diff --git a/index/tests.py b/index/tests.py deleted file mode 100644 index 7ce503c..0000000 --- a/index/tests.py +++ /dev/null @@ -1,3 +0,0 @@ -from django.test import TestCase - -# Create your tests here. diff --git a/index/views.py b/index/views.py index 6c40a9b..a115b4c 100644 --- a/index/views.py +++ b/index/views.py @@ -1,6 +1,6 @@ import os -from django.http import HttpResponse, HttpResponseRedirect +from django.http import HttpResponse, HttpResponseRedirect, HttpResponseForbidden from django.shortcuts import render # from django.db.models import Manager from django.contrib.auth import authenticate, login @@ -12,41 +12,30 @@ TEST_BASE_FETCH = "https://test.wawaa.ru/dev-fetch.php" def view_index(request): - return render(request, 'index.html') - # if request.user.is_authenticated: - # return render(request, 'index.html') - # else: - # return HttpResponseRedirect() + if request.user.is_authenticated: + return render(request, 'index.html') + else: + return HttpResponseRedirect('/account/login') def view_stats(request): - # только для тестирования! - res = requests.get(TEST_BASE_FETCH + "?stats", headers={'Authorization': os.getenv("TEST_AUTH")}) - response = HttpResponse(res.content) - response.headers["Content-type"] = response.headers["Content-type"] - return response + if request.user.is_authenticated: + # только для тестирования! + res = requests.get(TEST_BASE_FETCH + "?stats", headers={'Authorization': os.getenv("TEST_AUTH")}) + response = HttpResponse(res.content) + response.headers["Content-type"] = response.headers["Content-type"] + return response + else: + return HttpResponseForbidden() def view_tank_chart(request): - # только для тестирования! - days = request.GET.get('days', '7') - res = requests.get(TEST_BASE_FETCH + "?tank_chart=" + days, headers={'Authorization': os.getenv("TEST_AUTH")}) - response = HttpResponse(res.content) - response.headers["Content-type"] = response.headers["Content-type"] - return response - - -# вход - - -def view_login(request): - username = request.POST["username"] - password = request.POST["password"] - user = authenticate(request, username=username, password=password) - if user is not None: - login(request, user) - return HttpResponseRedirect('/') + if request.user.is_authenticated: + # только для тестирования! + days = request.GET.get('days', '7') + res = requests.get(TEST_BASE_FETCH + "?tank_chart=" + days, headers={'Authorization': os.getenv("TEST_AUTH")}) + response = HttpResponse(res.content) + response.headers["Content-type"] = response.headers["Content-type"] + return response else: - # Return an 'invalid login' error message. - pass - + return HttpResponseForbidden() diff --git a/ospaz_site/settings.py b/ospaz_site/settings.py index d3acf18..ac13666 100644 --- a/ospaz_site/settings.py +++ b/ospaz_site/settings.py @@ -29,7 +29,7 @@ PROJECT_ROOT = os.path.dirname(__file__) SECRET_KEY = os.getenv('DJANGO_SECRET') ALLOWED_HOSTS = ['10.8.0.2', '10.8.0.6', 'ospaz.wawaa.ru', 'dev.ospaz.wawaa.ru'] -# CSRF_TRUSTED_ORIGINS = ['https://ospaz.wawaa.ru'] +CSRF_TRUSTED_ORIGINS = ['http://10.8.0.2', 'http://10.8.0.6', 'https://ospaz.wawaa.ru', 'https://dev.ospaz.wawaa.ru'] # HTTPS settings https://docs.djangoproject.com/en/5.0/topics/security/ #CSRF_COOKIE_SECURE = True @@ -37,8 +37,7 @@ ALLOWED_HOSTS = ['10.8.0.2', '10.8.0.6', 'ospaz.wawaa.ru', 'dev.ospaz.wawaa.ru'] #DEBUG = False # HTTP settings -DEBUG = True - +DEBUG = int(os.getenv('PROJECT_DEBUG', '0')) != 0 # Application definition diff --git a/ospaz_site/urls.py b/ospaz_site/urls.py index b9717ba..90147ba 100644 --- a/ospaz_site/urls.py +++ b/ospaz_site/urls.py @@ -21,6 +21,7 @@ from django.contrib.staticfiles.views import serve urlpatterns = [ path('', include('index.urls')), + path('account/', include('users.urls')), path('admin/', admin.site.urls), path('favicon.ico', lambda req: serve(req, 'favicon.svg')) ] diff --git a/static/css/style.css b/static/css/style.css index b43ab16..6bdc8dd 100644 --- a/static/css/style.css +++ b/static/css/style.css @@ -10,6 +10,7 @@ body { --bg-color: #FEFEFE; --bg-selected: #F1F1F1; + --bg-action: #5181fe; } @media (prefers-color-scheme: dark) { @@ -25,6 +26,7 @@ body { --bg-color: #2d2c33; --bg-selected: #424248; + --bg-action: #4a70d5; } } diff --git a/static/js/index-main.js b/static/js/index-main.js index 496c1db..20af3a7 100644 --- a/static/js/index-main.js +++ b/static/js/index-main.js @@ -66,7 +66,11 @@ function approximateWithTimestamps(dataset) { async function makeRequest(url) { let response = await fetch(url) - if (response.status !== 200) { + if (response.status === 403) { + // http Forbidden, исправляется перезагрузкой страницы и просмотром окошка "Требуется авторизация" + window.location.reload() + return {} + } else if (response.status !== 200) { console.log('fetch(' + url + ') failed. Status Code: ' + response.status); return null; } diff --git a/templates/account/login.html b/templates/account/login.html new file mode 100644 index 0000000..59514cc --- /dev/null +++ b/templates/account/login.html @@ -0,0 +1,103 @@ +{% extends 'base.html' %} +{% load static %} + +{% block styles %} + +{% endblock %} + +{% block header %} +

