From ec0c1d50b85b7cf5ab6813712d73728cd4924105 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laura=20Kl=C3=BCnder?= <laura@codingcatgirl.de>
Date: Thu, 7 Dec 2017 17:49:41 +0100
Subject: [PATCH] register and change password in editor

---
 .../templates/editor/change_password.html     | 17 ++++
 src/c3nav/editor/templates/editor/login.html  |  1 +
 .../editor/templates/editor/register.html     | 17 ++++
 src/c3nav/editor/templates/editor/user.html   | 12 ++-
 src/c3nav/editor/urls.py                      |  4 +-
 src/c3nav/editor/views/account.py             | 84 +++++++++++++++++++
 src/c3nav/editor/views/login.py               | 34 --------
 .../site/templates/site/change_password.html  |  2 +-
 src/c3nav/site/templates/site/register.html   |  2 +-
 9 files changed, 134 insertions(+), 39 deletions(-)
 create mode 100644 src/c3nav/editor/templates/editor/change_password.html
 create mode 100644 src/c3nav/editor/templates/editor/register.html
 create mode 100644 src/c3nav/editor/views/account.py
 delete mode 100644 src/c3nav/editor/views/login.py

diff --git a/src/c3nav/editor/templates/editor/change_password.html b/src/c3nav/editor/templates/editor/change_password.html
new file mode 100644
index 00000000..a550caa1
--- /dev/null
+++ b/src/c3nav/editor/templates/editor/change_password.html
@@ -0,0 +1,17 @@
+{% load bootstrap3 %}
+{% load i18n %}
+
+{% include 'editor/fragment_modal_close.html' %}
+<h3>{% trans 'Change password' %}</h3>
+
+<p>
+    <a href="{% url 'editor.users.detail' pk=request.user.pk %}">&laquo; {% trans 'back' %}</a>
+</p>
+
+<form method="post" action="{{ request.path_info }}?{{ request.GET.urlencode }}">
+    {% csrf_token %}
+    {% bootstrap_form form %}
+    <div class="form-group">
+        <button type="submit" class="btn btn-primary btn-block">{% trans 'Change password' %}</button>
+    </div>
+</form>
diff --git a/src/c3nav/editor/templates/editor/login.html b/src/c3nav/editor/templates/editor/login.html
index 6fa7185d..226e5f6d 100644
--- a/src/c3nav/editor/templates/editor/login.html
+++ b/src/c3nav/editor/templates/editor/login.html
@@ -12,4 +12,5 @@
     <div class="form-group">
         <button type="submit" class="btn btn-primary btn-block">{% trans 'Log in' %}</button>
     </div>
+    <a href="{% url 'editor.register' %}?{{ request.GET.urlencode }}">{% trans 'Create new account' %}</a>
 </form>
diff --git a/src/c3nav/editor/templates/editor/register.html b/src/c3nav/editor/templates/editor/register.html
new file mode 100644
index 00000000..d019d401
--- /dev/null
+++ b/src/c3nav/editor/templates/editor/register.html
@@ -0,0 +1,17 @@
+{% load bootstrap3 %}
+{% load i18n %}
+
+{% include 'editor/fragment_modal_close.html' %}
+<h3>{% trans 'Create new account' %}</h3>
+
+<p>
+    <a href="{% url 'editor.login' %}">&laquo; {% trans 'back' %}</a>
+</p>
+
+<form method="post" action="{{ request.path_info }}?{{ request.GET.urlencode }}">
+    {% csrf_token %}
+    {% bootstrap_form form %}
+    <div class="form-group">
+        <button type="submit" class="btn btn-primary btn-block">{% trans 'Create new account' %}</button>
+    </div>
+</form>
diff --git a/src/c3nav/editor/templates/editor/user.html b/src/c3nav/editor/templates/editor/user.html
index f79ca336..8b5c7f7f 100644
--- a/src/c3nav/editor/templates/editor/user.html
+++ b/src/c3nav/editor/templates/editor/user.html
@@ -30,7 +30,9 @@
         </p>
         <form method="post" action="{{ request.path }}">
             {% csrf_token %}
-            <button type="submit" class="btn btn-xs btn-warning" name="direct_editing" value="0">{% trans 'Deactivate direct editing' %}</button>
+            <p>
+                <button type="submit" class="btn btn-xs btn-warning" name="direct_editing" value="0">{% trans 'Deactivate direct editing' %}</button>
+            </p>
         </form>
     {% else %}
         <p>
@@ -40,9 +42,15 @@
         {% if can_direct_edit %}
             <form method="post" action="{{ request.path }}">
                 {% csrf_token %}
-                <button type="submit" class="btn btn-xs btn-warning" name="direct_editing" value="1">{% trans 'Activate direct editing' %}</button>
+                <p>
+                    <button type="submit" class="btn btn-xs btn-warning" name="direct_editing" value="1">{% trans 'Activate direct editing' %}</button>
+                </p>
             </form>
         {% endif %}
+        <p>
+            {% csrf_token %}
+            <a class="btn btn-xs btn-default" href="{% url 'editor.change_password' %}">{% trans 'Change password' %}</a>
+        </p>
     {% endif %}
 {% endif %}
 
