Improve handling of not-logged-in users

This commit is contained in:
Jason McBrayer 2018-08-22 09:21:09 -04:00
parent a07b6db3d3
commit 7482617863
3 changed files with 110 additions and 46 deletions

View File

@ -194,6 +194,9 @@ SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
# write any magic numbers into the validation code # write any magic numbers into the validation code
TOOT_MAX_LENGTH = 500 TOOT_MAX_LENGTH = 500
# URL to redirect users to when not logged in
ANONYMOUS_HOME_URL = 'about'
# Version number displayed on about page # Version number displayed on about page
BRUTALDON_VERSION = "1.5" BRUTALDON_VERSION = "1.5"

View File

@ -46,45 +46,49 @@
{% endif %} {% endif %}
</a> </a>
</div> </div>
<div class="navbar-menu is-active" id="navMenu"> {% if request.session.instance %}
<!-- navbar start, navbar end --> {% if request.session.username or request.session.access_token %}
<div class="navbar-start"> <div class="navbar-menu is-active" id="navMenu">
<a href="{% url "home" %}" class="navbar-item"> <!-- navbar start, navbar end -->
<span class="fa fa-home"></span> <div class="navbar-start">
<span>&nbsp; Home</span> <a href="{% url "home" %}" class="navbar-item">
</a> <span class="fa fa-home"></span>
<a class="navbar-item" href="{% url "note" %}"> <span>&nbsp; Home</span>
<span class="fa fa-bell-o"></span> </a>
<span >&nbsp; Notifications</span> <a class="navbar-item" href="{% url "note" %}">
</a> <span class="fa fa-bell-o"></span>
<a class="navbar-item" href="{% url "local" %}"> <span >&nbsp; Notifications</span>
<span class="fa fa-community"></span> </a>
<span >&nbsp; Local</span> <a class="navbar-item" href="{% url "local" %}">
</a> <span class="fa fa-community"></span>
<a class="navbar-item" href="{% url "fed" %}"> <span >&nbsp; Local</span>
<span class="fa fa-globe"></span> </a>
<span >&nbsp;Federated</span> <a class="navbar-item" href="{% url "fed" %}">
</a> <span class="fa fa-globe"></span>
<a class="navbar-item" href="{% url "toot" %}"> <span >&nbsp;Federated</span>
<span class="fa fa-edit"> </span> </a>
<span >&nbsp; New Toot</span> <a class="navbar-item" href="{% url "toot" %}">
</a> <span class="fa fa-edit"> </span>
<a class="navbar-item" href="{% url "search" %}"> <span >&nbsp; New Toot</span>
<span class="fa fa-search"> </span> </a>
<span >&nbsp; Search</span> <a class="navbar-item" href="{% url "search" %}">
</a> <span class="fa fa-search"> </span>
</div> <span >&nbsp; Search</span>
<div class="navbar-end" > </a>
<a class="navbar-item" href="{% url "settings" %}"> </div>
<span class="fa fa-gear"></span> <div class="navbar-end" >
<span >&nbsp;Settings</span> <a class="navbar-item" href="{% url "settings" %}">
</a> <span class="fa fa-gear"></span>
<a class="navbar-item" href="{% url "logout" %}"> <span >&nbsp;Settings</span>
<span class="fa fa-power-off"></span> </a>
<span >&nbsp;Log out</span> <a class="navbar-item" href="{% url "logout" %}">
</a> <span class="fa fa-power-off"></span>
</div> <span >&nbsp;Log out</span>
</div> </a>
</div>
</div>
{% endif %}
{% endif %}
</nav> </nav>
{% endblock %} {% endblock %}
<section class="section"> <section class="section">

