From e9e7d8b9a5c7d28d736c4348689593482609a8b3 Mon Sep 17 00:00:00 2001 From: Johnny Date: Sun, 28 Oct 2018 22:57:34 +0000 Subject: [PATCH 1/9] Fixes #1723. --- evennia/web/utils/middleware.py | 7 +++--- evennia/web/webclient/views.py | 43 ++------------------------------- 2 files changed, 6 insertions(+), 44 deletions(-) diff --git a/evennia/web/utils/middleware.py b/evennia/web/utils/middleware.py index 3a60c3ca4f..16b7ee2091 100644 --- a/evennia/web/utils/middleware.py +++ b/evennia/web/utils/middleware.py @@ -15,15 +15,16 @@ class SharedLoginMiddleware(object): # Code to be executed for each request before # the view (and later middleware) are called. + # Synchronize credentials between webclient and website + # Must be performed *before* rendering the view (issue #1723) + self.make_shared_login(request) + # Process view response = self.get_response(request) # Code to be executed for each request/response after # the view is called. - # Synchronize credentials - self.make_shared_login(request) - # Return processed view return response diff --git a/evennia/web/webclient/views.py b/evennia/web/webclient/views.py index 439dd44ad2..de1bf8386b 100644 --- a/evennia/web/webclient/views.py +++ b/evennia/web/webclient/views.py @@ -12,52 +12,13 @@ from evennia.accounts.models import AccountDB from evennia.utils import logger -def _shared_login(request): - """ - Handle the shared login between website and webclient. - - """ - csession = request.session - account = request.user - # these can have 3 values: - # None - previously unused (auto-login) - # False - actively logged out (don't auto-login) - # - logged in User/Account id - website_uid = csession.get("website_authenticated_uid", None) - webclient_uid = csession.get("webclient_authenticated_uid", None) - - # check if user has authenticated to website - if not csession.session_key: - # this is necessary to build the sessid key - csession.save() - - if webclient_uid: - # The webclient has previously registered a login to this browser_session - if not account.is_authenticated() and not website_uid: - try: - account = AccountDB.objects.get(id=webclient_uid) - except AccountDB.DoesNotExist: - # this can happen e.g. for guest accounts or deletions - csession["website_authenticated_uid"] = False - csession["webclient_authenticated_uid"] = False - return - try: - # calls our custom authenticate in web/utils/backends.py - account = authenticate(autologin=account) - login(request, account) - csession["website_authenticated_uid"] = webclient_uid - except AttributeError: - logger.log_trace() - - def webclient(request): """ Webclient page template loading. """ - # handle webclient-website shared login - _shared_login(request) - + # auto-login is now handled by evennia.web.utils.middleware + # make sure to store the browser session's hash so the webclient can get to it! pagevars = {'browser_sessid': request.session.session_key} From aa0af2e5ccf41a1c094219c2acf2571b39eddef8 Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 00:09:10 +0000 Subject: [PATCH 2/9] Fixes mispelling of my name :) / updates changelog to reflect recent web development efforts. --- CHANGELOG.md | 57 +++++++++++++++++++++++++++++++++++----------------- 1 file changed, 39 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8718fe5a4c..c730397003 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,22 +12,45 @@ ### Web -Web/Django standard initiative (stricako) -- Updates Bootstrap to v4 stable (the beta in use had some irritating bugs that have since been resolved) -- Enables the use of Django Messages framework -- Adds a web-based account registration form -- Adds links to reset password / create new account on login pane (resets require SMTP configuration to actually work, but the functionality was already enabled by account of django.contrib.auth.urls-- I just made it prettier). Uses Django's password reset workflow. -- Modifies the series of password reset forms to use Evennia's CSS instead of Django admin's. -- Adds a dropdown for authenticated users allowing them to change their password. -- Prettifies the "change password" form to use Evennia's CSS instead of Django admin's. -- Adds placeholders to dropdown menu for players to quickpuppet/manage characters on the website. -- Fixes a bug on the login pane where error messages weren't being displayed (was calling form.has_errors instead of just checking form.errors) -- Web-based chargen based on predefined form -- Character puppeting within the context of the website - -- Web views for common object types, like accounts, characters etc. -- Web views for help entries. - +Web/Django standard initiative (@strikaco) +- Features + - Adds a series of web-based forms and generic views + - Accounts + - Register - Enhances registration; allows optional collection of email address + - Form - Adds a generic Django form for creating Accounts from the web + - Characters + - Create - Authenticated users can create new characters from the website (requires associated form) + - Detail - Authenticated and authorized users can view select details about characters + - List - Authenticated and authorized users can browse a list of all characters + - Manage - Authenticated users can edit or delete owned characters from the web + - Form - Adds a generic Django form for creating characters from the web + - Channels + - Detail - Authorized users can view channel logs from the web + - List - Authorized users can browse a list of all channels + - Help Entries + - Detail - Authorized users can view help entries from the web + - List - Authorized users can browse a list of all help entries from the web + - Navbar changes + - Characters - Link to character list + - Channels - Link to channel list + - Help - Link to help entry list + - Puppeting + - Users can puppet their own characters within the context of the website + - Dropdown + - Link to create characters + - Link to manage characters + - Link to quick-select puppets + - Link to password change workflow +- Functions + - Updates Bootstrap to v4 stable + - Enables use of Django Messages framework to communicate with users in browser + - Implements webclient/website `_shared_login` functionality as Django middleware + - 'account' and 'puppet' are added to all request contexts for authenticated users +- Cosmetic + - Prettifies Django 'forgot password' workflow (requires SMTP to actually function) + - Prettifies Django 'change password' workflow +- Bugfixes + - Fixes bug on login page where error messages were not being displayed ### Typeclasses @@ -51,8 +74,6 @@ Web/Django standard initiative (stricako) + `validate_password`: Mechanism for validating a password. + `set_password`: Apply password to account, using validation checks. - - ### Utils - Added more unit tests. From e884ba72096dbbd4e8cd4809ce450fa83f449821 Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 00:19:57 +0000 Subject: [PATCH 3/9] Update. --- CHANGELOG.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c730397003..78cdeed50b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,7 +14,7 @@ Web/Django standard initiative (@strikaco) - Features - - Adds a series of web-based forms and generic views + - Adds a series of web-based forms and generic class-based views - Accounts - Register - Enhances registration; allows optional collection of email address - Form - Adds a generic Django form for creating Accounts from the web @@ -46,6 +46,7 @@ Web/Django standard initiative (@strikaco) - Enables use of Django Messages framework to communicate with users in browser - Implements webclient/website `_shared_login` functionality as Django middleware - 'account' and 'puppet' are added to all request contexts for authenticated users + - Adds unit tests for all web views - Cosmetic - Prettifies Django 'forgot password' workflow (requires SMTP to actually function) - Prettifies Django 'change password' workflow @@ -54,13 +55,13 @@ Web/Django standard initiative (@strikaco) ### Typeclasses -- Add new methods on all typeclasses, useful specifically for viewing the object in the web/admin: - + `web_get_admin_url()`: Returns a path that, if followed, will display the object in the Admin backend. - + `web_get_create_url()`: Returns a path for a view allowing the creation of new instances of this object. - + `web_get_absolute_url()`: Django construct; returns a path that should display the object in a DetailView. - + `web_get_update_url()`: Returns a path that should display the object in an UpdateView. - + `web_get_delete_url()`: Returns a path that should display the object in a DeleteView. -- All typeclasses has new helper class method `create`, which encompasses useful functionality +- Add new methods on all typeclasses, useful specifically for object handling from the website/admin: + + `web_get_admin_url()`: Returns the path to the object detail page in the Admin backend. + + `web_get_create_url()`: Returns the path to the typeclass' creation page on the website, if implemented. + + `web_get_absolute_url()`: Returns the path to the object's detail page on the website, if implemented. + + `web_get_update_url()`: Returns the path to the object's update page on the website, if implemented. + + `web_get_delete_url()`: Returns the path to the object's delete page on the website, if implemented. +- All typeclasses have new helper class method `create`, which encompasses useful functionality that used to be embedded for example in the respective `@create` or `@connect` commands. - DefaultAccount now has new class methods implementing many things that used to be in unloggedin commands (these can now be customized on the class instead): @@ -68,10 +69,9 @@ Web/Django standard initiative (@strikaco) + `get_username_validators`: Return list of validators for username validation (see `settings.AUTH_USERNAME_VALIDATORS`) + `authenticate`: Method to check given username/password. - + `normalize_username`: Normalizes names so you can't fake names with similar-looking Unicode - chars. - + `validate_username`: Mechanism for validating a username. - + `validate_password`: Mechanism for validating a password. + + `normalize_username`: Normalizes names so (for Unicode environments) users cannot mimic existing usernames by replacing select characters with visually-similar Unicode chars. + + `validate_username`: Mechanism for validating a username based on predefined Django validators. + + `validate_password`: Mechanism for validating a password based on predefined Django validators. + `set_password`: Apply password to account, using validation checks. ### Utils From 6520f7109a20021745eff2176e5d6bb76d0c46ff Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 00:33:42 +0000 Subject: [PATCH 4/9] Fixes spelling error. --- evennia/web/webclient/static/webclient/js/evennia.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evennia/web/webclient/static/webclient/js/evennia.js b/evennia/web/webclient/static/webclient/js/evennia.js index 501a04021d..ddc6b792e4 100644 --- a/evennia/web/webclient/static/webclient/js/evennia.js +++ b/evennia/web/webclient/static/webclient/js/evennia.js @@ -102,7 +102,7 @@ An "emitter" object must have a function return; } this.connection.connect(); - log('Evenna reconnecting.') + log('Evennia reconnecting.') }, // Returns true if the connection is open. From 24643b1d3e889209f534a7c507cba27b92b16e9d Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 00:34:12 +0000 Subject: [PATCH 5/9] Fixes alignment inconsistency in Accounts column. --- evennia/web/website/templates/website/index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evennia/web/website/templates/website/index.html b/evennia/web/website/templates/website/index.html index 1215e6bf08..06ece50f3c 100644 --- a/evennia/web/website/templates/website/index.html +++ b/evennia/web/website/templates/website/index.html @@ -52,7 +52,7 @@
-

