diff --git a/CHANGELOG.md b/CHANGELOG.md index 8718fe5a4c..78cdeed50b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,32 +12,56 @@ ### Web -Web/Django standard initiative (stricako) -- Updates Bootstrap to v4 stable (the beta in use had some irritating bugs that have since been resolved) -- Enables the use of Django Messages framework -- Adds a web-based account registration form -- Adds links to reset password / create new account on login pane (resets require SMTP configuration to actually work, but the functionality was already enabled by account of django.contrib.auth.urls-- I just made it prettier). Uses Django's password reset workflow. -- Modifies the series of password reset forms to use Evennia's CSS instead of Django admin's. -- Adds a dropdown for authenticated users allowing them to change their password. -- Prettifies the "change password" form to use Evennia's CSS instead of Django admin's. -- Adds placeholders to dropdown menu for players to quickpuppet/manage characters on the website. -- Fixes a bug on the login pane where error messages weren't being displayed (was calling form.has_errors instead of just checking form.errors) -- Web-based chargen based on predefined form -- Character puppeting within the context of the website - -- Web views for common object types, like accounts, characters etc. -- Web views for help entries. - +Web/Django standard initiative (@strikaco) +- Features + - Adds a series of web-based forms and generic class-based views + - Accounts + - Register - Enhances registration; allows optional collection of email address + - Form - Adds a generic Django form for creating Accounts from the web + - Characters + - Create - Authenticated users can create new characters from the website (requires associated form) + - Detail - Authenticated and authorized users can view select details about characters + - List - Authenticated and authorized users can browse a list of all characters + - Manage - Authenticated users can edit or delete owned characters from the web + - Form - Adds a generic Django form for creating characters from the web + - Channels + - Detail - Authorized users can view channel logs from the web + - List - Authorized users can browse a list of all channels + - Help Entries + - Detail - Authorized users can view help entries from the web + - List - Authorized users can browse a list of all help entries from the web + - Navbar changes + - Characters - Link to character list + - Channels - Link to channel list + - Help - Link to help entry list + - Puppeting + - Users can puppet their own characters within the context of the website + - Dropdown + - Link to create characters + - Link to manage characters + - Link to quick-select puppets + - Link to password change workflow +- Functions + - Updates Bootstrap to v4 stable + - Enables use of Django Messages framework to communicate with users in browser + - Implements webclient/website `_shared_login` functionality as Django middleware + - 'account' and 'puppet' are added to all request contexts for authenticated users + - Adds unit tests for all web views +- Cosmetic + - Prettifies Django 'forgot password' workflow (requires SMTP to actually function) + - Prettifies Django 'change password' workflow +- Bugfixes + - Fixes bug on login page where error messages were not being displayed ### Typeclasses -- Add new methods on all typeclasses, useful specifically for viewing the object in the web/admin: - + `web_get_admin_url()`: Returns a path that, if followed, will display the object in the Admin backend. - + `web_get_create_url()`: Returns a path for a view allowing the creation of new instances of this object. - + `web_get_absolute_url()`: Django construct; returns a path that should display the object in a DetailView. - + `web_get_update_url()`: Returns a path that should display the object in an UpdateView. - + `web_get_delete_url()`: Returns a path that should display the object in a DeleteView. -- All typeclasses has new helper class method `create`, which encompasses useful functionality +- Add new methods on all typeclasses, useful specifically for object handling from the website/admin: + + `web_get_admin_url()`: Returns the path to the object detail page in the Admin backend. + + `web_get_create_url()`: Returns the path to the typeclass' creation page on the website, if implemented. + + `web_get_absolute_url()`: Returns the path to the object's detail page on the website, if implemented. + + `web_get_update_url()`: Returns the path to the object's update page on the website, if implemented. + + `web_get_delete_url()`: Returns the path to the object's delete page on the website, if implemented. +- All typeclasses have new helper class method `create`, which encompasses useful functionality that used to be embedded for example in the respective `@create` or `@connect` commands. - DefaultAccount now has new class methods implementing many things that used to be in unloggedin commands (these can now be customized on the class instead): @@ -45,14 +69,11 @@ Web/Django standard initiative (stricako) + `get_username_validators`: Return list of validators for username validation (see `settings.AUTH_USERNAME_VALIDATORS`) + `authenticate`: Method to check given username/password. - + `normalize_username`: Normalizes names so you can't fake names with similar-looking Unicode - chars. - + `validate_username`: Mechanism for validating a username. - + `validate_password`: Mechanism for validating a password. + + `normalize_username`: Normalizes names so (for Unicode environments) users