From 98594a07e2ac68a089d09a4fe78724c59c6ae7cf Mon Sep 17 00:00:00 2001 From: Philip Sargent Date: Mon, 27 Jan 2025 16:42:52 +0000 Subject: reistration of previously attending expoer working again. --- core/views/user_registration.py | 39 +++++++++++++++++++++++++++------------ templates/login/register.html | 11 +++-------- 2 files changed, 30 insertions(+), 20 deletions(-) diff --git a/core/views/user_registration.py b/core/views/user_registration.py index fc2aace..8741d7b 100644 --- a/core/views/user_registration.py +++ b/core/views/user_registration.py @@ -15,6 +15,8 @@ from troggle.core.utils import ( add_commit, is_identified_user ) +from troggle.core.views.auth import expologout + """ This is the new individual user login registration, instead of everyone signing in as "expo". This will be useful for the kanban expo organisation tool. @@ -133,14 +135,35 @@ def register(request, url_username=None): similar to the "expo" user (with cavey:beery password) but specific to an individual. + We only allow this to be done ONCE for each user-id. + """ warning = "" initial_values={"visible-passwords": "True"} logged_in = (identified_login := is_identified_user(request.user)) if logged_in: - return re_register_email(request) - + # logged in as a known real person with a USer logon + return re_register_email(request) # discarding url_username + + if not request.user.is_anonymous: + # logged in as expo or expoadmin, so logout invisibly before we do anything + expologout(request) # returns a response, which we discard + + if url_username: # if provided in URL + if Person.objects.filter(slug=url_username).count() != 1: + # not an old expoer, so redirect to the other form + print(Person.objects.filter(slug=url_username).count()) + return HttpResponseRedirect("/accounts/newregister/") + + initial_values.update({"username": url_username}) + form = register_form(initial=initial_values) + form.fields["username"].widget.attrs["readonly"]="readonly" + else: + form = register_form(initial=initial_values) + + + if request.method == "POST": form = register_form(request.POST) if form.is_valid(): @@ -152,7 +175,7 @@ def register(request, url_username=None): if len(expoers) != 0: # this is a password re-set, not a new registration. So we need to check it is the same person. form_user = expoers[0] - if current_user != form_user: + if request.user != form_user: print(f"## UNAUTHORIZED Password reset ## {request.user} {form_user}") # return render(request, "login/register.html", {"form": form, "unauthorized": True}) # create User in the system and refresh stored encrypted user list and git commit it: @@ -161,15 +184,7 @@ def register(request, url_username=None): # to do, login automatically, and redirect to control panel ? return HttpResponseRedirect("/accounts/login/") else: # GET - if url_username: # if provided in URL - if not request.user.is_anonymous: - warning = f"WARNING - you are logged-in as someone else '{request.user}'. You must logout and login again as '{url_username}' " - print(f"REGISTER: {warning}") - initial_values.update({"username": url_username}) - elif request.user: - initial_values.update({"username": request.user.username}) - - form = register_form(initial=initial_values) + pass return render(request, "login/register.html", {"form": form, "warning": warning, "logged_in": logged_in}) diff --git a/templates/login/register.html b/templates/login/register.html index e35f793..e832ade 100644 --- a/templates/login/register.html +++ b/templates/login/register.html @@ -40,21 +40,16 @@ li {color:red}

{% if newuser %} New User Registration
for someone who has never attended Expo {% else %} -User Registration - for a personal login to Troggle +User Registration - for a personal login to Troggle by a known caver {%endif %}

Register your email address

-{% if unauthorized %} - -UNAUTHORIZED attempt to change password or email address.
-You are not logged in as the user you are attempting to re-register. -{% endif %} {% if newuser %}

You need to register before you can fill out the 'signup' form to request to attend Expo. -- cgit v1.2.3