From c4cea788d381ebdca8d9b122c2d451b097cfe3d1 Mon Sep 17 00:00:00 2001
From: Ivlev Denis <di-erz@yandex.ru>
Date: Wed, 7 Feb 2018 14:06:34 +0300
Subject: [PATCH] LIL-183. Add user edit view

---
 apps/user/views.py | 36 +++++++++++++++++++++++++++++++-----
 1 file changed, 31 insertions(+), 5 deletions(-)

diff --git a/apps/user/views.py b/apps/user/views.py
index 428ca2ce..8dc66d18 100644
--- a/apps/user/views.py
+++ b/apps/user/views.py
@@ -1,9 +1,14 @@
-from django.shortcuts import render
+from django.contrib.auth import login
+from django.shortcuts import render, reverse
 from django.views.generic import DetailView, UpdateView
+from django.contrib import messages
 from django.contrib.auth import get_user_model
+from django.contrib.auth.hashers import check_password, make_password
 
 from apps.course.models import Course
 
+from .forms import UserEditForm
+
 User = get_user_model()
 
 
@@ -13,7 +18,9 @@ class UserView(DetailView):
 
     def get_context_data(self, object):
         context = super().get_context_data()
-        context['published'] = Course.objects.filter(author=self.object, status=Course.PUBLISHED)
+        context['published'] = Course.objects.filter(
+            author=self.object, status=Course.PUBLISHED
+        )
         context['paid'] = Course.objects.none()
         return context
 
@@ -21,6 +28,25 @@ class UserView(DetailView):
 class UserEditView(UpdateView):
     model = User
     template_name = 'user/profile-settings.html'
-    fields = (
-        'first_name',
-    )
+    form_class = UserEditForm
+
+    def post(self, request, *args, **kwargs):
+        # it's magic *-*-*-*-*
+        self.object = self.get_object()
+        if not request.POST._mutable:
+            request.POST._mutable = True
+        old_password = request.POST.pop('old_password')[0]
+        new_password1 = request.POST.pop('new_password1')[0]
+        new_password2 = request.POST.pop('new_password2')[0]
+        if old_password:
+            if request.user.check_password(old_password) and new_password1 == new_password2:
+                request.user.set_password(new_password1)
+                request.user.save()
+                login(request, request.user)
+            else:
+                messages.error(request, 'Неверный пароль.')
+        messages.info(request, 'Данные сохранены.')
+        return super().post(request, *args, **kwargs)
+
+    def get_success_url(self):
+        return reverse('user-edit', args=[self.object.id])