From ab554e1f401d9679b17e8d590c6e530fecc4fd80 Mon Sep 17 00:00:00 2001
From: Andrea Lepori <alepori@student.ethz.ch>
Date: Wed, 5 Jan 2022 18:07:03 +0100
Subject: force user linked to midata to use midata login

---
 accounts/urls.py                  |  1 +
 accounts/views.py                 | 29 ++++++++++++++++++++++++++++-
 templates/registration/login.html | 22 +++++++++++++++++++++-
 version.txt                       |  2 +-
 4 files changed, 51 insertions(+), 3 deletions(-)

diff --git a/accounts/urls.py b/accounts/urls.py
index fa85a5b..46cb438 100644
--- a/accounts/urls.py
+++ b/accounts/urls.py
@@ -4,6 +4,7 @@ from . import views
 
 urlpatterns = [
     path('signup/', views.signup, name='signup'),
+    path('login/', views.CustomLoginView.as_view(), name='login'),
     path('personal/', views.personal, name='personal'),
     path('terms/', views.terms, name='terms'),
     path('oauth_login/', views.oauth_login, name='oauth_login'),
diff --git a/accounts/views.py b/accounts/views.py
index fabd5a4..2455d73 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -1,13 +1,15 @@
 from django.shortcuts import render
 from django.urls import reverse
 from django.conf import settings
-from django.contrib.auth.forms import PasswordChangeForm, SetPasswordForm, UserCreationForm
+from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm, SetPasswordForm, UserCreationForm
 from django.contrib.auth.models import User
 from django.contrib.auth import login, authenticate, logout
+from django.contrib.auth.views import LoginView
 from django.http import FileResponse
 from django.contrib.auth.decorators import login_required
 from django.views.decorators.debug import sensitive_variables
 from django.http import HttpResponseRedirect
+from django.core.exceptions import ValidationError
 
 from client.models import UserCode, MedicalData
 
@@ -37,6 +39,28 @@ class RegisterForm(UserCreationForm):
         for fieldname in ['username', 'password1', 'password2']:
             self.fields[fieldname].help_text = None
 
+class AuthForm(AuthenticationForm):
+    error_messages = {
+        'invalid_login': ("Password errata e/o utente inesistente"),
+        'inactive': ("Utente disattivato"),
+        'midata_user': ("Utilizza il login con MiData collegato all'utente"),
+    }
+    def confirm_login_allowed(self, user):
+        usercode = UserCode.objects.filter(user=user)
+
+        if len(usercode) > 0:
+            if usercode[0].midata_id > 0:
+                raise ValidationError(
+                    self.error_messages['midata_user'],
+                    code='midata_user',
+                )
+
+        if not user.is_active:
+            raise ValidationError(
+                self.error_messages['inactive'],
+                code='inactive',
+            )
+
 # request data from user account
 def get_oauth_data(token):
     headers = {
@@ -70,6 +94,9 @@ def copy_from_midata(request, usercode):
 
 ### Views ###
 
+class CustomLoginView(LoginView):
+    form_class = AuthForm
+
 # send to hitobito request to get token
 def oauth_login(request):
     redirect_uri = request.build_absolute_uri(reverse('auth'))
diff --git a/templates/registration/login.html b/templates/registration/login.html
index cee57d6..9ed5ac4 100644
--- a/templates/registration/login.html
+++ b/templates/registration/login.html
@@ -21,7 +21,18 @@
         <div class="card-content">
           <form method="post">
             {% csrf_token %}
-            {{ form.as_p }}
+            <div class="row">
+              <div class="input-field col s12">
+                <label for="id_username">Nome utente</label>
+                {{ form.username }}
+              </div>
+            </div>
+            <div class="row">
+              <div class="input-field col s12">
+                <label for="id_password">Password</label>
+                {{ form.password }}
+              </div>
+            </div>
             <br>
             <a href={% url 'password_reset' %}>Password dimenticata</a>
             <br>
@@ -55,6 +66,15 @@
     </div>
   </div>
 {% endblock %}
+{% block script %}
+document.addEventListener('DOMContentLoaded', function() {
+  {% for field, errors in form.errors.items %}
+    {% for error in errors %}
+      M.toast({html: '{{ error }}', classes: 'orange'})
+    {% endfor %}
+  {% endfor %}
+});
+{% endblock %}
 {% block footer %}
   <footer class="page-footer {{color}}">
     <div class="container">
diff --git a/version.txt b/version.txt
index bf22b4c..5ffa9dc 100644
--- a/version.txt
+++ b/version.txt
@@ -1,2 +1,2 @@
 version=0.4
-rev=17
+rev=18
-- 
cgit v1.2.1