From 56de2362a01089c8a5ca3c6e1affcade00ffdfce Mon Sep 17 00:00:00 2001 From: Andrew Godwin Date: Sat, 5 Nov 2022 20:10:39 -0600 Subject: Some user icon stuff --- users/views/identity.py | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'users/views/identity.py') diff --git a/users/views/identity.py b/users/views/identity.py index 9f2a7f9..fff521b 100644 --- a/users/views/identity.py +++ b/users/views/identity.py @@ -1,3 +1,5 @@ +import string + from django import forms from django.conf import settings from django.contrib.auth.decorators import login_required @@ -36,6 +38,20 @@ class SelectIdentity(TemplateView): } +@method_decorator(login_required, name="dispatch") +class ActivateIdentity(View): + def get(self, request, handle): + identity = by_handle_or_404(request, handle) + if not identity.users.filter(pk=request.user.pk).exists(): + raise Http404() + request.session["identity_id"] = identity.id + # Get next URL, not allowing offsite links + next = request.GET.get("next") or "/" + if ":" in next: + next = "/" + return redirect("/") + + @method_decorator(login_required, name="dispatch") class CreateIdentity(FormView): @@ -50,10 +66,16 @@ class CreateIdentity(FormView): def clean_handle(self): # Remove any leading @ value = self.cleaned_data["handle"].lstrip("@") + # Validate it's all ascii characters + for character in value: + if character not in string.ascii_letters + string.digits + "_-": + raise forms.ValidationError( + "Only the letters a-z, numbers 0-9, dashes and underscores are allowed." + ) # Don't allow custom domains here quite yet if "@" in value: raise forms.ValidationError( - "You are not allowed an @ sign in your handle" + "You are not allowed an @ sign in your handle." ) # Ensure there is a domain on the end if "@" not in value: -- cgit v1.2.3