views.py 1.92 KB
Newer Older
1
from django.conf import settings
2
from django.contrib.auth import authenticate
Thom Wiggers's avatar
Thom Wiggers committed
3
from django.contrib.admin.views.decorators import staff_member_required
4 5
from django.http import (HttpResponseBadRequest,
                         HttpResponseForbidden, JsonResponse)
Thom Wiggers's avatar
Thom Wiggers committed
6 7
from django.utils import timezone
from django.views.decorators.csrf import csrf_exempt
8
from django.views.decorators.http import require_POST
Thom Wiggers's avatar
Thom Wiggers committed
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38

from members.models import Member


@require_POST
@csrf_exempt
def wiki_login(request):
    apikey = request.POST.get('apikey')
    user = request.POST.get('user')
    password = request.POST.get('password')

    if apikey != settings.WIKI_API_KEY:
        return HttpResponseForbidden('{"status":"error","msg":"invalid key"}')
    if user is None or password is None:
        return HttpResponseBadRequest(
            '{"status":"error","msg":"Missing username or password"}',
            content_type='application/json')

    user = authenticate(username=user, password=password)
    if user is not None:
        try:
            memberships = [cmm.committee.wiki_namespace for cmm in
                           user.member.committeemembership_set.exclude(
                               until__lt=timezone.now().date())
                           .select_related('committee')
                           if cmm.committee.wiki_namespace is not None]
        except Member.DoesNotExist:
            memberships = []

        return JsonResponse({'status': 'ok',
39 40
                             'name': user.get_full_name(),
                             'mail': user.email,
Thom Wiggers's avatar
Thom Wiggers committed
41 42 43 44 45 46
                             'admin': user.is_superuser,
                             'msg': 'Logged in',
                             'committees': memberships})
    return JsonResponse({'status': 'error',
                         'msg': 'Authentication Failed'},
                        status_code=403)
Thom Wiggers's avatar
Thom Wiggers committed
47 48 49 50 51


@staff_member_required
def crash(request):
    raise Exception("Test exception")