From 9bb663e116f3bfaf4dc999458b06329c13f44c13 Mon Sep 17 00:00:00 2001 From: aundus Date: Fri, 5 Mar 2021 13:23:36 -0500 Subject: [PATCH] only auth can add books --- bookshelf_management/apps/mgmt/templates/bookshelf.html | 5 ++++- .../apps/mgmt/templates/generic_template.html | 7 +++++++ bookshelf_management/apps/mgmt/views.py | 9 +++++++-- bookshelf_management/urls.py | 3 ++- 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/bookshelf_management/apps/mgmt/templates/bookshelf.html b/bookshelf_management/apps/mgmt/templates/bookshelf.html index 3c80440..c252aa1 100644 --- a/bookshelf_management/apps/mgmt/templates/bookshelf.html +++ b/bookshelf_management/apps/mgmt/templates/bookshelf.html @@ -7,12 +7,15 @@ Number of Books in Bookshelf:

{{ total }}

-
+ {% if user.is_authenticated %} + {% csrf_token %} {{ form }}

Or search for a book to add here

+ {% endif %} +

Book List

{% if books %} diff --git a/bookshelf_management/apps/mgmt/templates/generic_template.html b/bookshelf_management/apps/mgmt/templates/generic_template.html index 7120c48..5105af6 100644 --- a/bookshelf_management/apps/mgmt/templates/generic_template.html +++ b/bookshelf_management/apps/mgmt/templates/generic_template.html @@ -27,9 +27,16 @@
  • Bookshelves
    • + {% if user.is_authenticated %} +
  • + Logout +
    • + {% else %}
  • Login
    • + {% endif %} + diff --git a/bookshelf_management/apps/mgmt/views.py b/bookshelf_management/apps/mgmt/views.py index 447ae8e..68f6222 100644 --- a/bookshelf_management/apps/mgmt/views.py +++ b/bookshelf_management/apps/mgmt/views.py @@ -1,7 +1,7 @@ from .models import Book, Bookshelf, BookshelfToBook from django.http import HttpResponse from django.shortcuts import render, redirect -from django.contrib.auth import authenticate +from django.contrib.auth import authenticate, login, logout @@ -156,7 +156,7 @@ def get_name(request): return render(request, 'name.html', {'form': form}) -def login(request): +def loginView(request): context = { "message": "" } @@ -169,6 +169,7 @@ def login(request): print(user) if user is not None: # A backend authenticated the credentials + login(request, user) return redirect("/bookshelves") else: # No backend authenticated the credentials @@ -183,3 +184,7 @@ def login(request): context['form'] = form return render(request, 'login.html', context=context) + +def logoutView(request): + logout(request) + return redirect("/bookshelves") \ No newline at end of file diff --git a/bookshelf_management/urls.py b/bookshelf_management/urls.py index 79beaa4..7285f76 100644 --- a/bookshelf_management/urls.py +++ b/bookshelf_management/urls.py @@ -24,7 +24,8 @@ urlpatterns = [ path('admin/', admin.site.urls), path('bookshelves', views.bookshelfList, name='detail'), path('books', views.searchBooks, name='detail'), - path('login', views.login, name='detail'), + path('login', views.loginView, name='detail'), + path('logout', views.logoutView, name='detail'), path('books/', views.bookshelvesOfBook, name='detail'), path('bookshelves//search', views.searchBooksToAdd, name='detail'), path('bookshelves/', views.booksInBookshelf, name='detail')