aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--accounts/urls.py1
-rw-r--r--accounts/views.py75
-rw-r--r--client/templatetags/app_filter.py11
-rw-r--r--client/views.py2
-rw-r--r--templates/registration/base_client.html34
-rw-r--r--version.txt2
6 files changed, 118 insertions, 7 deletions
diff --git a/accounts/urls.py b/accounts/urls.py
index 46cb438..b35796b 100644
--- a/accounts/urls.py
+++ b/accounts/urls.py
@@ -12,4 +12,5 @@ urlpatterns = [
path('oauth_connect/', views.oauth_connect, name='oauth_connect'),
path('oauth_disconnect/', views.oauth_disconnect, name='oauth_disconnect'),
path('auth_connect/', views.auth_connect, name='auth_connect'),
+ path('user_switcher/', views.user_switcher, name='user_switcher'),
]
diff --git a/accounts/views.py b/accounts/views.py
index cd17552..e9d2bfe 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -1,3 +1,4 @@
+import datetime
from django.shortcuts import render
from django.urls import reverse
from django.conf import settings
@@ -15,6 +16,7 @@ from client.models import UserCode, MedicalData
from authlib.integrations.django_client import OAuth
+import json
import dateparser
import os
import requests
@@ -203,6 +205,79 @@ def auth_connect(request):
return HttpResponseRedirect(reverse("personal") + "#settings")
+@sensitive_variables("sessionid")
+def set_session_cookie(response, sessionid, expires):
+ expires_date = datetime.datetime.fromtimestamp(int(expires))
+ max_age = (expires_date - datetime.datetime.utcnow()).total_seconds()
+ response.set_cookie(
+ "sessionid",
+ sessionid,
+ max_age=max_age,
+ expires=expires,
+ domain=settings.SESSION_COOKIE_DOMAIN,
+ secure=settings.SESSION_COOKIE_SECURE,
+ httponly=settings.SESSION_COOKIE_HTTPONLY,
+ samesite=settings.SESSION_COOKIE_SAMESITE,
+ )
+
+@sensitive_variables("data")
+def set_switch_cookie(response, data):
+
+ max_age = 30 * 60 * 60 * 24
+ expires = datetime.datetime.strftime(
+ datetime.datetime.utcnow() + datetime.timedelta(seconds=max_age),
+ "%a, %d-%b-%Y %H:%M:%S GMT",
+ )
+ response.set_cookie(
+ "user_switcher",
+ json.dumps(data),
+ max_age=max_age,
+ expires=expires,
+ domain=settings.SESSION_COOKIE_DOMAIN,
+ secure=settings.SESSION_COOKIE_SECURE,
+ httponly=settings.SESSION_COOKIE_HTTPONLY,
+ samesite=settings.SESSION_COOKIE_SAMESITE,
+ )
+
+@sensitive_variables("sessions")
+def user_switcher(request):
+ if request.method == 'POST':
+ if request.POST["metadata"] == 'new':
+ response = HttpResponseRedirect('/accounts/login')
+
+ sessions = dict()
+ if "user_switcher" in request.COOKIES:
+ sessions = json.loads(request.COOKIES.get("user_switcher"))
+
+ sessions[request.user.username] = (request.session.session_key, request.session.get_expiry_date().timestamp())
+ set_switch_cookie(response, sessions)
+
+ response.set_cookie("sessionid", "")
+
+ return response
+
+ if request.POST["metadata"][0] == 's':
+ response = HttpResponseRedirect("/")
+ username = request.POST["metadata"][1:]
+
+ sessions = dict()
+ if "user_switcher" in request.COOKIES:
+ sessions = json.loads(request.COOKIES.get("user_switcher"))
+
+ sessions[request.user.username] = (request.session.session_key, request.session.get_expiry_date().timestamp())
+ set_switch_cookie(response, sessions)
+
+ if username in sessions:
+ set_session_cookie(response, sessions[username][0], sessions[username][1])
+ else:
+ set_session_cookie(response, "", 0)
+
+ print("done")
+ return response
+
+
+ return HttpResponseRedirect("/")
+
@sensitive_variables("raw_passsword")
def signup(request):
out_errors = []
diff --git a/client/templatetags/app_filter.py b/client/templatetags/app_filter.py
index df92775..c447d35 100644
--- a/client/templatetags/app_filter.py
+++ b/client/templatetags/app_filter.py
@@ -2,6 +2,8 @@ from django import template
from django.db.models.query_utils import Q
from client.models import Document, KeyVal, Keys
+import json
+
register = template.Library()
@register.filter(name="doc_key")
def doc_key(doc):
@@ -46,4 +48,11 @@ def parse_multiple_choice(str):
if len(arr) < 2:
return [arr[0], []]
- return [arr[0], arr[1:]] \ No newline at end of file
+ return [arr[0], arr[1:]]
+
+@register.filter(name="parse_userswitcher")
+def parse_userswitcher(str):
+ if not str:
+ return []
+
+ return json.loads(str).keys() \ No newline at end of file
diff --git a/client/views.py b/client/views.py
index 0f1bfaa..04ebaf9 100644
