Allow users to temporarily deactivate their accounts (#2324)
This commit is contained in:
GitHub
parent
3ebd957d3d
commit
eae1866992
16 changed files with 333 additions and 39 deletions
|
|
@ -6,12 +6,10 @@ from django.contrib.auth.decorators import login_required
|
|||
from django.shortcuts import redirect
|
||||
from django.template.response import TemplateResponse
|
||||
from django.utils.decorators import method_decorator
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django.views import View
|
||||
from django.views.decorators.debug import sensitive_variables, sensitive_post_parameters
|
||||
|
||||
from bookwyrm import forms, models
|
||||
from bookwyrm.settings import DOMAIN
|
||||
from bookwyrm.views.helpers import set_language
|
||||
|
||||
|
||||
|
|
@ -40,19 +38,13 @@ class Login(View):
|
|||
return redirect("/")
|
||||
login_form = forms.LoginForm(request.POST)
|
||||
|
||||
localname = login_form.data.get("localname")
|
||||
|
||||
if "@" in localname: # looks like an email address to me
|
||||
try:
|
||||
username = models.User.objects.get(email=localname).username
|
||||
except models.User.DoesNotExist: # maybe it's a full username?
|
||||
username = localname
|
||||
else:
|
||||
username = f"{localname}@{DOMAIN}"
|
||||
# who do we think is trying to log in
|
||||
username = login_form.infer_username()
|
||||
password = login_form.data.get("password")
|
||||
|
||||
# perform authentication
|
||||
user = authenticate(request, username=username, password=password)
|
||||
|
||||
if user is not None:
|
||||
# if 2fa is set, don't log them in until they enter the right code
|
||||
if user.two_factor_auth:
|
||||
|
|
@ -76,14 +68,22 @@ class Login(View):
|
|||
|
||||
return set_language(user, redirect("/"))
|
||||
|
||||
# maybe the user is pending email confirmation
|
||||
if models.User.objects.filter(
|
||||
username=username, is_active=False, deactivation_reason="pending"
|
||||
).exists():
|
||||
user_attempt = models.User.objects.filter(
|
||||
username=username, is_active=False
|
||||
).first()
|
||||
if user_attempt and user_attempt.deactivation_reason == "pending":
|
||||
# maybe the user is pending email confirmation
|
||||
return redirect("confirm-email")
|
||||
if (
|
||||
user_attempt
|
||||
and user_attempt.allow_reactivation
|
||||
and user_attempt.check_password(password)
|
||||
):
|
||||
# maybe we want to reactivate an account?
|
||||
return redirect("prefs-reactivate")
|
||||
|
||||
# login errors
|
||||
login_form.non_field_errors = _("Username or password are incorrect")
|
||||
login_form.add_invalid_password_error()
|
||||
register_form = forms.RegisterForm()
|
||||
data = {"login_form": login_form, "register_form": register_form}
|
||||
return TemplateResponse(request, "landing/login.html", data)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue