Handle log-in functionality.

Restricts users from accessing pages if they're not logged in.

Handle log-in functionality.
Restricts users from accessing pages if they're not logged in.
cc06974a · Martina Therese R. Reyes · d84da1ff · cc06974a
Commit cc06974a authored May 17, 2022 by Martina Therese R. Reyes
Show whitespace changes
Inline Side-by-side

Showing with 45 additions and 23 deletions

views.py main/views.py +45 -23

No files found.
--- a/main/views.py
+++ b/main/views.py
@@ -7,14 +7,20 @@ from django.core.exceptions import ValidationError
 from django.contrib import messages
 from django.contrib.auth import authenticate, login, logout

+# restricting the views to logged in users, every view we want restricted
+from django.contrib.auth.decorators import login_required
+
 from .models import *
 from .forms import *

 from datetime import datetime, timedelta

 def registerPage(request):
+    # dont want a logged in user to see this
+    if request.user.is_authenticated:
+        return redirect('/')
+    else:
        form = CreateUserForm()
-
        if request.method == 'POST':
            form = CreateUserForm(request.POST)
            if form.is_valid():
@@ -28,6 +34,10 @@ def registerPage(request):
        return render(request, 'boodlesite/templates/registration/register.html', context)

 def loginPage(request):
+    # dont want a logged in user to see this
+    if request.user.is_authenticated:
+        return redirect('/')
+    else:
        if request.method == 'POST':
            user_name = request.POST.get('username')
            pass_word = request.POST.get('password')
@@ -46,6 +56,7 @@ def logoutUser(request):
    logout(request)
    return redirect('login')

+@login_required(login_url='login')
 def homepage(request):
    print(Auction.objects.all())

@@ -67,6 +78,7 @@ def homepage(request):

    return render(request, "boodlesite/templates/index.html",context)    

+@login_required(login_url='login')
 def auction(request,pk):

    # Current auction ID
@@ -119,9 +131,11 @@ def auction(request,pk):
    else:
        return render(request, "boodlesite/templates/auction.html",context)    

+@login_required(login_url='login')
 def error404(request):
    return render(request, "boodlesite/templates/error404/notstarted_error404.html")

+@login_required(login_url='login')
 def tempstore(request): # temp view

    #### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] ####
@@ -133,6 +147,7 @@ def tempstore(request): # temp view

    return render(request, "boodlesite/templates/tempstore.html", context)

+@login_required(login_url='login')
 def mystore(request, pk):

    #### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] ####
@@ -165,6 +180,7 @@ def mystore(request, pk):

    return render(request, "boodlesite/templates/store.html", context)

+@login_required(login_url='login')
 def addItem(request, pk):

    # Current Store, pk here is the storeid
@@ -186,6 +202,7 @@ def addItem(request, pk):

    return render(request, "boodlesite/templates/additem.html", context)

+@login_required(login_url='login')
 def editItem(request, pk):

    item = Item.objects.get(itemid=pk)
@@ -205,6 +222,7 @@ def editItem(request, pk):

    return render(request, "boodlesite/templates/additem.html", context)

+@login_required(login_url='login')
 def startAuction(request, pk):

    # pk is store id
@@ -245,6 +263,7 @@ def startAuction(request, pk):

    return render(request, "boodlesite/templates/startauction.html", context)

+@login_required(login_url='login')
 def tempProfile(request): # temp view

    #### Access to store 1 [ edit accordingly when it becomes accessible thru a user ] ####
@@ -258,6 +277,7 @@ def tempProfile(request): # temp view

    return render(request, "boodlesite/templates/tempprofile.html", context)

+@login_required(login_url='login')
 def profile(request, pk):
    
    current_user = BoodleUser.objects.get(pk=pk)
@@ -311,6 +331,7 @@ def profile(request, pk):

    return render(request, "boodlesite/templates/profile.html", context)

+@login_required(login_url='login')
 def editStore(request, pk):

    store= Store.objects.get(storeid=pk)
@@ -330,6 +351,7 @@ def editStore(request, pk):

    return render(request, "boodlesite/templates/storeForm.html", context)

+@login_required(login_url='login')
 def editProfile(request, pk):

    user= BoodleUser.objects.get(userid=pk) # boodleuser object