Handle log-in functionality.

Restricts users from accessing pages if they're not logged in.
parent d84da1ff
...@@ -7,14 +7,20 @@ from django.core.exceptions import ValidationError ...@@ -7,14 +7,20 @@ from django.core.exceptions import ValidationError
from django.contrib import messages from django.contrib import messages
from django.contrib.auth import authenticate, login, logout from django.contrib.auth import authenticate, login, logout
# restricting the views to logged in users, every view we want restricted
from django.contrib.auth.decorators import login_required
from .models import * from .models import *
from .forms import * from .forms import *
from datetime import datetime, timedelta from datetime import datetime, timedelta
def registerPage(request): def registerPage(request):
# dont want a logged in user to see this
if request.user.is_authenticated:
return redirect('/')
else:
form = CreateUserForm() form = CreateUserForm()
if request.method == 'POST': if request.method == 'POST':
form = CreateUserForm(request.POST) form = CreateUserForm(request.POST)
if form.is_valid(): if form.is_valid():
...@@ -28,6 +34,10 @@ def registerPage(request): ...@@ -28,6 +34,10 @@ def registerPage(request):
return render(request, 'boodlesite/templates/registration/register.html', context) return render(request, 'boodlesite/templates/registration/register.html', context)
def loginPage(request): def loginPage(request):
# dont want a logged in user to see this
if request.user.is_authenticated:
return redirect('/')
else:
if request.method == 'POST': if request.method == 'POST':
user_name = request.POST.get('username') user_name = request.POST.get('username')
pass_word = request.POST.get('password') pass_word = request.POST.get('password')
...@@ -46,6 +56,7 @@ def logoutUser(request): ...@@ -46,6 +56,7 @@ def logoutUser(request):
logout(request) logout(request)
return redirect('login') return redirect('login')
@login_required(login_url='login')
def homepage(request): def homepage(request):
print(Auction.objects.all()) print(Auction.objects.all())
...@@ -67,6 +78,7 @@ def homepage(request): ...@@ -67,6 +78,7 @@ def homepage(request):
return render(request, "boodlesite/templates/index.html",context) return render(request, "boodlesite/templates/index.html",context)
@login_required(login_url='login')
def auction(request,pk): def auction(request,pk):
# Current auction ID # Current auction ID
...@@ -119,9 +131,11 @@ def auction(request,pk): ...@@ -119,9 +131,11 @@ def auction(request,pk):
else: else:
return render(request, "boodlesite/templates/auction.html",context) return render(request, "boodlesite/templates/auction.html",context)
@login_required(login_url='login')
def error404(request): def error404(request):
return render(request, "boodlesite/templates/error404/notstarted_error404.html") return render(request, "boodlesite/templates/error404/notstarted_error404.html")
@login_required(login_url='login')
def tempstore(request): # temp view def tempstore(request): # temp view
#### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] #### #### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] ####
...@@ -133,6 +147,7 @@ def tempstore(request): # temp view ...@@ -133,6 +147,7 @@ def tempstore(request): # temp view
return render(request, "boodlesite/templates/tempstore.html", context) return render(request, "boodlesite/templates/tempstore.html", context)
@login_required(login_url='login')
def mystore(request, pk): def mystore(request, pk):
#### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] #### #### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] ####
...@@ -165,6 +180,7 @@ def mystore(request, pk): ...@@ -165,6 +180,7 @@ def mystore(request, pk):
return render(request, "boodlesite/templates/store.html", context) return render(request, "boodlesite/templates/store.html", context)
@login_required(login_url='login')
def addItem(request, pk): def addItem(request, pk):
# Current Store, pk here is the storeid # Current Store, pk here is the storeid
...@@ -186,6 +202,7 @@ def addItem(request, pk): ...@@ -186,6 +202,7 @@ def addItem(request, pk):
return render(request, "boodlesite/templates/additem.html", context) return render(request, "boodlesite/templates/additem.html", context)
@login_required(login_url='login')
def editItem(request, pk): def editItem(request, pk):
item = Item.objects.get(itemid=pk) item = Item.objects.get(itemid=pk)
...@@ -205,6 +222,7 @@ def editItem(request, pk): ...@@ -205,6 +222,7 @@ def editItem(request, pk):
return render(request, "boodlesite/templates/additem.html", context) return render(request, "boodlesite/templates/additem.html", context)
@login_required(login_url='login')
def startAuction(request, pk): def startAuction(request, pk):
# pk is store id # pk is store id
...@@ -245,6 +263,7 @@ def startAuction(request, pk): ...@@ -245,6 +263,7 @@ def startAuction(request, pk):
return render(request, "boodlesite/templates/startauction.html", context) return render(request, "boodlesite/templates/startauction.html", context)
@login_required(login_url='login')
def tempProfile(request): # temp view def tempProfile(request): # temp view
#### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] #### #### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] ####
...@@ -258,6 +277,7 @@ def tempProfile(request): # temp view ...@@ -258,6 +277,7 @@ def tempProfile(request): # temp view
return render(request, "boodlesite/templates/tempprofile.html", context) return render(request, "boodlesite/templates/tempprofile.html", context)
@login_required(login_url='login')
def profile(request, pk): def profile(request, pk):
current_user = BoodleUser.objects.get(pk=pk) current_user = BoodleUser.objects.get(pk=pk)
...@@ -311,6 +331,7 @@ def profile(request, pk): ...@@ -311,6 +331,7 @@ def profile(request, pk):
return render(request, "boodlesite/templates/profile.html", context) return render(request, "boodlesite/templates/profile.html", context)
@login_required(login_url='login')
def editStore(request, pk): def editStore(request, pk):
store= Store.objects.get(storeid=pk) store= Store.objects.get(storeid=pk)
...@@ -330,6 +351,7 @@ def editStore(request, pk): ...@@ -330,6 +351,7 @@ def editStore(request, pk):
return render(request, "boodlesite/templates/storeForm.html", context) return render(request, "boodlesite/templates/storeForm.html", context)
@login_required(login_url='login')
def editProfile(request, pk): def editProfile(request, pk):
user= BoodleUser.objects.get(userid=pk) # boodleuser object user= BoodleUser.objects.get(userid=pk) # boodleuser object
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment