diff options
| author | Philip Sargent <philip.sargent@gmail.com> | 2025-01-27 16:42:52 +0000 |
|---|---|---|
| committer | Philip Sargent <philip.sargent@gmail.com> | 2025-01-27 16:42:52 +0000 |
| commit | 98594a07e2ac68a089d09a4fe78724c59c6ae7cf (patch) | |
| tree | c2096c043ddce6eac9cb0e1794e67dee09bcaefa /core | |
| parent | 1825ed55fcb3b8522aa4a8139c49a02f6f992e73 (diff) | |
| download | troggle-98594a07e2ac68a089d09a4fe78724c59c6ae7cf.tar.gz troggle-98594a07e2ac68a089d09a4fe78724c59c6ae7cf.tar.bz2 troggle-98594a07e2ac68a089d09a4fe78724c59c6ae7cf.zip | |
reistration of previously attending expoer working again.
Diffstat (limited to 'core')
| -rw-r--r-- | core/views/user_registration.py | 39 |
1 files changed, 27 insertions, 12 deletions
diff --git a/core/views/user_registration.py b/core/views/user_registration.py index fc2aace..8741d7b 100644 --- a/core/views/user_registration.py +++ b/core/views/user_registration.py @@ -15,6 +15,8 @@ from troggle.core.utils import ( add_commit,
is_identified_user
)
+from troggle.core.views.auth import expologout
+
"""
This is the new individual user login registration, instead of everyone signing
in as "expo". This will be useful for the kanban expo organisation tool.
@@ -133,14 +135,35 @@ def register(request, url_username=None): similar to the "expo" user
(with cavey:beery password) but specific to an individual.
+ We only allow this to be done ONCE for each user-id.
+
"""
warning = ""
initial_values={"visible-passwords": "True"}
logged_in = (identified_login := is_identified_user(request.user))
if logged_in:
- return re_register_email(request)
-
+ # logged in as a known real person with a USer logon
+ return re_register_email(request) # discarding url_username
+
+ if not request.user.is_anonymous:
+ # logged in as expo or expoadmin, so logout invisibly before we do anything
+ expologout(request) # returns a response, which we discard
+
+ if url_username: # if provided in URL
+ if Person.objects.filter(slug=url_username).count() != 1:
+ # not an old expoer, so redirect to the other form
+ print(Person.objects.filter(slug=url_username).count())
+ return HttpResponseRedirect("/accounts/newregister/")
+
+ initial_values.update({"username": url_username})
+ form = register_form(initial=initial_values)
+ form.fields["username"].widget.attrs["readonly"]="readonly"
+ else:
+ form = register_form(initial=initial_values)
+
+
+
if request.method == "POST":
form = register_form(request.POST)
if form.is_valid():
@@ -152,7 +175,7 @@ def register(request, url_username=None): if len(expoers) != 0:
# this is a password re-set, not a new registration. So we need to check it is the same person.
form_user = expoers[0]
- if current_user != form_user:
+ if request.user != form_user:
print(f"## UNAUTHORIZED Password reset ## {request.user} {form_user}")
# return render(request, "login/register.html", {"form": form, "unauthorized": True})
# create User in the system and refresh stored encrypted user list and git commit it:
@@ -161,15 +184,7 @@ def register(request, url_username=None): # to do, login automatically, and redirect to control panel ?
return HttpResponseRedirect("/accounts/login/")
else: # GET
- if url_username: # if provided in URL
- if not request.user.is_anonymous:
- warning = f"WARNING - you are logged-in as someone else '{request.user}'. You must logout and login again as '{url_username}' "
- print(f"REGISTER: {warning}")
- initial_values.update({"username": url_username})
- elif request.user:
- initial_values.update({"username": request.user.username})
-
- form = register_form(initial=initial_values)
+ pass
return render(request, "login/register.html", {"form": form, "warning": warning, "logged_in": logged_in})
|