df_site 0.1.0__py3-none-any.whl

df_site/urls.py

@@ -0,0 +1,41 @@
+"""List of URLs for the df_site app."""
+
+from django.conf import settings
+from django.urls import include, path
+from django.utils.module_loading import import_string
+from django.views.generic import RedirectView
+from django_prometheus import exports
+
+from df_site.views import (
+    BrowserConfigView,
+    HumansTxtView,
+    SecurityTxtView,
+    csp_report_view,
+    security_gpg_view,
+    site_webmanifest_view,
+    thumbnail_view,
+)
+
+urlpatterns = [
+    path(
+        ".well-known/change-password",
+        RedirectView.as_view(pattern_name="account_change_password", permanent=True),
+        name="well-known-change-password",
+    ),
+    path(".well-known/security.txt", SecurityTxtView.as_view(), name="well-known-security"),
+    path(".well-known/humans.txt", HumansTxtView.as_view(), name="well-known-humans"),
+    path(".well-known/gpg.txt", security_gpg_view, name="well-known-gpg"),
+    path("site.webmanifest", site_webmanifest_view, name="site_webmanifest"),
+    path("browserconfig.xml", BrowserConfigView.as_view(), name="browserconfig"),
+    path("metrics", exports.ExportToDjangoView, name="prometheus-django-metrics"),
+    path(settings.CSP_REPORT_URI[1:], csp_report_view, name="csp_report"),
+    path("users/", include("df_site.users.urls", namespace="users")),
+    path("thumbnails/<path:path>", thumbnail_view, name="thumbnails"),
+    path("messages/", include("df_site.postman.urls", namespace="postman")),
+    path("cookies/", include("cookie_consent.urls")),
+    path(
+        "upload_file/",
+        import_string(settings.CK_EDITOR_5_UPLOAD_FILE_VIEW),
+        name=settings.CK_EDITOR_5_UPLOAD_FILE_VIEW_NAME,
+    ),
+]

df_site/user_settings.py

@@ -0,0 +1,69 @@
+"""Manage user settings."""
+
+from functools import lru_cache
+from typing import Any, Optional
+
+from cookie_consent.util import get_cookie_value_from_request
+from django.conf import settings
+from django.contrib.auth import get_user_model
+from django.core.exceptions import ValidationError
+from django.db.models import Field
+from django.forms import Widget
+from django.http import HttpRequest, HttpResponse
+
+from df_site.models import AbstractPreferences
+
+
+@lru_cache
+def get_user_instance() -> AbstractPreferences:
+    """Return a blank user instance, required for validation purposes."""
+    return get_user_model()()
+
+
+def get_user_setting(
+    attr: str, user: Optional[AbstractPreferences] = None, request: Optional[HttpRequest] = None
+) -> Any:
+    """Return the specified user setting.
+
+    If the user is given, the value is read from the user instance.
+    If the cookie provides a value, it is validated and used.
+    Otherwise, the default value is returned.
+    """
+    if user:
+        return getattr(user, attr)
+    elif request and request.user.is_authenticated:
+        return getattr(request.user, attr)
+    user_instance = get_user_instance()
+    opts = user_instance._meta
+    field = opts.get_field(attr)
+    raw_value = request.COOKIES.get(attr) if request else None
+    value = field.default
+    if raw_value is not None:
+        try:
+            value = field.formfield().clean(raw_value)
+        except ValidationError:
+            pass
+    return value
+
+
+def set_user_setting(
+    attr: str,
+    value: Any,
+    user: Optional[AbstractPreferences] = None,
+    request: Optional[HttpRequest] = None,
+    response: Optional[HttpResponse] = None,
+) -> None:
+    """Set the user's preferences."""
+    if user:
+        setattr(user, attr, value)
+        user.save()
+    elif request and request.user.is_authenticated:
+        setattr(request.user, attr, value)
+        request.user.save()
+    elif get_cookie_value_from_request(request, "user-settings"):
+        user_instance = get_user_instance()
+        opts = user_instance._meta
+        field: Field = opts.get_field(attr)
+        widget: Widget = field.formfield().hidden_widget()
+        raw_value: str = widget.format_value(value)
+        response.set_cookie(attr, raw_value, samesite="Strict", secure=settings.USE_SSL)

df_site/users/__init__.py

@@ -0,0 +1 @@
+"""Module for user management."""