View File

@ -1,6 +1,7 @@
from django.http import HttpResponse, Http404 from django.http import HttpResponse, Http404, HttpResponseRedirect
from django.conf import settings as django_settings from django.conf import settings as django_settings
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.urls import reverse
from django.views.decorators.cache import never_cache, cache_page from django.views.decorators.cache import never_cache, cache_page
from django.urls import reverse from django.urls import reverse
from django.core.files.uploadhandler import TemporaryFileUploadHandler from django.core.files.uploadhandler import TemporaryFileUploadHandler
@ -67,11 +68,50 @@ def get_mastodon(request):
def fullbrutalism_p(request): def fullbrutalism_p(request):
return request.session.get('fullbrutalism', False) return request.session.get('fullbrutalism', False)
def is_logged_in(request):
return (request.session.has_key('instance') and
(request.session.has_key('username') or
request.session.has_key('access_token')))
def br_login_required(function=None, home_url=None, redirect_field_name=None):
"""Check that the user is logged in to a Mastodon instance.
This decorator ensures that the view functions it is called on can be
accessed only by logged in users. When an instanceless user accesses
such a protected view, they are redirected to the address specified in
the field named in `next_field` or, lacking such a value, the URL in
`home_url`, or the `ANONYMOUS_HOME_URL` setting.
"""
if home_url is None:
home_url = django_settings.ANONYMOUS_HOME_URL
def _dec(view_func):
def _view(request, *args, **kwargs):
if not is_logged_in(request):
url = None
if redirect_field_name and redirect_field_name in request.REQUEST:
url = request.REQUEST[redirect_field_name]
if not url:
url = home_url
if not url:
url = "/"
return HttpResponseRedirect(url)
else:
return view_func(request, *args, **kwargs)
_view.__name__ = view_func.__name__
_view.__dict__ = view_func.__dict__
_view.__doc__ = view_func.__doc__
return _view
if function is None:
return _dec
else:
return _dec(function)
def timeline(request, timeline='home', timeline_name='Home', max_id=None, since_id=None): def timeline(request, timeline='home', timeline_name='Home', max_id=None, since_id=None):
try: mastodon = get_mastodon(request)
mastodon = get_mastodon(request)
except NotLoggedInException:
return redirect(about)
data = mastodon.timeline(timeline, limit=100, max_id=max_id, since_id=since_id) data = mastodon.timeline(timeline, limit=100, max_id=max_id, since_id=since_id)
form = PostForm(initial={'visibility': request.session['user'].source.privacy}) form = PostForm(initial={'visibility': request.session['user'].source.privacy})
try: try:
@ -97,15 +137,19 @@ def timeline(request, timeline='home', timeline_name='Home', max_id=None, since_
'fullbrutalism': fullbrutalism_p(request), 'fullbrutalism': fullbrutalism_p(request),
'prev': prev, 'next': next}) 'prev': prev, 'next': next})
@br_login_required
def home(request, next=None, prev=None): def home(request, next=None, prev=None):
return timeline(request, 'home', 'Home', max_id=next, since_id=prev) return timeline(request, 'home', 'Home', max_id=next, since_id=prev)
@br_login_required
def local(request, next=None, prev=None): def local(request, next=None, prev=None):
return timeline(request, 'local', 'Local', max_id=next, since_id=prev) return timeline(request, 'local', 'Local', max_id=next, since_id=prev)
@br_login_required
def fed(request, next=None, prev=None): def fed(request, next=None, prev=None):
return timeline(request, 'public', 'Federated', max_id=next, since_id=prev) return timeline(request, 'public', 'Federated', max_id=next, since_id=prev)
@br_login_required
def tag(request, tag): def tag(request, tag):
try: try:
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
@ -248,6 +292,7 @@ def logout(request):
def error(request): def error(request):
return render(request, 'error.html', { 'error': "Not logged in yet."}) return render(request, 'error.html', { 'error': "Not logged in yet."})
@br_login_required
def note(request, next=None, prev=None): def note(request, next=None, prev=None):
try: try:
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
@ -271,6 +316,7 @@ def note(request, next=None, prev=None):
'fullbrutalism': fullbrutalism_p(request), 'fullbrutalism': fullbrutalism_p(request),
'prev': prev, 'next': next}) 'prev': prev, 'next': next})
@br_login_required
