ospaz-site/users/views.py

import os

from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest
from django.shortcuts import render
# from django.db.models import Manager
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required, permission_required
from .models import User
from .forms import UserRegisterForm


def default_view(request):
    return HttpResponse('Not implemented!')


def view_logout(request):
    logout(request)
    # перенаправляем на страницу авторизации
    return HttpResponseRedirect('/account/login')


def view_login(request):
    if request.user.is_authenticated:
        # уже авторизован, перенаправляем либо в корень, либо по пути, указанному в next
        redirect_uri = "/"
        if "next" in request.GET:
            if request.GET['next'] != request.path:
                # чтобы не возникло циклического редиректа
                redirect_uri = request.GET['next']
        return HttpResponseRedirect(redirect_uri)

    render_context = {
        'message': None
    }
    if request.method == "POST":
        username = request.POST["username"]
        password = request.POST["password"]
        user = authenticate(request, username=username, password=password)
        if user is not None:
            login(request, user)
            redirect_uri = "/"
            if "next" in request.GET:
                if request.GET['next'] != request.path:
                    # чтобы не возникло циклического редиректа
                    redirect_uri = request.GET['next']
            return HttpResponseRedirect(redirect_uri)
        else:
            render_context['message'] = "Неверный логин или пароль"
            return render(request, 'account/login.html', render_context)
    elif request.method == "GET":
        return render(request, 'account/login.html', render_context)
    else:
        return HttpResponseBadRequest()


@login_required
@permission_required(perm='users.add_user', raise_exception=True)
def view_register(request):
    form = UserRegisterForm(request.POST or None)
    if request.method == 'POST':
        if form.is_valid():
            form.save()
            return HttpResponseRedirect('/account/list')
    return render(request, 'account/register.html', {'form': form})


@login_required
@permission_required(perm='users.view_user', raise_exception=True)
def view_list(request):
    return render(request, 'account/list.html', {'users': User.objects.order_by('login')})