df_site/users/forms.py

@@ -0,0 +1,35 @@
+"""Forms for the users app."""
+
+from django import forms
+from django.contrib.auth import get_user_model
+from django.http import HttpRequest
+from django.utils.translation import gettext_lazy as _
+from django_recaptcha.fields import ReCaptchaField
+from django_recaptcha.widgets import ReCaptchaV2Checkbox
+
+
+class UserSettingsForm(forms.ModelForm):
+    """Form for the user settings page."""
+
+    class Meta:
+        """Meta options for the form."""
+
+        model = get_user_model()
+        fields = [
+            "first_name",
+            "last_name",
+            "color_theme",
+            "email_notifications",
+            "display_online",
+        ]
+
+
+class ReCaptchaForm(forms.Form):
+    """Form for the reCAPTCHA field."""
+
+    captcha = ReCaptchaField(widget=ReCaptchaV2Checkbox, label=_("I'm not a robot"))
+
+    # noinspection PyMethodMayBeStatic,PyUnusedLocal
+    def signup(self, request: HttpRequest, user):
+        """Configure the user as required by django-allauth."""
+        return user

df_site/users/notifications.py

@@ -0,0 +1,14 @@
+"""This module contains the functions related to the notifications of the users."""
+
+from typing import Optional, Union
+
+from django.contrib.auth.models import AbstractUser
+from django.contrib.sites.models import Site
+
+
+# noinspection PyUnusedLocal
+def email_address_on_message(user: Optional[AbstractUser], action: str, site: Site) -> Union[bool, str]:
+    """Return the email address of the user if it is authenticated and if its accepts emails."""
+    if user and user.is_authenticated and user.email_notifications:
+        return user.email
+    return False

df_site/users/urls.py

@@ -0,0 +1,17 @@
+"""List of URLs for the df_site app."""
+
+from django.conf import settings
+from django.urls import path
+from django.utils.module_loading import import_string
+
+from df_site.users.views import theme_switch
+
+app_name = "users"
+urlpatterns = [
+    path("theme-switch", theme_switch, name="theme_switch"),
+]
+if settings.AUTH_USER_SETTINGS_VIEW:
+    user_settings_view = import_string(settings.AUTH_USER_SETTINGS_VIEW)
+    urlpatterns.append(
+        path("settings", user_settings_view.as_view(), name="settings"),
+    )

df_site/users/views.py

@@ -0,0 +1,75 @@
+"""Groups all views related to the users."""
+
+from django.conf import settings
+from django.contrib import messages
+from django.http import HttpRequest, HttpResponse, HttpResponseRedirect, JsonResponse
+from django.urls import reverse
+from django.utils.http import url_has_allowed_host_and_scheme, urlencode
+from django.utils.translation import gettext as _
+from django.views.decorators.cache import never_cache
+from django.views.generic import FormView
+
+from df_site.user_settings import set_user_setting
+from df_site.users.forms import UserSettingsForm
+
+
+class UserSettingsView(FormView):
+    """View for the user settings page."""
+
+    template_name = "users/settings.html"
+    form_class = UserSettingsForm
+
+    def get_success_url(self):
+        """Get the URL to redirect to after a successful form submission."""
+        return reverse("users:settings")
+
+    def get_form_kwargs(self):
+        """Return the keyword arguments for instantiating the form."""
+        kwargs = super().get_form_kwargs()
+        kwargs["instance"] = self.request.user
+        return kwargs
+
+    def form_valid(self, form):
+        """Save the form data and redirect to the success URL."""
+        form.save()
+        messages.success(self.request, _("Your settings have been saved."))
+        return super().form_valid(form)
+
+
+@never_cache
+def theme_switch(request: HttpRequest) -> HttpResponse:
+    """Change the color theme of the site."""
+    # noinspection PyTypeChecker
+    current_theme: str = request.GET.get("current", "auto")
+    # noinspection PyTypeChecker
+    redirect_to = sanitize_redirection(request)
+
+    if settings.DF_SITE_THEMES:
+        next_theme, __, next_icon = settings.DF_SITE_THEMES[-1]
+        for theme, label, icon in settings.DF_SITE_THEMES:
+            if theme == current_theme:
+                break
+            next_theme, next_icon = theme, icon
+    else:
+        next_theme, next_icon = "auto", "toggle-on"
+    next_url = reverse("users:theme_switch")
+    args = urlencode({"next": redirect_to, "current": next_theme})
+    result = {"theme": next_theme, "icon": next_icon, "href": f"{next_url}?{args}"}
+    if request.META["HTTP_ACCEPT"] == "application/json":
+        response = JsonResponse(result)
+    else:
+        response = HttpResponseRedirect(redirect_to)
+    set_user_setting("color_theme", next_theme, request=request, response=response)
+    return response
+
+
+def sanitize_redirection(request, param="next"):
+    """Sanitize the redirection URL, only keeping allowed hosts."""
+    redirect_to: str = request.GET.get(param, "/")
+    if not url_has_allowed_host_and_scheme(
+        url=redirect_to,
+        allowed_hosts={request.get_host()},
+        require_https=request.is_secure(),
+    ):
+        redirect_to = "/"
+    return redirect_to

