add login/logout to home, add 'only authenticated users are allowed to go to admin view'

fet2020/authentications/decorators.py

@@ -9,3 +9,13 @@ def unauthenticated_user(view_func):
             return view_func(request, *args, **kwargs)
 
     return wrapper_func
+
+
+def authenticated_user(view_func):
+    def wrapper_func(request, *args, **kwargs):
+        if request.user.is_authenticated:
+            return view_func(request, *args, **kwargs)
+        else:
+            return redirect('home')
+
+    return wrapper_func

fet2020/authentications/views.py

@@ -4,16 +4,11 @@ from django.contrib import messages
 from django.contrib.auth.models import User
 
 from .authentications import authentication
-# from .decorators import unauthenticated_user
+from .decorators import unauthenticated_user, authenticated_user
 
 
-# @unauthenticated_user
+@unauthenticated_user
 def loginPage(request):
-    """
-    if request.user.is_authenticated:
-        return redirect('home')
-    else:
-    """
     if request.method == 'POST':
         username = request.POST.get('username')
         password = request.POST.get('password')
@@ -29,12 +24,13 @@ def loginPage(request):
             login(request, user)
             return redirect('home')
         else:
-            messages.info(request, 'username OR password is incorrect')
+            messages.info(request, 'username or password is incorrect')
 
     context = {}
     return render(request, 'authentications/login.html', context)
 
 
+@authenticated_user
 def logoutUser(request):
     logout(request)
     return redirect('home')

fet2020/fet2020/settings.py

@@ -115,7 +115,7 @@ DATABASES = {
 }
 
 AUTHENTICATION_BACKENDS = [
-    'django.contrib.auth.backends.RemoteUserBackend',
+    # 'django.contrib.auth.backends.RemoteUserBackend',
     'django.contrib.auth.backends.ModelBackend',
 ]
 

fet2020/fet2020/urls.py

@@ -21,6 +21,7 @@ from . import views
 from posts.views import PostViewSet
 from members.views import MemberViewSet
 from rest_framework import routers
+from authentications.decorators import authenticated_user
 
 router = routers.DefaultRouter()
 router.register(r'posts', PostViewSet)
@@ -29,7 +30,7 @@ router.register(r'members', MemberViewSet)
 urlpatterns = [
     path('posts/', include('posts.urls')),
     path('admin/doc/', include('django.contrib.admindocs.urls')),
-    path('admin/', admin.site.urls),
+    path('admin/', authenticated_user(admin.site.urls)),
     path('auth/', include('authentications.urls')),
     path('', views.index, name='home'),
     path('index.html', views.index, name='home'),

fet2020/templates/layout.html

@@ -6,7 +6,7 @@
     <meta charset="utf-8" />
     <meta http-equiv="x-ua-compatible" content="ie=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>FET DjangoLayout</title>
+    <title>FET</title>
     <link rel="stylesheet" href="{% static 'app.css' %}">
     {% csrf_token %}
     {% block header %}
@@ -20,11 +20,16 @@
 </div>
 <div class="top-bar-right">
     <ul class="menu vertical medium-horizontal expanded medium-text-center">
-
+        {% if request.user.is_authenticated %}
+            Hallo {{request.user.username}}
+            <li class=""><a href="/admin">Admin</a></li>
+            <li class=""><a href="{%url 'logout'%}">Logout</a> </li>
+        {% else %}
+            <li class=""><a href="{%url 'login'%}">Login</a> </li>
+        {% endif %}
         <li class=""><a href="{%url 'home'%}">Aktuelles</a> </li>
         <li class=""><a href="/fotos">Fotos</a> </li>
-      <li class=""><a href="{%url 'members'%}">Mitarbeiter</a>
+        <li class=""><a href="{%url 'members'%}">Mitarbeiter</a> </li>
-      </li>
     </ul>
 </div>
 </div>
@@ -36,7 +41,6 @@
 <div class="grid-x medium-padding-1 large-padding-left-2" style="">
 <div class="cell">
 <ul class="no-bullet">
-<li><a href="/admin">admin</a></li>
 <li><a href="{% url 'posts.show' 'impressum'%}">Impressum</a></li>
 </div>