diff --git a/inventory/middleware.py b/inventory/middleware.py index d25c70f3..56e1993f 100644 --- a/inventory/middleware.py +++ b/inventory/middleware.py @@ -10,38 +10,38 @@ from inventory.utils import get_user_type logger = logging.getLogger("user_activity") -class LogUserActivityMiddleware: - """ - Middleware for logging user activity. +# class LogUserActivityMiddleware: +# """ +# Middleware for logging user activity. - This middleware logs the activity of authenticated users each time they make a - request. It creates an entry in the UserActivityLog model capturing the user's - ID, the action performed, and the timestamp. It is intended to assist in - tracking user actions across the application for analytics or auditing purposes. +# This middleware logs the activity of authenticated users each time they make a +# request. It creates an entry in the UserActivityLog model capturing the user's +# ID, the action performed, and the timestamp. It is intended to assist in +# tracking user actions across the application for analytics or auditing purposes. - :ivar get_response: The next middleware or view in the WSGI request-response - chain. - :type get_response: Callable - """ +# :ivar get_response: The next middleware or view in the WSGI request-response +# chain. +# :type get_response: Callable +# """ - def __init__(self, get_response): - self.get_response = get_response +# def __init__(self, get_response): +# self.get_response = get_response - def __call__(self, request): - response = self.get_response(request) +# def __call__(self, request): +# response = self.get_response(request) - if request.user.is_authenticated: - action = f"{request.method} {request.path}" - models.UserActivityLog.objects.create( - user=request.user, action=action, timestamp=timezone.now() - ) - return response +# if request.user.is_authenticated: +# action = f"{request.method} {request.path}" +# models.UserActivityLog.objects.create( +# user=request.user, action=action, timestamp=timezone.now() +# ) +# return response - def get_client_ip(self, request): - x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR") - if x_forwarded_for: - return x_forwarded_for.split(",")[0] - return request.META.get("REMOTE_ADDR") +# def get_client_ip(self, request): +# x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR") +# if x_forwarded_for: +# return x_forwarded_for.split(",")[0] +# return request.META.get("REMOTE_ADDR") class InjectParamsMiddleware: @@ -93,12 +93,13 @@ class InjectDealerMiddleware: def __call__(self, request): try: - request.is_dealer = False - request.is_staff = False - if hasattr(request.user, "dealer"): - request.is_dealer = True - elif hasattr(request.user, "staffmember"): - request.is_staff = True + if request.user.is_authenticated: + request.is_dealer = False + request.is_staff = False + if hasattr(request.user, "dealer"): + request.is_dealer = True + elif hasattr(request.user, "staffmember"): + request.is_staff = True except Exception: pass response = self.get_response(request) @@ -120,17 +121,27 @@ class DealerSlugMiddleware: def __call__(self, request): response = self.get_response(request) return response - def process_view(self, request, view_func, view_args, view_kwargs): - if 'signup' in request.path: - return redirect("account_signup") + if request.path_info.startswith('/en/signup/') or \ + request.path_info.startswith('/en/login/') or \ + request.path_info.startswith('/en/logout/') or \ + request.path_info.startswith('/en/ledger/') or \ + request.path_info.startswith('/ar/ledger/'): + return None + if not request.user.is_authenticated: return None - if request.path.startswith('/en/ledger/') or request.path.startswith('/ar/ledger/'): + + dealer_slug = view_kwargs.get("dealer_slug") + if not dealer_slug: return None - if not view_kwargs.get("dealer_slug"): + + if not hasattr(request, 'dealer') or not request.dealer: + logger.warning("No dealer associated with request") return None - dealer = get_user_type(request) - if view_kwargs["dealer_slug"] != dealer.slug: + + if dealer_slug.lower() != request.dealer.slug.lower(): + logger.warning(f"Dealer slug mismatch: {dealer_slug} != {request.dealer.slug}") raise Http404("Dealer slug mismatch") - \ No newline at end of file + + return None diff --git a/inventory/urls.py b/inventory/urls.py index 94b061ba..f8f2a179 100644 --- a/inventory/urls.py +++ b/inventory/urls.py @@ -8,44 +8,13 @@ from django.conf.urls import handler403, handler400, handler404, handler500 urlpatterns = [ # main URLs + path("", views.WelcomeView, name="welcome"), + path("signup/", views.dealer_signup, name="account_signup"), path("", views.HomeView.as_view(), name="home"), path("/", views.HomeView.as_view(), name="home"), - path("welcome/", views.WelcomeView.as_view(), name="welcome"), - # Accounts URLs - # path("login/", allauth_views.LoginView.as_view(template_name="account/login.html"), name="account_login"), - # path( - # "logout/", - # allauth_views.LogoutView.as_view(template_name="account/logout.html"), - # name="account_logout", - # ), - # path('signup/', allauth_views.SignupView.as_view(template_name='account/signup.html'), name='account_signup'), - path("signup/", views.dealer_signup, name="account_signup"), - # path("otp", views.OTPView.as_view(), name="otp"), - # path( - # "password/change/", allauth_views.PasswordChangeView.as_view(template_name="account/password_change.html"), name="account_change_password", - # ), - # path( - # "password/reset/", - # allauth_views.PasswordResetView.as_view( - # template_name="account/password_reset.html" - # ), - # name="account_reset_password", - # ), - # path( - # "accounts/password/reset/done/", - # allauth_views.PasswordResetDoneView.as_view( - # template_name="account/password_reset_done.html" - # ), - # name="account_password_reset_done", - # ), - # path( - # "accounts/login/code/", - # allauth_views.RequestLoginCodeView.as_view( - # template_name="account/request_login_code.html" - # ), - # ), + # Tasks - path("tasks/", views.task_list, name="task_list"), + path("/tasks/", views.task_list, name="task_list"), path("legal/", views.terms_and_privacy, name="terms_and_privacy"), # path('tasks//detail/', views.task_detail, name='task_detail'), # Dashboards diff --git a/inventory/views.py b/inventory/views.py index 7938414f..fe5dd7b3 100644 --- a/inventory/views.py +++ b/inventory/views.py @@ -268,8 +268,10 @@ def switch_language(request): logger.warning(f"Invalid language code: {language}") return redirect("/") +def testview(request): + return HttpResponse("test") -def dealer_signup(request, *args, **kwargs): +def dealer_signup(request): """ Handles the dealer signup wizard process, including forms validation, user and group creation, permissions assignment, and dealer data storage. This view supports GET @@ -557,7 +559,7 @@ def terms_and_privacy(request): return render(request, "terms_and_privacy.html") -class WelcomeView(TemplateView): +def WelcomeView(request): """ Handles the rendering and context data for the Welcome view. @@ -569,14 +571,11 @@ class WelcomeView(TemplateView): :ivar template_name: Path to the template used by the view. :type template_name: str """ - - template_name = "welcome.html" - - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - plan_list = Plan.objects.all() - context["plan_list"] = plan_list - return context + if request.user.is_authenticated: + return redirect("home", dealer_slug=request.dealer.slug) + plan_list = Plan.objects.all() + context = {"plan_list": plan_list} + return render(request, "welcome.html", context) class CarCreateView(LoginRequiredMixin, PermissionRequiredMixin, CreateView): diff --git a/templates/base.html b/templates/base.html index e8ead5bb..ddb99a7a 100644 --- a/templates/base.html +++ b/templates/base.html @@ -60,7 +60,9 @@ {% include "toast-alert.html" %}
- {% include 'header.html' %} + {% if request.user.is_authenticated %} + {% include 'header.html' %} + {% endif %}