diff --git a/project/customer/middleware.py b/project/customer/middleware.py index 37269cb..45d1204 100644 --- a/project/customer/middleware.py +++ b/project/customer/middleware.py @@ -1,5 +1,7 @@ # -*- coding: utf-8 -*- from django.utils.functional import SimpleLazyObject +from django.contrib.auth.views import logout as django_logout +from django.contrib import messages from .models import get_profile @@ -13,5 +15,9 @@ def _get_profile(request): class ProfileMiddleware(object): def process_request(self, request): assert hasattr(request, 'user'), "The Profile middleware requires authentication middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware'." - request.profile = SimpleLazyObject(lambda: _get_profile(request)) + if request.user.is_authenticated(): + if request.user.profile.user_session_key != request.session.session_key and \ + request.profile.user_session_key != '': + django_logout(request) + messages.add_message(request, messages.ERROR, u'Другой пользователь вошёл под этим логином.') diff --git a/project/customer/migrations/0011_auto__add_field_userprofile_user_session_key.py b/project/customer/migrations/0011_auto__add_field_userprofile_user_session_key.py new file mode 100644 index 0000000..653bccf --- /dev/null +++ b/project/customer/migrations/0011_auto__add_field_userprofile_user_session_key.py @@ -0,0 +1,182 @@ +# -*- coding: utf-8 -*- +from south.utils import datetime_utils as datetime +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + + +class Migration(SchemaMigration): + + def forwards(self, orm): + # Adding field 'UserProfile.user_session_key' + db.add_column(u'customer_userprofile', 'user_session_key', + self.gf('django.db.models.fields.CharField')(default='', max_length=256, blank=True), + keep_default=False) + + + def backwards(self, orm): + # Deleting field 'UserProfile.user_session_key' + db.delete_column(u'customer_userprofile', 'user_session_key') + + + models = { + u'auth.group': { + 'Meta': {'object_name': 'Group'}, + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + u'auth.permission': { + 'Meta': {'ordering': "(u'content_type__app_label', u'content_type__model', u'codename')", 'unique_together': "((u'content_type', u'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['contenttypes.ContentType']"}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + u'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + u'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + u'customer.bankaccount': { + 'Meta': {'ordering': "['-created_at']", 'object_name': 'BankAccount'}, + 'account': ('django.db.models.fields.CharField', [], {'max_length': '20'}), + 'address': ('django.db.models.fields.CharField', [], {'max_length': '256'}), + 'bik': ('django.db.models.fields.CharField', [], {'max_length': '10'}), + 'created_at': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_main': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'korr_account': ('django.db.models.fields.CharField', [], {'max_length': '20'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '256'}), + 'updated_at': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'bank_accounts'", 'to': u"orm['auth.User']"}) + }, + u'customer.client': { + 'Meta': {'ordering': "['name', '-created_at']", 'object_name': 'Client'}, + 'address': ('django.db.models.fields.CharField', [], {'max_length': '256'}), + 'bank_account': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '20', 'blank': 'True'}), + 'bank_address': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'bank_bik': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '10', 'blank': 'True'}), + 'bank_korr_account': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '20', 'blank': 'True'}), + 'bank_name': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'contact_email': ('django.db.models.fields.EmailField', [], {'default': "''", 'max_length': '50', 'blank': 'True'}), + 'contact_icq': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '20', 'blank': 'True'}), + 'contact_name': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '50', 'blank': 'True'}), + 'contact_other': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'contact_phone': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '50', 'blank': 'True'}), + 'contact_skype': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '20', 'blank': 'True'}), + 'created_at': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'inn': ('django.db.models.fields.CharField', [], {'max_length': '12'}), + 'kpp': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '9', 'blank': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '256', 'db_index': 'True'}), + 'okpo': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '10', 'blank': 'True'}), + 'updated_at': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'clients'", 'to': u"orm['auth.User']"}) + }, + u'customer.license': { + 'Meta': {'object_name': 'License'}, + 'date_from': ('django.db.models.fields.DateField', [], {'null': 