df_site/views.py

@@ -0,0 +1,122 @@
+"""Views for the df_site app."""
+
+import datetime
+import json
+import logging
+
+from django.conf import settings
+from django.contrib import messages
+from django.http import Http404, HttpRequest, HttpResponse, JsonResponse
+from django.templatetags.static import static
+from django.urls import reverse
+from django.utils.safestring import mark_safe
+from django.views.decorators.csrf import csrf_exempt
+from django.views.generic import TemplateView
+from django.views.static import serve
+
+from df_site.templatetags.df_site import abs_url
+from df_site.templatetags.images import CachedImage
+
+logger = logging.getLogger(__name__)
+
+
+def site_webmanifest_view(request: HttpRequest) -> HttpResponse:
+    """Generate a site.webmanifest view."""
+    result = {
+        "name": settings.DF_SITE_TITLE,
+        "short_name": settings.DF_SITE_TITLE,
+        "icons": [
+            {"src": static("favicon/android-chrome-192x192.png"), "sizes": "192x192", "type": "image/png"},
+            {"src": static("favicon/android-chrome-512x512.png"), "sizes": "512x512", "type": "image/png"},
+        ],
+        "theme_color": settings.DF_ANDROID_THEME_COLOR,
+        "background_color": settings.DF_ANDROID_BACKGROUND_COLOR,
+        "display": "standalone",
+    }
+    return JsonResponse(result)
+
+
+@csrf_exempt
+def csp_report_view(request: HttpRequest) -> HttpResponse:
+    """View to receive CSP reports, displaying them to the user in DEBUG mode."""
+    logger.info("CSP report: %s", request.body)
+    if settings.DEBUG:
+        try:
+            content = json.loads(request.body)
+            csp_report = content["csp-report"]
+            msg = (
+                f"<strong>CSP violation</strong> on this <a href='{csp_report['document-uri']}'>page</a>:"
+                f" {csp_report['effective-directive']} forbids the use of"
+                f" '{csp_report['blocked-uri']}' URIs."
+            )
+            messages.error(request, mark_safe(msg))  # noqa
+        except ValueError:
+            pass
+    return HttpResponse(status=204)
+
+
+class BrowserConfigView(TemplateView):
+    """View for the browserconfig.xml file."""
+
+    template_name = "favicon/browserconfig.xml"
+    content_type = "application/xml"
+
+
+def security_gpg_view(request: HttpRequest) -> HttpResponse:
+    """Return the GPG key to communicate with about security problems."""
+    if settings.DF_SITE_SECURITY_GPG_CONTENT:
+        raise Http404
+    response = HttpResponse(settings.DF_SITE_SECURITY_GPG_CONTENT, content_type="text/plain")
+    response["Content-Disposition"] = 'attachment; filename="gpg.txt"'
+    return response
+
+
+class SecurityTxtView(TemplateView):
+    """View for the ./well-known/security.txt file."""
+
+    template_name = "df_site/security.txt"
+    content_type = "plain/text"
+
+    def get_context_data(self, **kwargs):
+        """Return the context data for the view."""
+        context = super().get_context_data(**kwargs)
+        context["security_txt_path"] = abs_url(reverse("well-known-security"))
+        context["security_email"] = settings.DF_SITE_SECURITY_EMAIL
+        context["security_language_code"] = settings.DF_SITE_SECURITY_LANGUAGE_CODE
+        gpg_key = None
+        if settings.DF_SITE_SECURITY_GPG_CONTENT:
+            gpg_key = abs_url(reverse("well-known-gpg"))
+        context["security_gpg_key"] = gpg_key
+        now = datetime.datetime.now(tz=datetime.UTC)
+        now = now - datetime.timedelta(microseconds=now.microsecond)
+        context["security_expires"] = now + datetime.timedelta(days=30)
+        return context
+
+
+class HumansTxtView(TemplateView):
+    """View for the ./well-known/humans.txt file."""
+
+    template_name = "df_site/humans.txt"
+    content_type = "plain/text"
+
+    def get_context_data(self, **kwargs):
+        """Return the context data for the view."""
+        context = super().get_context_data(**kwargs)
+        now = datetime.datetime.now(tz=datetime.UTC)
+        now = now - datetime.timedelta(microseconds=now.microsecond)
+        context["humans_description"] = settings.DF_SITE_DESCRIPTION
+        context["humans_social_networks"] = settings.DF_SITE_SOCIAL_NETWORKS
+        context["humans_keywords"] = settings.DF_SITE_KEYWORDS
+        context["humans_update"] = now
+        return context
+
+
+def thumbnail_view(request: HttpRequest, path: str) -> HttpResponse:
+    """Return a thumbnail image."""
+    img = CachedImage.from_target_path(path)
+    if not img.src_storage_obj.exists(path):
+        img.process()
+    return serve(request, path=path, document_root=settings.STATIC_ROOT)
+
+
+#