def thread(request, id): def thread(request, id):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
context = mastodon.status_context(id) context = mastodon.status_context(id)
@ -280,6 +326,7 @@ def thread(request, id):
'own_acct': request.session['user'], 'own_acct': request.session['user'],
'fullbrutalism': fullbrutalism_p(request)}) 'fullbrutalism': fullbrutalism_p(request)})
@br_login_required
def user(request, username, prev=None, next=None): def user(request, username, prev=None, next=None):
try: try:
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
@ -311,6 +358,7 @@ def user(request, username, prev=None, next=None):
@never_cache @never_cache
@br_login_required
def settings(request): def settings(request):
if request.method == 'POST': if request.method == 'POST':
form = SettingsForm(request.POST) form = SettingsForm(request.POST)
@ -338,6 +386,7 @@ def settings(request):
'fullbrutalism': fullbrutalism_p(request)}) 'fullbrutalism': fullbrutalism_p(request)})
@never_cache @never_cache
@br_login_required
def toot(request, mention=None): def toot(request, mention=None):
if request.method == 'GET': if request.method == 'GET':
if mention: if mention:
@ -381,6 +430,7 @@ def toot(request, mention=None):
else: else:
return redirect(toot) return redirect(toot)
@br_login_required
def reply(request, id): def reply(request, id):
if request.method == 'GET': if request.method == 'GET':
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
@ -432,6 +482,7 @@ def reply(request, id):
return redirect(reply, id) return redirect(reply, id)
@never_cache @never_cache
@br_login_required
def fav(request, id): def fav(request, id):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
toot = mastodon.status(id) toot = mastodon.status(id)
@ -450,6 +501,7 @@ def fav(request, id):
'fullbrutalism': fullbrutalism_p(request)}) 'fullbrutalism': fullbrutalism_p(request)})
@never_cache @never_cache
@br_login_required
def boost(request, id): def boost(request, id):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
toot = mastodon.status(id) toot = mastodon.status(id)
@ -468,6 +520,7 @@ def boost(request, id):
"fullbrutalism": fullbrutalism_p(request)}) "fullbrutalism": fullbrutalism_p(request)})
@never_cache @never_cache
@br_login_required
def delete(request, id): def delete(request, id):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
toot = mastodon.status(id) toot = mastodon.status(id)
@ -485,6 +538,7 @@ def delete(request, id):
"fullbrutalism": fullbrutalism_p(request)}) "fullbrutalism": fullbrutalism_p(request)})
@never_cache @never_cache
@br_login_required
def follow(request, id): def follow(request, id):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
try: try:
@ -507,6 +561,7 @@ def follow(request, id):
'fullbrutalism': fullbrutalism_p(request)}) 'fullbrutalism': fullbrutalism_p(request)})
@never_cache @never_cache
@br_login_required
def block(request, id): def block(request, id):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
try: try:
@ -528,8 +583,8 @@ def block(request, id):
'own_acct': request.session['user'], 'own_acct': request.session['user'],
'fullbrutalism': fullbrutalism_p(request)}) 'fullbrutalism': fullbrutalism_p(request)})
@never_cache @never_cache
@br_login_required
def mute(request, id): def mute(request, id):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
try: try:
@ -551,13 +606,14 @@ def mute(request, id):
'own_acct': request.session['user'], 'own_acct': request.session['user'],
'fullbrutalism': fullbrutalism_p(request)}) 'fullbrutalism': fullbrutalism_p(request)})
@br_login_required
def search(request): def search(request):
return render(request, 'main/search.html', return render(request, 'main/search.html',
{"fullbrutalism": fullbrutalism_p(request), {"fullbrutalism": fullbrutalism_p(request),
'own_acct': request.session['user'], 'own_acct': request.session['user'],
}) })
@br_login_required
def search_results(request): def search_results(request):
if request.method == 'GET': if request.method == 'GET':
query = request.GET.get('q', '') query = request.GET.get('q', '')
@ -585,6 +641,7 @@ def privacy(request):
'own_acct' : request.session['user']}) 'own_acct' : request.session['user']})
@cache_page(60 * 30) @cache_page(60 * 30)
@br_login_required
def emoji_reference(request): def emoji_reference(request):
mastodon = get_mastodon(request) mastodon = get_mastodon(request)
emojos = mastodon.custom_emojis() emojos = mastodon.custom_emojis()