cannot mimic existing usernames by replacing select characters with visually-similar Unicode chars. + + `validate_username`: Mechanism for validating a username based on predefined Django validators. + + `validate_password`: Mechanism for validating a password based on predefined Django validators. + `set_password`: Apply password to account, using validation checks. - - ### Utils - Added more unit tests. diff --git a/evennia/web/utils/middleware.py b/evennia/web/utils/middleware.py index 3a60c3ca4f..16b7ee2091 100644 --- a/evennia/web/utils/middleware.py +++ b/evennia/web/utils/middleware.py @@ -15,15 +15,16 @@ class SharedLoginMiddleware(object): # Code to be executed for each request before # the view (and later middleware) are called. + # Synchronize credentials between webclient and website + # Must be performed *before* rendering the view (issue #1723) + self.make_shared_login(request) + # Process view response = self.get_response(request) # Code to be executed for each request/response after # the view is called. - # Synchronize credentials - self.make_shared_login(request) - # Return processed view return response diff --git a/evennia/web/webclient/static/webclient/js/evennia.js b/evennia/web/webclient/static/webclient/js/evennia.js index 501a04021d..ddc6b792e4 100644 --- a/evennia/web/webclient/static/webclient/js/evennia.js +++ b/evennia/web/webclient/static/webclient/js/evennia.js @@ -102,7 +102,7 @@ An "emitter" object must have a function return; } this.connection.connect(); - log('Evenna reconnecting.') + log('Evennia reconnecting.') }, // Returns true if the connection is open. diff --git a/evennia/web/webclient/views.py b/evennia/web/webclient/views.py index 439dd44ad2..de1bf8386b 100644 --- a/evennia/web/webclient/views.py +++ b/evennia/web/webclient/views.py @@ -12,52 +12,13 @@ from evennia.accounts.models import AccountDB from evennia.utils import logger -def _shared_login(request): - """ - Handle the shared login between website and webclient. - - """ - csession = request.session - account = request.user - # these can have 3 values: - # None - previously unused (auto-login) - # False - actively logged out (don't auto-login) - # - logged in User/Account id - website_uid = csession.get("website_authenticated_uid", None) - webclient_uid = csession.get("webclient_authenticated_uid", None) - - # check if user has authenticated to website - if not csession.session_key: - # this is necessary to build the sessid key - csession.save() - - if webclient_uid: - # The webclient has previously registered a login to this browser_session - if not account.is_authenticated() and not website_uid: - try: - account = AccountDB.objects.get(id=webclient_uid) - except AccountDB.DoesNotExist: - # this can happen e.g. for guest accounts or deletions - csession["website_authenticated_uid"] = False - csession["webclient_authenticated_uid"] = False - return - try: - # calls our custom authenticate in web/utils/backends.py - account = authenticate(autologin=account) - login(request, account) - csession["website_authenticated_uid"] = webclient_uid - except AttributeError: - logger.log_trace() - - def webclient(request): """ Webclient page template loading. """ - # handle webclient-website shared login - _shared_login(request) - + # auto-login is now handled by evennia.web.utils.middleware + # make sure to store the browser session's hash so the webclient can get to it! pagevars = {'browser_sessid': request.session.session_key} diff --git a/evennia/web/website/templates/website/_menu.html b/evennia/web/website/templates/website/_menu.html index 0c043ad942..888a63bf3f 100644 --- a/evennia/web/website/templates/website/_menu.html +++ b/evennia/web/website/templates/website/_menu.html @@ -80,7 +80,7 @@ folder and edit it to add/remove links to the menu. {% else %}
  • - Log In + Log In
  • Register diff --git a/evennia/web/website/templates/website/help_list.html b/evennia/web/website/templates/website/help_list.html index 99f1a27eef..d3075cd456 100644 --- a/evennia/web/website/templates/website/help_list.html +++ b/evennia/web/website/templates/website/help_list.html @@ -54,7 +54,7 @@
    {% if user.is_staff %} - Admin + Admin
    {% endif %} diff --git a/evennia/web/website/templates/website/index.html b/evennia/web/website/templates/website/index.html index 1215e6bf08..06ece50f3c 100644 --- a/evennia/web/website/templates/website/index.html +++ b/evennia/web/website/templates/website/index.html @@ -52,7 +52,7 @@
    -

    Accounts

    +

    Accounts

    diff --git a/evennia/web/website/templates/website/registration/password_reset_done.html b/evennia/web/website/templates/website/registration/password_reset_done.html index d248c56d0f..8de85a5ba3 100644 --- a/evennia/web/website/templates/website/registration/password_reset_done.html +++ b/evennia/web/website/templates/website/registration/password_reset_done.html @@ -25,6 +25,10 @@ Forgot Password - Reset Link Sent

    Please allow up to to a few hours for the email to transmit, and be sure to check your spam folder if it doesn't show up in a timely manner.

    +
    + +

    Click here to return to the main page.

    + {% endif %}
    diff --git a/evennia/web/website/templates/website/registration/password_reset_form.html b/evennia/web/website/templates/website/registration/password_reset_form.html index f13c532a58..eb73118856 100644 --- a/evennia/web/website/templates/website/registration/password_reset_form.html +++ b/evennia/web/website/templates/website/registration/password_reset_form.html @@ -34,7 +34,7 @@ Forgot Password
    - +