Accounts

+

Accounts

From 2eb04dcd2049a9e62923eccb57a22e6c8fba000d Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 00:34:38 +0000 Subject: [PATCH 6/9] Fixes incorrect label on button. --- .../templates/website/registration/password_reset_form.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evennia/web/website/templates/website/registration/password_reset_form.html b/evennia/web/website/templates/website/registration/password_reset_form.html index f13c532a58..eb73118856 100644 --- a/evennia/web/website/templates/website/registration/password_reset_form.html +++ b/evennia/web/website/templates/website/registration/password_reset_form.html @@ -34,7 +34,7 @@ Forgot Password

- +
From d6879c3ceffcae360e80d4eee98cb98b83eb2005 Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 00:35:15 +0000 Subject: [PATCH 7/9] Adds link to return to index after forgot-password request. --- .../templates/website/registration/password_reset_done.html | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/evennia/web/website/templates/website/registration/password_reset_done.html b/evennia/web/website/templates/website/registration/password_reset_done.html index d248c56d0f..8de85a5ba3 100644 --- a/evennia/web/website/templates/website/registration/password_reset_done.html +++ b/evennia/web/website/templates/website/registration/password_reset_done.html @@ -25,6 +25,10 @@ Forgot Password - Reset Link Sent

Please allow up to to a few hours for the email to transmit, and be sure to check your spam folder if it doesn't show up in a timely manner.

+
+ +

Click here to return to the main page.

+ {% endif %}
From de14d8621fc4d1e690d3dc26a4e67aa3b7ae6545 Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 04:02:30 +0000 Subject: [PATCH 8/9] Modifies the login link to redirect the user to the current page after authentication. --- evennia/web/website/templates/website/_menu.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evennia/web/website/templates/website/_menu.html b/evennia/web/website/templates/website/_menu.html index 69c06009d0..9f95ebb67f 100644 --- a/evennia/web/website/templates/website/_menu.html +++ b/evennia/web/website/templates/website/_menu.html @@ -72,7 +72,7 @@ folder and edit it to add/remove links to the menu. {% else %}
  • - Log In + Log In
  • Register From 77f46b54e2168095db0d6e4323d212cf781cb07c Mon Sep 17 00:00:00 2001 From: Johnny Date: Mon, 29 Oct 2018 09:12:55 +0000 Subject: [PATCH 9/9] Changes admin link. --- evennia/web/website/templates/website/help_list.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/evennia/web/website/templates/website/help_list.html b/evennia/web/website/templates/website/help_list.html index 99f1a27eef..d3075cd456 100644 --- a/evennia/web/website/templates/website/help_list.html +++ b/evennia/web/website/templates/website/help_list.html @@ -54,7 +54,7 @@
    {% if user.is_staff %} - Admin + Admin
    {% endif %}