diff --git a/src/c3nav/editor/urls.py b/src/c3nav/editor/urls.py
index 40a1da19..d13aaccd 100644
--- a/src/c3nav/editor/urls.py
+++ b/src/c3nav/editor/urls.py
@@ -1,9 +1,9 @@
 from django.apps import apps
 from django.conf.urls import url
 
+from c3nav.editor.views.account import change_password_view, login_view, logout_view, register_view
 from c3nav.editor.views.changes import changeset_detail, changeset_edit
 from c3nav.editor.views.edit import edit, graph_edit, level_detail, list_objects, main_index, space_detail
-from c3nav.editor.views.login import login_view, logout_view
 from c3nav.editor.views.users import user_detail
 
 
@@ -44,6 +44,8 @@ urlpatterns = [
     url(r'^users/(?P<pk>[0-9]+)/$', user_detail, name='editor.users.detail'),
     url(r'^login$', login_view, name='editor.login'),
     url(r'^logout$', logout_view, name='editor.logout'),
+    url(r'^register$', register_view, name='editor.register'),
+    url(r'^change_password$', change_password_view, name='editor.change_password'),
 ]
 urlpatterns.extend(add_editor_urls('Level', with_list=False, explicit_edit=True))
 urlpatterns.extend(add_editor_urls('LocationGroupCategory'))
diff --git a/src/c3nav/editor/views/account.py b/src/c3nav/editor/views/account.py
new file mode 100644
index 00000000..b4a2addd
--- /dev/null
+++ b/src/c3nav/editor/views/account.py
@@ -0,0 +1,84 @@
+from django.contrib import messages
+from django.contrib.auth import login, logout
+from django.contrib.auth.decorators import login_required
+from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm, UserCreationForm
+from django.shortcuts import redirect, render
+from django.urls import reverse
+from django.utils.translation import ugettext_lazy as _
+
+from c3nav.editor.views.base import sidebar_view
+
+
+@sidebar_view
+def login_view(request):
+    redirect_path = request.GET['r'] if request.GET.get('r', '').startswith('/editor/') else reverse('editor.index')
+    if request.user.is_authenticated:
+        return redirect(redirect_path)
+
+    if request.method == 'POST':
+        form = AuthenticationForm(request, data=request.POST)
+        if form.is_valid():
+            login(request, form.user_cache)
+
+            if request.changeset.pk is not None:
+                request.changeset.author = form.user_cache
+                request.changeset.save()
+            return redirect(redirect_path)
+    else:
+        form = AuthenticationForm(request)
+
+    return render(request, 'editor/login.html', {'form': form})
+
+
+@sidebar_view
+def logout_view(request):
+    redirect_path = request.GET['r'] if request.GET.get('r', '').startswith('/editor/') else reverse('editor.login')
+    logout(request)
+    return redirect(redirect_path)
+
+
+@sidebar_view
+def register_view(request):
+    redirect_path = request.GET['r'] if request.GET.get('r', '').startswith('/editor/') else reverse('editor.index')
+    if request.user.is_authenticated:
+        return redirect(redirect_path)
+
+    if request.method == 'POST':
+        form = UserCreationForm(data=request.POST)
+        if form.is_valid():
+            user = form.save()
+            login(request, user)
+
+            if request.changeset.pk is not None:
+                request.changeset.author = user
+                request.changeset.save()
+
+            return redirect(redirect_path)
+    else:
+        form = UserCreationForm()
+
+    form.fields['username'].max_length = 20
