- | {{ u.login }} |
+ {{ u.login }} |
{{ u.is_superuser }} |
{{ u.last_login }} |
{{ u.last_password_change }} |
diff --git a/templates/account/register.html b/templates/account/register.html
index eabe57c..2dea048 100644
--- a/templates/account/register.html
+++ b/templates/account/register.html
@@ -82,7 +82,7 @@
{% endfor %}
-
+
diff --git a/templates/account/view.html b/templates/account/view.html
index 01b6350..cce6941 100644
--- a/templates/account/view.html
+++ b/templates/account/view.html
@@ -14,11 +14,13 @@
{% endblock %}
{% block content %}
+Вернуться на главную
+
Статус администратора: {{ view_user.is_superuser }}
Последний вход: {{ view_user.last_login }}
Последнее обновление пароля: {{ view_user.last_password_change }}
{% if perms.users.change_user or view_user.login == user.login %}
- (сменить)
+ (сменить)
{% endif %}
Зарегистрирован: {{ view_user.registered }}
@@ -27,4 +29,5 @@
Удалить аккаунт
{% endif %}
+
{% endblock %}
diff --git a/users/urls.py b/users/urls.py
index 80d3468..71a77b1 100644
--- a/users/urls.py
+++ b/users/urls.py
@@ -18,12 +18,12 @@ from django.urls import path
from . import views
urlpatterns = [
- path('', views.default_view, name='account'),
+ path('', views.view_account, name='account-view'),
path('register', views.view_register, name='register'),
path('login', views.view_login, name='login'),
path('logout', views.view_logout, name='logout'),
path('list', views.view_list, name='accounts-list'),
- path('view', views.view_account, name='account-view'),
- path('change-password', views.default_view, name='change-password'),
+ path('view/', views.view_account, name='account-view'),
+ path('change-password', views.view_change_password, name='change-password'),
path('delete/', views.default_view, name='delete-account'),
]
diff --git a/users/views.py b/users/views.py
index 7f89b8a..85d4050 100644
--- a/users/views.py
+++ b/users/views.py
@@ -1,9 +1,10 @@
import os
+from django.contrib.auth.forms import PasswordChangeForm
from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest, Http404
from django.shortcuts import render
# from django.db.models import Manager
-from django.contrib.auth import authenticate, login, logout
+from django.contrib.auth import authenticate, login, logout, update_session_auth_hash
from django.contrib.auth.decorators import login_required, permission_required
from .models import User
from .forms import UserRegisterForm
@@ -54,16 +55,17 @@ def view_login(request):
@login_required
-def view_account(request):
+def view_account(request, username=None):
view_user = request.user
- if 'username' in request.GET:
- if request.user.has_perm('users.view_user'):
- try:
- view_user = User.objects.get_by_natural_key(request.GET['username'])
- except:
- return Http404()
- else:
- raise PermissionError()
+ if username is not None:
+ if username != view_user.login:
+ if request.user.has_perm('users.view_user'):
+ try:
+ view_user = User.objects.get_by_natural_key(username)
+ except:
+ return Http404()
+ else:
+ raise PermissionError()
return render(request, 'account/view.html', {'view_user': view_user})
@@ -78,6 +80,28 @@ def view_register(request):
return render(request, 'account/register.html', {'form': form})
+@login_required
+def view_change_password(request):
+ user = request.user
+ if 'username' in request.GET:
+ if request.user.has_perm('users.change_user'):
+ try:
+ user = User.objects.get_by_natural_key(request.GET['username'])
+ except:
+ return Http404()
+ else:
+ raise PermissionError()
+
+ form = PasswordChangeForm(user=user, data=(request.POST or None))
+ if request.method == "POST":
+ if form.is_valid():
+ form.save()
+ update_session_auth_hash(request, form.user)
+ return HttpResponseRedirect('account')
+
+ return render(request, 'account/change-password.html', {'form': form, 'target_user': user})
+
+
@login_required
@permission_required(perm='users.view_user', raise_exception=True)
def view_list(request):