'True', 'blank': 'True'}), + 'date_to': ('django.db.models.fields.DateField', [], {'null': 'True', 'blank': 'True'}), + 'deleted': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'order_date': ('django.db.models.fields.DateField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'paid_date': ('django.db.models.fields.DateField', [], {'null': 'True', 'blank': 'True'}), + 'pay_sum': ('django.db.models.fields.IntegerField', [], {}), + 'payform': ('django.db.models.fields.IntegerField', [], {'default': '0'}), + 'status': ('django.db.models.fields.IntegerField', [], {'default': '0'}), + 'term': ('django.db.models.fields.IntegerField', [], {}), + 'user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'licenses'", 'to': u"orm['auth.User']"}) + }, + u'customer.licenseprice': { + 'Meta': {'object_name': 'LicensePrice'}, + u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'price': ('django.db.models.fields.IntegerField', [], {}), + 'term': ('django.db.models.fields.IntegerField', [], {}) + }, + u'customer.userprofile': { + 'Meta': {'object_name': 'UserProfile'}, + 'active': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'address': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256'}), + 'boss_midname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '30'}), + 'boss_name': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '30'}), + 'boss_sign': ('django.db.models.fields.files.ImageField', [], {'default': "''", 'max_length': '100', 'blank': 'True'}), + 'boss_surname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '30'}), + 'boss_title': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'confirmed': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'created_at': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'email': ('django.db.models.fields.EmailField', [], {'default': "''", 'max_length': '75', 'blank': 'True'}), + 'fax': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '20', 'blank': 'True'}), + 'fax_code': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '10', 'blank': 'True'}), + 'full_name': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'glavbuh_midname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '30', 'blank': 'True'}), + 'glavbuh_name': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '30', 'blank': 'True'}), + 'glavbuh_sign': ('django.db.models.fields.files.ImageField', [], {'default': "''", 'max_length': '100', 'blank': 'True'}), + 'glavbuh_surname': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '30', 'blank': 'True'}), + 'inn': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '12'}), + 'ip_reg_date': ('django.db.models.fields.DateField', [], {'null': 'True', 'blank': 'True'}), + 'jur_address': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'kpp': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '9'}), + 'logo': ('django.db.models.fields.files.ImageField', [], {'default': "''", 'max_length': '100', 'blank': 'True'}), + 'na_osnovanii': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256'}), + 'ogrn': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '15'}), + 'okpo': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '10', 'blank': 'True'}), + 'phone': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '20', 'blank': 'True'}), + 'phone_code': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '10', 'blank': 'True'}), + 'profile_type': ('django.db.models.fields.PositiveSmallIntegerField', [], {}), + 'real_address': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'site': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'stamp': ('django.db.models.fields.files.ImageField', [], {'default': "''", 'max_length': '100', 'blank': 'True'}), + 'svid_gos_reg': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}), + 'updated_at': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'user': ('django.db.models.fields.related.OneToOneField', [], {'related_name': "'profile'", 'unique': 'True', 'primary_key': 'True', 'to': u"orm['auth.User']"}), + 'user_session_key': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '256', 'blank': 'True'}) + }, + u'customer.userprofilefilters': { + 'Meta': {'object_name': 'UserProfileFilters'}, + 'bank_account': ('django.db.models.fields.related.ForeignKey', [], {'default': 'None', 'related_name': "'+'", 'null': 'True', 'blank': 'True', 'to': u"orm['customer.BankAccount']"}), + 