+    for field in form.fields.values():
+        field.help_text = None
+
+    return render(request, 'editor/register.html', {'form': form})
+
+
+@sidebar_view
+@login_required(login_url='editor.login', redirect_field_name='r')
+def change_password_view(request):
+    if request.method == 'POST':
+        form = PasswordChangeForm(user=request.user, data=request.POST)
+        if form.is_valid():
+            form.save()
+            login(request, request.user)
+            messages.success(request, _('Password successfully changed.'))
+            return redirect('editor.users.detail', pk=request.user.pk)
+
+    else:
+        form = PasswordChangeForm(user=request.user)
+
+    for field in form.fields.values():
+        field.help_text = None
+
+    return render(request, 'editor/change_password.html', {'form': form})
diff --git a/src/c3nav/editor/views/login.py b/src/c3nav/editor/views/login.py
deleted file mode 100644
index 76c509f3..00000000
--- a/src/c3nav/editor/views/login.py
+++ /dev/null
@@ -1,34 +0,0 @@
-from django.contrib.auth import login, logout
-from django.contrib.auth.forms import AuthenticationForm
-from django.shortcuts import redirect, render
-from django.urls import reverse
-
-from c3nav.editor.views.base import sidebar_view
-
-
-@sidebar_view
-def login_view(request):
-    redirect_path = request.GET['r'] if request.GET.get('r', '').startswith('/editor/') else reverse('editor.index')
-    if request.user.is_authenticated:
-        return redirect(redirect_path)
-
-    if request.method == 'POST':
-        form = AuthenticationForm(request, data=request.POST)
-        if form.is_valid():
-            login(request, form.user_cache)
-
-            if request.changeset.pk is not None:
-                request.changeset.author = form.user_cache
-                request.changeset.save()
-            return redirect(redirect_path)
-    else:
-        form = AuthenticationForm(request)
-
-    return render(request, 'editor/login.html', {'form': form})
-
-
-@sidebar_view
-def logout_view(request):
-    redirect_path = request.GET['r'] if request.GET.get('r', '').startswith('/editor/') else reverse('editor.login')
-    logout(request)
-    return redirect(redirect_path)
diff --git a/src/c3nav/site/templates/site/change_password.html b/src/c3nav/site/templates/site/change_password.html
index 9979d81b..6a300235 100644
--- a/src/c3nav/site/templates/site/change_password.html
+++ b/src/c3nav/site/templates/site/change_password.html
@@ -5,7 +5,7 @@
 <main class="account">
     <h2>{% trans 'Change password' %}</h2>
 
-    <p><a href="{% url 'site.account' %}">{% trans '« back' %}</a></p>
+    <p><a href="{% url 'site.account' %}">« {% trans 'back' %}</a></p>
 
     <form method="post" action="{{ request.path_info }}?{{ request.GET.urlencode }}">
         {% csrf_token %}
diff --git a/src/c3nav/site/templates/site/register.html b/src/c3nav/site/templates/site/register.html
index 2883ec34..c55720bc 100644
--- a/src/c3nav/site/templates/site/register.html
+++ b/src/c3nav/site/templates/site/register.html
@@ -5,7 +5,7 @@
 <main class="account">
     <h2>{% trans 'Create new account' %}</h2>
 
-    <p><a href="{% url 'site.login' %}">{% trans '« back' %}</a></p>
+    <p><a href="{% url 'site.login' %}">« {% trans 'back' %}</a></p>
 
     <form method="post" action="{{ request.path_info }}?{{ request.GET.urlencode }}">
         {% csrf_token %}