django_webapps_fullstack.account.views¶
This module implements the complete user authentication and account management workflow for the dingx logistics platform. It handles user registration, activation, login, password management (recovery and change), and session management, all integrated with the Odoo ERP backend via XMLRPC.
Business Context:
The account app is the entry point for all user interactions with the dingx platform. Users must create an account and authenticate to access the logistics dashboard where they manage their physical belongings. The system ensures secure user onboarding with email verification and provides self-service password management to maintain user autonomy.
Key Business Workflows:
User Authentication:
login(): Login with username and password validated against OdooSession created with user credentials (user_id, name, login, email, partner_id, language)
Successful login redirects to dashboard overview
Failed login shows validation error
logout(): User logout clears session and cache (session data includes: user_id, name, login, email, partner_id, language; cache cleared per partner_id for data consistency)
User Registration & Activation:
register(): New users register with name, email, login, and passwordSystem validates uniqueness against Odoo database
Activation email sent with unique token
register_done(): Registration confirmation pageuser_activate(): User clicks activation link to verify email and activate accountuser_activate_done(): Account activation success pageuser_activate_fail(): Account activation failure page
Password Recovery:
password_recovery(): User requests password reset via emailReset token generated and sent via email
System maintains security by not revealing if email exists
password_recovery_done(): Reset email sent confirmation pagereset(): Click on reset link validates tokenpassword_renew(): User sets new password after resetpassword_renew_done(): Password reset success pagepassword_renew_fail(): Password reset failure page
Password Change:
password_change(): Authenticated users can change their passwordCurrent password validation required
New password confirmation enforced
Updates synchronized with Odoo database
password_change_done(): Password change success page
Security Features:
Email-based account activation
Token-based password reset
Session-based authentication
Current password validation for password changes
No information disclosure about email existence
Cache invalidation on logout
Integration:
All views communicate with the Odoo ERP backend via XMLRPC through the account forms, ensuring centralized user management and data consistency across the dingx ecosystem.
Email Notifications:
Account activation link (user_activate)
Password reset link (password_recovery)
All emails configured via Django settings.DEFAULT_FROM_EMAIL
Functions
|
Check the credentials of a user. |
|
Logout of the user including deleting the session key, so that the user is no longer logged into Odoo system. |
|
Change the password of the user. |
|
Send a validation page that the password change is finished. |
|
If a valid email has been submitted, an email with the reset link will be send. |
|
Send a validation page that the recovery of the password is finished. |
|
Renew the password of the user. |
|
Send a validation page that the password renew is finished. |
|
Send a message page that the password renew has failed. |
|
Register the user. |
|
Send a validation page that the register of the account is finished. |
|
If a valid password reset link is submitted in the URL, the token will be updated and a new password can be choosen in the "password_renew" template. |
|
If a valid user activate link is submitted in the URL, the token will be updated and the user account is active. |
|
Send a validation page that the activation of the account is finished. |
|
Send a message page that the activation of the account is failed. |
- django_webapps_fullstack.account.views.login(request)[source]¶
Check the credentials of a user. The user will be logged in if the credentials are valid. Otherwise the “login” form will be reloaded.
- django_webapps_fullstack.account.views.logout(request)[source]¶
Logout of the user including deleting the session key, so that the user is no longer logged into Odoo system.
- django_webapps_fullstack.account.views.password_change(request)[source]¶
Change the password of the user.
- django_webapps_fullstack.account.views.password_change_done(request)[source]¶
Send a validation page that the password change is finished.
- django_webapps_fullstack.account.views.password_recovery(request)[source]¶
If a valid email has been submitted, an email with the reset link will be send.
- django_webapps_fullstack.account.views.password_recovery_done(request)[source]¶
Send a validation page that the recovery of the password is finished.
- django_webapps_fullstack.account.views.password_renew(request)[source]¶
Renew the password of the user.
- django_webapps_fullstack.account.views.password_renew_done(request)[source]¶
Send a validation page that the password renew is finished.
- django_webapps_fullstack.account.views.password_renew_fail(request)[source]¶
Send a message page that the password renew has failed.
- django_webapps_fullstack.account.views.register(request)[source]¶
Register the user. If successful, an activate mail will be sent.
- django_webapps_fullstack.account.views.register_done(request)[source]¶
Send a validation page that the register of the account is finished.
- django_webapps_fullstack.account.views.reset(request, reset_token)[source]¶
If a valid password reset link is submitted in the URL, the token will be updated and a new password can be choosen in the “password_renew” template.
- django_webapps_fullstack.account.views.user_activate(request, activate_token)[source]¶
If a valid user activate link is submitted in the URL, the token will be updated and the user account is active.