--- a/client/views.py
+++ b/client/views.py
@@ -2,7 +2,7 @@ from django.db.models.expressions import OuterRef, Subquery
from django.template.loader import get_template
from client.models import GroupSettings, UserCode, Keys, DocumentType, Document, PersonalData, KeyVal, MedicalData
from django.db.models import Q
-from django.http import HttpResponseRedirect, FileResponse
+from django.http import HttpResponse, HttpResponseRedirect, FileResponse
from django.contrib.auth.decorators import login_required
from django.shortcuts import render
from accounts.views import copy_from_midata
diff --git a/templates/registration/base_client.html b/templates/registration/base_client.html
index 362238c..8543852 100644
--- a/templates/registration/base_client.html
+++ b/templates/registration/base_client.html
@@ -5,6 +5,7 @@
<html>
<head>
{% load static %}
+ {% load app_filter %}
<link rel="stylesheet" type="text/css" href="{% static 'material_icons.css' %}">
<link rel="stylesheet" type="text/css" href="{% static 'materialize.min.css' %}">
<style>
@@ -94,6 +95,9 @@
</head>
<body>
<nav class="nav-extended">
+ <form id="user_form" method="post" action="{% url 'user_switcher'%}">
+ {% csrf_token %}
+ <input type="hidden" name="metadata" id="metadata">
<div class="nav-wrapper {{color}}">
<a style="margin-left: 10px;" href="{% url 'index' %}" class="breadcrumb hide-on-small-only">Home</a>
<ul class="left hide-on-med-and-up">
@@ -108,20 +112,31 @@
{% if user.is_staff or perms.client.staff %}
<li class="hide-on-small-only"><a href="{% url 'server' %}">Pannello Admin</a></li>
{% endif %}
- <li class="hide-on-small-only tooltipped" data-position="bottom" data-tooltip="Dati personali"><a href="{% url 'personal' %}">{{ user.username }}</a></li>
- <li class="hide-on-med-and-up tooltipped" data-position="bottom" data-tooltip="Dati personali"><a href="{% url 'personal' %}"><i class="material-icons">person</i></a></li>
{% if user.is_staff or perms.client.staff %}
<li class="tooltipped hide-on-med-and-up" data-position="bottom" data-tooltip="Pannello Admin" class="hide-on-med-and-up"><a href="{% url 'server' %}"><i class="material-icons">build</i></a></li>
{% endif %}
{% if group_view %}
<li class="tooltipped hide-on-med-and-up" data-position="bottom" data-tooltip="Lista documenti" class="hide-on-med-and-up"><a class="modal-trigger" href="#modal_capi"><i class="material-icons">list</i></a></li>
{% endif %}
- <li class="tooltipped" data-position="bottom" data-tooltip="Informazioni"><a href="{% url 'about' %}"><i class="material-icons">info_outline</i></a></li>
- <li class="tooltipped" data-position="bottom" data-tooltip="Logout"><a href="{% url 'logout' %}"><i class="material-icons">exit_to_app</i></a></li>
+ <li class="userswitcher" data-target='userswitcher'><a href="#">{{ user.username }}</a></li>
+ <ul id='userswitcher' class='dropdown-content'>
+ <li><a href="{% url 'personal' %}"><i class="material-icons">person</i>Gestione account</a></li>
+ <li><a href="{% url 'logout' %}"><i class="material-icons">exit_to_app</i>Logout</a></li>
+ <li class="divider" tabindex="-1"></li>
+ {% for username in request.COOKIES.user_switcher|parse_userswitcher%}
+ {% if username != user.username %}
+ <li><a onclick="switcher_submit('s{{username}}')">{{username}}</a></li>
+ {% endif %}
+ {% endfor %}
+ <li><a onclick="switcher_submit('new')"><i class="material-icons">person_add</i>Aggiungi un altro utente</a></li>
+ <li class="divider" tabindex="-1"></li>
+ <li><a href="{% url 'about' %}">Informazioni sul prodotto</a></li>
+ </ul>
</ul>
</div>
{% block toolbar %}
{% endblock %}
+ </form>
</nav>
<main id="main" style="margin-left: 10px;margin-right: 10px;margin-top: 10px;">
@@ -135,6 +150,17 @@
$(document).ready(function(){
$('.tooltipped').tooltip();
});
+
+ document.addEventListener('DOMContentLoaded', function() {
+ var elems = document.querySelectorAll('.userswitcher');
+ var instances = M.Dropdown.init(elems, {"coverTrigger": false, "constrainWidth": false});
+ });
+ function switcher_submit(id) {
+ var form = document.getElementById('user_form')
+ var action = document.getElementById('metadata')
+ action.setAttribute('value', id);
+ form.submit()
+ }
{% block script %}
{% endblock%}
</script>
diff --git a/version.txt b/version.txt
index 56eed72..4df8563 100644
--- a/version.txt
+++ b/version.txt
@@ -1,2 +1,2 @@
version=0.4
-rev=22
+rev=23