From 93b3c87f6d28eb2748720db6311804ffce5c11e9 Mon Sep 17 00:00:00 2001 From: Denis Tereshkin Date: Wed, 29 Mar 2017 22:11:08 +0700 Subject: [PATCH] Authentication --- forms.py | 7 ++-- templates/dashboard/base.html | 7 +++- templates/dashboard/login.html | 14 ++++++++ urls.py | 2 ++ views.py | 66 ++++++++++++++++++++++++++++++---- 5 files changed, 86 insertions(+), 10 deletions(-) create mode 100644 templates/dashboard/login.html diff --git a/forms.py b/forms.py index 584eab5..667a3b5 100644 --- a/forms.py +++ b/forms.py @@ -7,7 +7,11 @@ def get_all_accounts_and_strategies(): for trade in ClosedTrade.objects.all(): all_accounts.add(trade.account) all_strategies.add(trade.strategyId) - return (all_accounts, all_strategies) + return (all_accounts, all_strategies) + +class LoginForm(forms.Form): + username = forms.CharField(max_length=64) + password = forms.CharField(widget=forms.PasswordInput) class NewTradeForm(forms.Form): timestamp = forms.DateTimeField() @@ -28,4 +32,3 @@ class ClosedTradeFilterForm(forms.Form): all_accounts, all_strategies = get_all_accounts_and_strategies() self.fields['accounts'] = forms.MultipleChoiceField(choices=zip(list(all_accounts), list(all_accounts)), required=False) self.fields['strategies'] = forms.MultipleChoiceField(choices=zip(list(all_strategies), list(all_strategies)), required=False) - diff --git a/templates/dashboard/base.html b/templates/dashboard/base.html index c044548..63052b4 100644 --- a/templates/dashboard/base.html +++ b/templates/dashboard/base.html @@ -19,6 +19,12 @@
  • Trades
  • Closed
    • + {% bootstrap_messages %} @@ -28,4 +34,3 @@ - diff --git a/templates/dashboard/login.html b/templates/dashboard/login.html new file mode 100644 index 0000000..8794f50 --- /dev/null +++ b/templates/dashboard/login.html @@ -0,0 +1,14 @@ +{% extends "dashboard/base.html" %} +{% load static %} +{% load bootstrap3 %} + +{% block content %} + +
    +{% csrf_token %} + +{% bootstrap_form login_form %} +{% bootstrap_button button_type='submit' content='Submit' %} +
    + +{% endblock %} diff --git a/urls.py b/urls.py index e3d975e..ad8021e 100644 --- a/urls.py +++ b/urls.py @@ -5,6 +5,8 @@ from . import views urlpatterns = [ url(r'^$', views.overview, name='overview'), + url(r'^login$', views.login_view, name='login'), + url(r'^logout$', views.logout_view, name='logout'), url(r'^add_instance$', views.add_instance, name='add_instance'), url(r'^delete_instance/(?P[^/]+)$', views.delete_instance, name='delete_instance'), url(r'^trades/$', views.trades_index, name='trades_index'), diff --git a/views.py b/views.py index d7f3dca..d15be5b 100644 --- a/views.py +++ b/views.py @@ -4,14 +4,56 @@ from django.template import loader from django.shortcuts import render, get_object_or_404 from django.urls import reverse from django.contrib import messages +from django.contrib.auth.decorators import login_required from django.db import transaction +from django.contrib.auth import authenticate, login, logout from .models import RobotInstance, Trade, ClosedTrade -from .forms import NewTradeForm, ClosedTradeFilterForm +from .forms import NewTradeForm, ClosedTradeFilterForm, LoginForm import redis import json import datetime +def login_view(request): + if request.method == 'POST': + form = LoginForm(request.POST) + nextlink = request.POST.get('next', '') + if form.is_valid(): + username = request.POST['username'] + password = request.POST['password'] + user = authenticate(username=username, password=password) + if user is not None: + login(request, user) + if nextlink == "": + return HttpResponseRedirect(reverse('overview')) + else: + return HttpResponseRedirect(nextlink) + else: + return