ravenscroftj
/
PenParse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

implement proper validation on reg form

This commit is contained in:
James Ravenscroft 2024-12-07 13:22:12 +00:00
parent 2b4d18a222
commit 3d12cd52d6
7 changed files with 196 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
penparse/webui/auth.py
View File

@ -1,5 +1,6 @@
from django.contrib.auth import get_user_model
from django.contrib.auth.backends import ModelBackend
from django.contrib.auth.base_user import BaseUserManager
class EmailBackend(ModelBackend):
@ -13,3 +14,30 @@ class EmailBackend(ModelBackend):
if user.check_password(password): # type: ignore
return user
return None
class UserProfileManager(BaseUserManager):
""" Manager for user profiles """
def create_user(self, email, name, password=None):
""" Create a new user profile """
if not email:
raise ValueError('User must have an email address')
email = self.normalize_email(email)
user = self.model(email=email, name=name)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, name, password):
""" Create a new superuser profile """
user = self.create_user(email, name, password)
user.is_superuser = True
user.is_staff = True
user.save(using=self._db)
return user

22
penparse/webui/forms.py Normal file
View File

@ -0,0 +1,22 @@
from django import forms
from .models import User
from django.contrib.auth.forms import UserCreationForm
class RegisterForm(UserCreationForm):
class Meta:
model = User
fields = ['first_name', 'last_name', 'email', 'password1', 'password2']
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.fields['first_name'].widget.attrs.update(
{'class': 'shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline'})
self.fields['last_name'].widget.attrs.update(
{'class': 'shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline'})
self.fields['email'].widget.attrs.update(
{'class': 'shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline'})
self.fields['password1'].widget.attrs.update(
{'class': 'shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline'})
self.fields['password2'].widget.attrs.update(
{'class': 'shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline'})

14
penparse/webui/migrations/0001_initial.py
View File

@ -1,9 +1,8 @@
# Generated by Django 4.2.16 on 2024-11-23 13:03
# Generated by Django 4.2.16 on 2024-11-30 06:31
import django.contrib.auth.models
import django.contrib.auth.validators
from django.db import migrations, models
import django.utils.timezone
import webui.models
class Migration(migrations.Migration):
@ -19,16 +18,15 @@ class Migration(migrations.Migration):
name='User',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('password', models.CharField(max_length=128, verbose_name='password')),
('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
('email', models.EmailField(max_length=254, unique=True)),
('password', models.CharField(blank=True, max_length=256)),
('first_name', models.CharField(max_length=150)),
('last_name', models.CharField(max_length=150)),
('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
],
@ -38,7 +36,7 @@ class Migration(migrations.Migration):
'abstract': False,
},
managers=[
('objects', django.contrib.auth.models.UserManager()),
('objects', webui.models.UserManager()),
],
),
]

48
penparse/webui/models.py
View File

@ -1,7 +1,53 @@
from django.contrib.auth.models import AbstractUser
from django.contrib.auth.base_user import BaseUserManager
from django.db import models
class UserManager(BaseUserManager):
"""Define a model manager for User model with no username field."""
use_in_migrations = True
def _create_user(self, email, password, **extra_fields):
"""Create and save a User with the given email and password."""
if not email:
raise ValueError("The given email must be set")
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_user(self, email, password=None, **extra_fields):
"""Create and save a regular User with the given email and password."""
extra_fields.setdefault("is_staff", False)
extra_fields.setdefault("is_superuser", False)
return self._create_user(email, password, **extra_fields)
def create_superuser(self, email, password, **extra_fields):
"""Create and save a SuperUser with the given email and password."""
extra_fields.setdefault("is_staff", True)
extra_fields.setdefault("is_superuser", True)
if extra_fields.get("is_staff") is not True:
raise ValueError("Superuser must have is_staff=True.")
if extra_fields.get("is_superuser") is not True:
raise ValueError("Superuser must have is_superuser=True.")
return self._create_user(email, password, **extra_fields)
class User(AbstractUser):
email = models.EmailField(unique=True)
password = models.CharField(max_length=256, blank=True)
username = None
first_name = models.CharField(max_length=150, blank=False)
last_name = models.CharField(max_length=150, blank=False)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['full_name']
objects = UserManager() # type: ignore
def __str__(self):
""" Return string representation of our user """
return self.email

