Update Python Dependencies (#404)

* [requires.io] dependency update * Server starts... Various things are broken, but it runs! * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * FIX: Broken migrations * FIX: Update auth framework * FIX: Correct static use in templates * FIX: Fix supplier sort * FIX: Remaining tests * Revert "Disable password reset as temporary fix to vulnerability (#396)" This reverts commit e0c6a56263. # Conflicts: # RIGS/urls.py * FIX: Fix broken newlining in PDFs Introduced by a change in Django 2.1 'HTML rendered by form widgets no longer includes a closing slash on void elements, e.g. <br>. This is incompatible within XHTML, although some widgets already used aspects of HTML5 such as boolean attributes.' * FIX: Fix some Django4 deprecation warnings Why not... * Refactor dependency file Should now only include dependencies we actually use, not dependencies of dependencies and unused things * Add newlines to the paperwork print test event This will catch the error encountered in 79ec9214f9 * Swap to pycodestyle rather than pep8 in Travis And eliminate W605 errors * Bit too heavy handed with the dep purge there... * Whoops, helps if one installs pycodestyle... * FIX: Re-add overridden login view * Better fix for previous commit * FIX: Bloody smartquotes Co-authored-by: requires.io <support@requires.io>
2026-02-02 13:22:17 +00:00 · 2020-03-07 16:21:48 +00:00
parent 797ad778a9
commit 8568c591a9
41 changed files with 169 additions and 213 deletions
--- a/RIGS/views.py
+++ b/RIGS/views.py
@@ -3,6 +3,7 @@ from django.http.response import HttpResponseRedirect
 from django.http import HttpResponse
 from django.urls import reverse_lazy, reverse, NoReverseMatch
 from django.views import generic
+from django.contrib.auth.views import LoginView
 from django.db.models import Q
 from django.shortcuts import get_object_or_404
 from django.core import serializers
@@ -34,16 +35,6 @@ class Index(generic.TemplateView):
        return context


-def login(request, **kwargs):
-    if request.user.is_authenticated:
-        next = request.GET.get('next', '/')
-        return HttpResponseRedirect(next)
-    else:
-        from django.contrib.auth.views import login
-
-        return login(request, authentication_form=forms.CheckApprovedForm)
-
-
 class SearchHelp(generic.TemplateView):
    template_name = 'RIGS/search_help.html'

@@ -52,14 +43,11 @@ class SearchHelp(generic.TemplateView):
 # Then we can check for it and show a nice error
 # Don't worry, django.contrib.auth.views.login will
 # check for it before logging  the user in
-@csrf_exempt
-def login_embed(request, **kwargs):
-    if request.user.is_authenticated:
-        next = request.GET.get('next', '/')
-        return HttpResponseRedirect(next)
-    else:
-        from django.contrib.auth.views import login
+class LoginEmbed(LoginView):
+    template_name = 'registration/login_embed.html'

+    @csrf_exempt
+    def dispatch(self, request, *args, **kwargs):
        if request.method == "POST":
            csrf_cookie = request.COOKIES.get('csrftoken', None)

@@ -67,7 +55,7 @@ def login_embed(request, **kwargs):
                messages.warning(request, 'Cookies do not seem to be enabled. Try logging in using a new tab.')
                request.method = 'GET'  # Render the page without trying to login

-        return login(request, template_name="registration/login_embed.html", authentication_form=forms.EmbeddedAuthenticationForm)
+        return super().dispatch(request, *args, **kwargs)


 """
@@ -423,7 +411,3 @@ class ResetApiKey(generic.RedirectView):
        self.request.user.save()

        return reverse_lazy('profile_detail')
-
-
-class PasswordResetDisabled(generic.TemplateView):
-    template_name = "RIGS/password_reset_disable.html"