Merge pull request #984 from CodingPirates/redirect-user-after-creation

Redirect efter bruger oprettelse
CodingPirates · Nov 19, 2023 · 91326e9 · 91326e9
2 parents b5c6526 + 795ce51
commit 91326e9
Show file tree

Hide file tree

Showing 7 changed files with 66 additions and 20 deletions.
diff --git a/members/forms/signup_form.py b/members/forms/signup_form.py
@@ -9,14 +9,20 @@
 
 
 class signupForm(forms.Form):
-    def __init__(self, *args, **kwargs):
+    def __init__(self, next_url=None, *args, **kwargs):
+        """
+        Args:
+            next_url (str): Optional url that user will be redirected to after account creation and login.
+                            Note: The user still needs to login, but will then be redirected to this url.
+        """
         super(signupForm, self).__init__(*args, **kwargs)
         self.helper = FormHelper()
         self.helper.form_method = "post"
         self.helper.form_action = "account_create"
         self.helper.html5_required = True
         self.helper.layout = Layout(
             Hidden("form_id", "signup", id="id_form_id"),
+            Hidden("next", next_url if next_url is not None else "", id="id_next"),
             Fieldset(
                 "Barnets oplysninger",
                 Div(

diff --git a/members/templates/members/activity_signup.html b/members/templates/members/activity_signup.html
@@ -90,7 +90,7 @@ <h1>{{activity.department.name}}: <small>{{activity.name}}</small></h1>
           <hr>
           <a href="{% url 'person_login' %}?next={{request.path}}">Log ind</a>
           eller
-          <a href="{% url 'account_create' %}">tilmeld dit barn</a>
+          <a href="{% url 'account_create' %}?next={{request.path}}">tilmeld dit barn</a>
           for at tilmelde dig denne aktivitet.
         {% else %}
           {% if signup_closed %}

diff --git a/members/templates/members/user_created.html b/members/templates/members/user_created.html
@@ -27,6 +27,10 @@ <h4>Coding Pirates Facebook</h4>
         </div>
 
         <hr />
+        {% if next_url %}
+        <a class="btn btn-primary" href="{% url 'person_login' %}?next={{next_url}}">Gå til log ind →</a>
+        {% else %}
         <a class="btn btn-primary" href="{% url 'person_login' %}">Gå til log ind →</a>
+        {% endif %}
       </div>
 {% endblock %}
diff --git a/members/tests/test_functional/test_account_create.py b/members/tests/test_functional/test_account_create.py
@@ -36,10 +36,21 @@ def tearDown(self):
         self.browser.save_screenshot("test-screens/sign_up_screen_final.png")
         self.browser.quit()
 
-    def test_account_create(self):
+    def create_account_ui_flow(self, next_url=None):
+        """
+        Test the account creation flow in UI.
+
+        Args:
+            next (str): Optional url that will be redirected to after account creation.
+        """
         # Loads the front page
         self.browser.maximize_window()
-        self.browser.get(f"{self.live_server_url}/account/create")
+
+        if next_url is None or next_url == "":
+            self.browser.get(f"{self.live_server_url}/account/create")
+        else:
+            self.browser.get(f"{self.live_server_url}/account/create?next={next_url}")
+
         self.assertEqual("Coding Pirates Medlemssystem", self.browser.title)
         self.browser.save_screenshot("test-screens/sign_up_screen_1.png")
 
@@ -129,9 +140,8 @@ def test_account_create(self):
         field.send_keys(Keys.TAB)
         field.send_keys(Keys.ENTER)
         self.browser.save_screenshot("test-screens/sign_up_screen_4.png")
-        # Check that redirect
-        self.assertEqual(self.browser.current_url.split("/")[-2], "user_created")
 
+    def login_and_assert_frontpage_redirect_ui_flow(self):
         # Go to login page,
         self.browser.find_elements(
             By.XPATH, "//*[text()[contains(.,'Gå til log ind')]]"
@@ -148,3 +158,24 @@ def test_account_create(self):
 
         # Check that we were redirectet to front page
         self.assertEqual(f"{self.live_server_url}/", self.browser.current_url)
+
+    def test_account_create_without_redirect(self):
+        self.create_account_ui_flow()
+
+        # Check that we were redirected to default 'user_created' page, since no redirect url was given
+        self.assertTrue(
+            self.browser.current_url.endswith("user_created/"),
+            f"After creating account without redirect url, expected '{self.browser.current_url}' to end with default 'user_created/'",
+        )
+
+        self.login_and_assert_frontpage_redirect_ui_flow()
+
+    def test_account_create_with_redirection(self):
+        next_url = "/redirect/url/"
+        self.create_account_ui_flow(next_url=next_url)
+
+        # Check that we were redirected to expected page
+        self.assertTrue(
+            self.browser.current_url.endswith(next_url),
+            f"'{self.browser.current_url}' doesn't end with '{next_url}'",
+        )
diff --git a/members/views/AccountCreate.py b/members/views/AccountCreate.py
@@ -12,10 +12,14 @@
 @xframe_options_exempt
 def AccountCreate(request):
     if request.method == "POST":
+        # support redirecting to specific page after signup
+        # this uses `next` parameter, similar to https://docs.djangoproject.com/en/4.2/topics/auth/default/#the-login-required-decorator
+        next_url = request.POST["next"]
+
         # figure out which form was filled out.
         if request.POST["form_id"] == "signup":
             # signup has been filled
-            signup = signupForm(request.POST)
+            signup = signupForm(next_url, request.POST)
             if signup.is_valid():
                 # check if passwords match
                 if signup.cleaned_data["password1"] != signup.cleaned_data["password2"]:
@@ -103,13 +107,21 @@ def AccountCreate(request):
                 child.save()
 
                 # redirect to success
-                request.session["password"] = password
-                return HttpResponseRedirect(reverse("user_created"))
+                if next_url and next_url != "":
+                    return HttpResponseRedirect(
+                        f"{reverse('user_created')}?next={next_url}"
+                    )
+                else:
+                    return HttpResponseRedirect(reverse("user_created"))
             else:
                 return render(
                     request, "members/account_create.html", {"signupform": signup}
                 )
 
     # initial load (if we did not return above)
-    signup = signupForm()
+    signup = (
+        signupForm(next_url=request.GET["next"])
+        if "next" in request.GET
+        else signupForm()
+    )
     return render(request, "members/account_create.html", {"signupform": signup})
diff --git a/members/views/userCreated.py b/members/views/userCreated.py
@@ -1,15 +1,9 @@
 from django.shortcuts import render
 from django.views.decorators.clickjacking import xframe_options_exempt
-from django.http import HttpResponse
 
 
 @xframe_options_exempt
 def userCreated(request):
-    if "password" in request.session:
-        password = request.session.get("password")
-        del request.session["password"]
-    else:
-        return HttpResponse(
-            "Du kan ikke tilgå adressen direkte. Du skal oprette en bruger for at komme hertil."
-        )
-    return render(request, "members/user_created.html", {"password": password})
+    next_url = request.GET["next"] if "next" in request.GET else None
+
+    return render(request, "members/user_created.html", {"next_url": next_url})
diff --git a/members/views/volunteerSignup.py b/members/views/volunteerSignup.py
@@ -99,7 +99,6 @@ def volunteerSignup(request):
                 # department.new_volunteer_email(vol_signup.cleaned_data['volunteer_name'])
 
                 # redirect to success
-                request.session["password"] = password
                 return HttpResponseRedirect(reverse("user_created"))
             else:
                 return render(