91
penparse/webui/templates/register.html
View File

@ -5,70 +5,67 @@
<h2 class="text-2xl font-bold text-center text-gray-800 mb-8">
Create Your AnnoMemo Account
</h2>
{% if messages %} {% for message in messages %}
<div
class="mb-4 p-4 {% if message.tags == 'error' %}bg-red-100 text-red-700{% else %}bg-green-100 text-green-700{% endif %} rounded"
>
{{ message }}
</div>
{% endfor %} {% endif %}
<form method="POST" action="/auth/register">
<form method="POST" action="{% url 'register' %}">
{% csrf_token %}
<div class="mb-4">
<label
for="fullName"
class="block text-gray-700 text-sm font-bold mb-2"
>Full Name</label
>
<input
type="text"
id="fullName"
name="fullName"
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline"
value="{{ form.fullName.value|default_if_none:'' }}"
required
/>
<div class="mb-4 flex space-x-4">
<div class="flex-1">
<label
for="{{ form.first_name.id_for_label }}"
class="block text-gray-700 text-sm font-bold mb-2"
>First Name</label
>
{{ form.first_name }} {% if form.first_name.errors %}
<p class="text-red-500 text-xs italic">
{{ form.first_name.errors.0 }}
</p>
{% endif %}
</div>
<div class="flex-1">
<label
for="{{ form.last_name.id_for_label }}"
class="block text-gray-700 text-sm font-bold mb-2"
>Last Name</label
>
{{ form.last_name }} {% if form.last_name.errors %}
<p class="text-red-500 text-xs italic">
{{ form.last_name.errors.0 }}
</p>
{% endif %}
</div>
</div>
<div class="mb-4">
<label for="email" class="block text-gray-700 text-sm font-bold mb-2"
<label
for="{{ form.email.id_for_label }}"
class="block text-gray-700 text-sm font-bold mb-2"
>Email Address</label
>
<input
type="email"
id="email"
name="email"
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline"
value="{{ form.email.value|default_if_none:'' }}"
required
/>
{{ form.email }} {% if form.email.errors %}
<p class="text-red-500 text-xs italic">{{ form.email.errors.0 }}</p>
{% endif %}
</div>
<div class="mb-4">
<label
for="password"
for="{{ form.password1.id_for_label }}"
class="block text-gray-700 text-sm font-bold mb-2"
>Password</label
>
<input
type="password"
id="password"
name="password"
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline"
required
/>
{{ form.password1 }} {% if form.password1.errors %}
<p class="text-red-500 text-xs italic">
{{ form.password1.errors.0 }}
</p>
{% endif %}
</div>
<div class="mb-6">
<label
for="confirmPassword"
for="{{ form.password2.id_for_label }}"
class="block text-gray-700 text-sm font-bold mb-2"
>Confirm Password</label
>
<input
type="password"
id="confirmPassword"
name="confirmPassword"
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline"
required
/>
{{ form.password2 }} {% if form.password2.errors %}
<p class="text-red-500 text-xs italic">
{{ form.password2.errors.0 }}
</p>
{% endif %}
</div>
<div class="flex items-center justify-between">
<button

2
penparse/webui/urls.py
View File

@ -4,5 +4,5 @@ from . import views
urlpatterns = [
path("", views.index, name="index"),
path("register", views.register, name="register"),
path("auth/register", views.register, name="register"),
]

78
penparse/webui/views.py
View File

@ -1,8 +1,18 @@
import logging
from django.contrib import messages
from django.shortcuts import redirect, render
from django.http import HttpRequest, HttpResponse
from django import conf, forms
from .models import User
from .forms import RegisterForm
logger = logging.getLogger(__name__)
def index(request):
@ -13,36 +23,44 @@ def index(request):
def register(request: HttpRequest):
# if the form is not submitted yet, return the form
if request.method != 'POST':
return render(request, 'register.html', {'errors': False})
email = request.POST.get('email')
password = request.POST.get('password')
confirm_password = request.POST.get('confirm_password')
errors = False
if not email:
messages.error(request, 'Email is required')
errors = True
if not password or len(password) < 8:
messages.error(request, 'Password must be at least 8 characters long')
errors = True
if password != confirm_password:
messages.error(request, 'Passwords do not match')
errors = True
if not errors:
if User.objects.filter(email=email).exists():
messages.error(request, 'Email already exists')
else:
user = User.objects.create_user(
username=username, email=email, password=password) # type: ignore
user.save()
messages.success(request, 'Account created successfully')
if request.method == 'POST':
form = RegisterForm(request.POST)
if form.is_valid():
form.save()
messages.success(request, 'Registration successful!')
return redirect('login')
else:
form = RegisterForm()
return render(request, 'register.html', {'form': form})
# email = request.POST.get('email')
# password = request.POST.get('password')
# confirm_password = request.POST.get('confirm_password')
# errors = False
# if not email:
# messages.error(request, 'Email is required')
# errors = True
# if not password or len(password) < 8:
# messages.error(request, 'Password must be at least 8 characters long')
# errors = True
# if password != confirm_password:
# messages.error(request, 'Passwords do not match')
# errors = True
# if not errors:
# if User.objects.filter(email=email).exists():
# messages.error(request, 'Email already exists')
# else:
# user = User.objects.create_user(
# username=username, email=email, password=password) # type: ignore
# user.save()
# messages.success(request, 'Account created successfully')
# return redirect('login')
return render(request, 'register.html')