From ab554e1f401d9679b17e8d590c6e530fecc4fd80 Mon Sep 17 00:00:00 2001
From: Andrea Lepori <alepori@student.ethz.ch>
Date: Wed, 5 Jan 2022 18:07:03 +0100
Subject: force user linked to midata to use midata login

---
 accounts/urls.py  |  1 +
 accounts/views.py | 29 ++++++++++++++++++++++++++++-
 2 files changed, 29 insertions(+), 1 deletion(-)

(limited to 'accounts')

diff --git a/accounts/urls.py b/accounts/urls.py
index fa85a5b..46cb438 100644
--- a/accounts/urls.py
+++ b/accounts/urls.py
@@ -4,6 +4,7 @@ from . import views
 
 urlpatterns = [
     path('signup/', views.signup, name='signup'),
+    path('login/', views.CustomLoginView.as_view(), name='login'),
     path('personal/', views.personal, name='personal'),
     path('terms/', views.terms, name='terms'),
     path('oauth_login/', views.oauth_login, name='oauth_login'),
diff --git a/accounts/views.py b/accounts/views.py
index fabd5a4..2455d73 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -1,13 +1,15 @@
 from django.shortcuts import render
 from django.urls import reverse
 from django.conf import settings
-from django.contrib.auth.forms import PasswordChangeForm, SetPasswordForm, UserCreationForm
+from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm, SetPasswordForm, UserCreationForm
 from django.contrib.auth.models import User
 from django.contrib.auth import login, authenticate, logout
+from django.contrib.auth.views import LoginView
 from django.http import FileResponse
 from django.contrib.auth.decorators import login_required
 from django.views.decorators.debug import sensitive_variables
 from django.http import HttpResponseRedirect
+from django.core.exceptions import ValidationError
 
 from client.models import UserCode, MedicalData
 
@@ -37,6 +39,28 @@ class RegisterForm(UserCreationForm):
         for fieldname in ['username', 'password1', 'password2']:
             self.fields[fieldname].help_text = None
 
+class AuthForm(AuthenticationForm):
+    error_messages = {
+        'invalid_login': ("Password errata e/o utente inesistente"),
+        'inactive': ("Utente disattivato"),
+        'midata_user': ("Utilizza il login con MiData collegato all'utente"),
+    }
+    def confirm_login_allowed(self, user):
+        usercode = UserCode.objects.filter(user=user)
+
+        if len(usercode) > 0:
+            if usercode[0].midata_id > 0:
+                raise ValidationError(
+                    self.error_messages['midata_user'],
+                    code='midata_user',
+                )
+
+        if not user.is_active:
+            raise ValidationError(
+                self.error_messages['inactive'],
+                code='inactive',
+            )
+
 # request data from user account
 def get_oauth_data(token):
     headers = {
@@ -70,6 +94,9 @@ def copy_from_midata(request, usercode):
 
 ### Views ###
 
+class CustomLoginView(LoginView):
+    form_class = AuthForm
+
 # send to hitobito request to get token
 def oauth_login(request):
     redirect_uri = request.build_absolute_uri(reverse('auth'))
-- 
cgit v1.2.1