResponse('{"success":"Úspěšně přihlášen uživatel '+ user.email + '", "redirect":"/#"}', content_type='application/json')
else:
return HttpResponse('{"reason":"Nesprávné jméno nebo heslo!"}', status=400, content_type='application/json')
@csrf_exempt
def logout(request):
auth_logout(request)
return redirect("/#")

26
frontend/src/scripts/index.js
View File

@ -474,7 +474,7 @@ class Main extends Component {
<input name="email" class="form-control" type="email" />
</div>
<div class="mb-3">
<label for="address" class="form-label">Adresa (kvůli fakturaci)</label>
<label for="address" class="form-label">Fakturační Adresa</label>
<input type="text" class="form-control" id="address" name="address" />
</div>
<div class="mb-3">
@ -493,6 +493,29 @@ class Main extends Component {
</form>
</div>
}
{this.state.page == "#forgotten_password" &&
<div>
<form id="form" action="/api/login" class="container" onSubmit={(e) => this.onSubmit(e)}>
<div class="mb-3">
<label for="email" class="form-label">Přihlašovací email:</label>
<input name="email" class="form-control" type="email" />
</div>
<div class="mb-3">
<label for="code" class="form-label">Kód pro obnovení hesla:</label>
<input type="password" class="form-control" name="code"/>
</div>
<div class="mb-3">
<label for="password1" class="form-label">Nové heslo:</label>
<input type="password" class="form-control" name="password1"/>
</div>
<div class="mb-3">
<label for="password2" class="form-label">Nové heslo znova:</label>
<input type="password" class="form-control" name="password2"/>
</div>
<button type="submit" class="btn btn-primary">Přihlásit</button>
</form>
</div>
}
{this.state.page == "#login" &&
<div>
<form id="form" action="/api/login" class="container" onSubmit={(e) => this.onSubmit(e)}>
@ -504,6 +527,7 @@ class Main extends Component {
<label for="password" class="form-label">Heslo:</label>
<input type="password" class="form-control" name="password"/>
</div>
<button type="submit" name="forgotten_password" class="btn btn-light">Zapomenuté heslo</button>
<button type="submit" class="btn btn-primary">Přihlásit</button>
</form>
</div>