'show_bank_account': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_contact_info': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_email': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_fax': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_full_name': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_glavbuh': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_inn': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_ip_boss_fio': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_ip_reg_date': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_jur_address': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_kpp': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_na_osnovanii': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_name': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_ogrn': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_okpo': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_org_boss_title_and_fio': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_phone': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_profile_type': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_real_address': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_site': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'show_svid_gos_reg': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'user': ('django.db.models.fields.related.OneToOneField', [], {'related_name': "'profile_filters'", 'unique': 'True', 'primary_key': 'True', 'to': u"orm['auth.User']"}) + } + } + + complete_apps = ['customer'] \ No newline at end of file diff --git a/project/customer/models.py b/project/customer/models.py index d335c07..6afb6df 100644 --- a/project/customer/models.py +++ b/project/customer/models.py @@ -107,6 +107,9 @@ class UserProfile(models.Model): active = models.BooleanField(u'Активен', default=False) confirmed = models.BooleanField(u'Подтверждён', default=False) + user_session_key = models.CharField(u'Ключ сессии (служебная информация)', max_length=256, blank=True, default='', + help_text=u'Руками не тро...') + objects = managers.UserProfileManager() class Meta: diff --git a/project/myauth/forms.py b/project/myauth/forms.py index a1428bb..823bdbe 100644 --- a/project/myauth/forms.py +++ b/project/myauth/forms.py @@ -146,6 +146,7 @@ class LoginForm(forms.Form): """Форма логина.""" email = forms.EmailField(label=u'E-mail', max_length=75) password = forms.CharField(label=u'Пароль', widget=forms.PasswordInput) + reset_old_login = forms.BooleanField(label='Сбросить старый вход', required=False) # TODO капча на случай если пароль не ввели правильно с первого раза @@ -157,6 +158,7 @@ class LoginForm(forms.Form): super(LoginForm, self).clean() email = self.cleaned_data.get('email') password = self.cleaned_data.get('password') + reset_old_login = self.cleaned_data.get('reset_old_login') if email and password: try: username = User.objects.get(email__iexact = email).username @@ -166,6 +168,8 @@ class LoginForm(forms.Form): set_field_error(self, 'email', u'Пользователь заблокирован.') if not self.user_cache.profile.confirmed: set_field_error(self, 'email', u'Для подтверждения адреса электронной почты перейдите по адресу, указанному в письме. Если вы не получили письмо с активацией, попробуйте зарегистрироваться ещё раз или укажите другой адрес электронной почты.') + if self.user_cache.profile.user_session_key and not reset_old_login: + set_field_error(self, 'email', u'Пользователь уже вошёл в систему. Установите флаг "Сбросить старый вход", чтобы войти.') else: set_field_error(self, 'password', u'Неверное сочетание e-mail / пароль.') except User.DoesNotExist: diff --git a/project/myauth/urls.py b/project/myauth/urls.py index 63a970d..3f66f48 100644 --- a/project/myauth/urls.py +++ b/project/myauth/urls.py @@ -21,5 +21,5 @@ urlpatterns = patterns('', url(r'^closed/$', TemplateView.as_view(template_name='myauth/registration_closed.html'), name='myauth_registration_closed'), - url(r'^logout/$', 'django.contrib.auth.views.logout', {'next_page': '/'}, name='auth_logout'), + url(r'^logout/$', views.logout, name='auth_logout'), ) diff --git a/project/myauth/views.py b/project/myauth/views.py index 7606a5f..70db107 100644 --- a/project/myauth/views.py +++ b/project/myauth/views.py @@ -13,6 +13,8 @@ from django.contrib.auth.models import User from django.contrib.auth.decorators import login_required from django.contrib import messages from django.conf import settings +from django.contrib.sessions.models import Session +from django.contrib.auth.views import logout as django_logout from project.customer.models import UserProfile, UserProfileFilters, License @@ -215,6 +217,14 @@ def login(request): form = form_class(data=request.POST, prefix=form_prefix) if form.is_valid(): auth.login(request, form.get_user()) + old_session_key = request.user.profile.user_session_key + request.user.profile.user_session_key = request.session.session_key + request.user.profile.save() + #try: + # session = session.objects.get(session_key=old_session_key) + # session.delete() + #except: + # pass if request.user.profile.check_name_not_filled(): success_url = 'customer_profile_edit' return redirect(success_url) @@ -222,3 +232,13 @@ def login(request): form = form_class(prefix=form_prefix) return render(request, template_name, {'form': form,}) + + +def logout(request): + try: + request.user.profile.user_session_key = '' + request.user.profile.save() + except: + pass + django_logout(request) + return redirect('/')