HttpResponseRedirect(reverse('login')) + else: + template = loader.get_template('dashboard/login.html') + + context = { + 'login_form' : form, + 'next' : nextlink + } + return HttpResponse(template.render(context, request)) + else: + form = LoginForm() + template = loader.get_template('dashboard/login.html') + nextlink = request.GET.get('next', '') + context = { + 'login_form' : form, + 'next' : nextlink + } + return HttpResponse(template.render(context, request)) + raise Http404("Invalid method") + +def logout_view(request): + logout(request) + return HttpResponseRedirect(reverse('login')) + +@login_required def overview(request): r = redis.StrictRedis(unix_socket_path='/var/run/redis/redis') robot_instances = RobotInstance.objects.order_by('instanceId') @@ -55,10 +97,12 @@ def overview(request): template = loader.get_template('dashboard/overview.html') context = { 'robot_instances' : robot_instances, - 'robot_states' : robot_states + 'robot_states' : robot_states, + 'user' : request.user } return HttpResponse(template.render(context, request)) +@login_required def add_instance(request): instance_id = request.POST['instance_id'] if instance_id == "" or RobotInstance.objects.filter(instanceId=instance_id).count() > 0: @@ -68,11 +112,13 @@ def add_instance(request): new_instance.save() return HttpResponseRedirect(reverse('overview')) +@login_required def delete_instance(request, instance_id): instance = get_object_or_404(RobotInstance, instanceId=instance_id) instance.delete() return HttpResponseRedirect(reverse('overview')) +@login_required def trades_index(request): now = datetime.datetime.utcnow() new_trade_form = NewTradeForm(initial={'timestamp' : now}) @@ -80,15 +126,18 @@ def trades_index(request): template = loader.get_template('dashboard/trades.html') context = { 'trades' : trades, - 'new_trade_form' : new_trade_form + 'new_trade_form' : new_trade_form, + 'user' : request.user } return HttpResponse(template.render(context, request)) +@login_required def delete_trade(request, trade_id): trade = get_object_or_404(Trade, pk=trade_id) trade.delete() return HttpResponseRedirect(reverse('trades_index')) +@login_required def add_trade(request): if request.method == 'POST': form = NewTradeForm(request.POST) @@ -106,7 +155,8 @@ def add_trade(request): template = loader.get_template('dashboard/trades.html') context = { 'trades' : trades, - 'new_trade_form' : form + 'new_trade_form' : form, + 'user' : request.user } return HttpResponse(template.render(context, request)) raise Http404("Invalid method") @@ -143,7 +193,7 @@ def aggregate_unbalanced_trades(): balance_entry['ks'] += trade.volume / (trade.price * abs(trade.quantity)) balance_entry['ks'] /= 2 balance_entry['trade_ids'].append(trade.pk) - + print('updated: ', balance_entry['balance']) if balance_entry['balance'] == 0: balance_entry['trade'].profit *= balance_entry['ks'] @@ -178,6 +228,7 @@ def make_cumulative_profits(closed_trades): result[trade.account]['elements'].append(element) return result +@login_required def closed_trades_index(request): aggregate_unbalanced_trades() form = ClosedTradeFilterForm(request.GET) @@ -207,7 +258,8 @@ def closed_trades_index(request): context = { 'closed_trades' : closed_trades, 'closed_trades_filter_form' : form, - 'cumulative_profits' : cum_profits + 'cumulative_profits' : cum_profits, + 'user' : request.user } return HttpResponse(template.render(context, request)) @@ -215,8 +267,8 @@ def closed_trades_index(request): def do_rebalance(): ClosedTrade.objects.all().delete() Trade.objects.all().update(balanced=False) - +@login_required def rebalance_closed_trades(request): do_rebalance() return HttpResponseRedirect(reverse('closed_trades_index'))