Вход

+{% endblock %} + +{% block content %} +
+

Войти

+
+ {% csrf_token %} + + {% if message %} +
+ {{ message }} +
+ {% endif %} + +
+ + +
+ +
+ + +
+ +
+ +
+
+
+ + +{% endblock %} diff --git a/templates/base.html b/templates/base.html index 3a3ae0e..818158f 100644 --- a/templates/base.html +++ b/templates/base.html @@ -12,7 +12,13 @@
- {% block header %} тут должен быть хидер {% endblock %} + {% block header %} +

Мониторинг водозаборного узла

+
+ {{ user.login }} + Выход +
+ {% endblock %}
{% block content %} тут должен быть контент {% endblock %} diff --git a/templates/index.html b/templates/index.html index 9b48713..d40cdbf 100644 --- a/templates/index.html +++ b/templates/index.html @@ -35,15 +35,7 @@ {% endblock %} -{% block header %} -

Мониторинг водозаборного узла

-{% if user.is_superuser %} -Админка -{% endif %} -{% endblock %} - {% block content %} -
diff --git a/users/urls.py b/users/urls.py new file mode 100644 index 0000000..0390cb5 --- /dev/null +++ b/users/urls.py @@ -0,0 +1,26 @@ +"""users URL Configuration + +The `urlpatterns` list routes URLs to views. For more information please see: + https://docs.djangoproject.com/en/3.2/topics/http/urls/ +Examples: +Function views + 1. Add an import: from my_app import views + 2. Add a URL to urlpatterns: path('', views.home, name='home') +Class-based views + 1. Add an import: from other_app.views import Home + 2. Add a URL to urlpatterns: path('', Home.as_view(), name='home') +Including another URLconf + 1. Import the include() function: from django.urls import include, path + 2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) +""" + +from django.urls import path +from . import views + +urlpatterns = [ + path('', views.default_view, name='account'), + path('register', views.default_view, name='register'), + path('login', views.view_login, name='login'), + path('logout', views.default_view, name='logout'), + path('change-password', views.default_view, name='change-password'), +] diff --git a/users/views.py b/users/views.py new file mode 100644 index 0000000..8050d82 --- /dev/null +++ b/users/views.py @@ -0,0 +1,33 @@ +import os + +from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest +from django.shortcuts import render +# from django.db.models import Manager +from django.contrib.auth import authenticate, login + + +def default_view(request): + return HttpResponse('Not implemented!') + + +def view_login(request): + render_context = { + 'message': None + } + if request.method == "POST": + username = request.POST["username"] + password = request.POST["password"] + user = authenticate(request, username=username, password=password) + if user is not None: + login(request, user) + return HttpResponseRedirect('/') + else: + render_context['message'] = "Неверный логин или пароль" + return render(request, 'account/login.html', render_context) + elif request.method == "GET": + return render(request, 'account/login.html', render_context) + else: + return HttpResponseBadRequest() + + +