from django.shortcuts import render, redirect from django.contrib.auth.decorators import login_required from django.contrib import messages from django.contrib.auth import get_user_model from django.http import JsonResponse from .forms import ( ProfileFullEditForm, PasswordChangeStep1Form, PasswordChangeStep2Form, PasswordResetStep1Form, PasswordChangeLoggedInForm, ForcePasswordSetForm ) from B_main.models import Person import random User = get_user_model() @login_required def profile_edit(request): """프로필 편집 뷰""" # 현재 사용자의 Person 인스턴스 가져오기 try: person = Person.objects.get(user=request.user) except Person.DoesNotExist: # Person 인스턴스가 없으면 새로 생성 person = Person.objects.create(user=request.user) if request.method == 'POST': form = ProfileFullEditForm(request.POST, request.FILES, user=request.user, instance=person) if form.is_valid(): form.save() messages.success(request, '프로필이 성공적으로 업데이트되었습니다.') return redirect('accounts:custom_profile_edit') else: form = ProfileFullEditForm(user=request.user, instance=person) return render(request, 'C_accounts/profile_edit.html', {'form': form}) @login_required def password_change(request): """비밀번호 변경 뷰 (2단계 프로세스)""" # 세션 초기화 if 'password_change_step' not in request.session: request.session['password_change_step'] = 1 request.session['password_change_code'] = None request.session['password_change_phone'] = None request.session['password_change_verified'] = False step = request.session.get('password_change_step', 1) code_sent = request.session.get('password_change_code') is not None verified = request.session.get('password_change_verified', False) phone = request.session.get('password_change_phone') error = None message = None if step == 1: if request.method == 'POST': action = request.POST.get('action') if action == 'send_code': form1 = PasswordChangeStep1Form(request.POST, user=request.user) if form1.is_valid(): phone = form1.cleaned_data['phone'] # 인증번호 생성 (실제로는 SMS 발송) verification_code = str(random.randint(100000, 999999)) print(f"[DEBUG] 인증번호: {verification_code}") # 실제로는 SMS 발송 request.session['password_change_code'] = verification_code request.session['password_change_phone'] = phone request.session['password_change_step'] = 1 message = '인증번호가 발송되었습니다.' code_sent = True else: error = '전화번호를 확인해주세요.' elif action == 'verify_code': form1 = PasswordChangeStep1Form(request.POST, user=request.user) if form1.is_valid(): input_code = form1.cleaned_data['verification_code'] stored_code = request.session.get('password_change_code') if input_code == stored_code: request.session['password_change_verified'] = True request.session['password_change_step'] = 2 return redirect('accounts:password_change') else: error = '인증번호가 일치하지 않습니다.' else: error = '인증번호를 확인해주세요.' else: form1 = PasswordChangeStep1Form(user=request.user) return render(request, 'C_accounts/password_change.html', { 'step': 1, 'form1': form1, 'code_sent': code_sent, 'error': error, 'message': message }) elif step == 2 and verified and phone: if request.method == 'POST': form2 = PasswordChangeStep2Form(request.POST) if form2.is_valid(): new_password = form2.cleaned_data['new_password1'] request.user.set_password(new_password) request.user.save() # 세션 정리 del request.session['password_change_step'] del request.session['password_change_code'] del request.session['password_change_phone'] del request.session['password_change_verified'] messages.success(request, '비밀번호가 성공적으로 변경되었습니다.') return redirect('accounts:custom_profile_edit') else: return render(request, 'C_accounts/password_change.html', { 'step': 2, 'form2': form2, 'phone': phone }) else: form2 = PasswordChangeStep2Form() return render(request, 'C_accounts/password_change.html', { 'step': 2, 'form2': form2, 'phone': phone }) # 기본: 1단계로 초기화 request.session['password_change_step'] = 1 request.session['password_change_verified'] = False return redirect('accounts:password_change') # 모드1: 비밀번호 찾기 (로그인하지 않은 상태) def password_reset(request): """비밀번호 찾기 뷰""" # 세션 초기화 if 'password_reset_step' not in request.session: request.session['password_reset_step'] = 1 request.session['password_reset_code'] = None request.session['password_reset_phone'] = None request.session['password_reset_verified'] = False step = request.session.get('password_reset_step', 1) code_sent = request.session.get('password_reset_code') is not None verified = request.session.get('password_reset_verified', False) phone = request.session.get('password_reset_phone') error = None message = None if step == 1: if request.method == 'POST': action = request.POST.get('action') if action == 'send_code': form1 = PasswordResetStep1Form(request.POST) if form1.is_valid(): phone = form1.cleaned_data['phone'] # 인증번호 생성 (실제로는 SMS 발송) verification_code = str(random.randint(100000, 999999)) print(f"[DEBUG] 비밀번호 찾기 인증번호: {verification_code}") # 실제로는 SMS 발송 request.session['password_reset_code'] = verification_code request.session['password_reset_phone'] = phone request.session['password_reset_step'] = 1 message = '인증번호가 발송되었습니다.' code_sent = True else: error = '전화번호를 확인해주세요.' elif action == 'verify_code': form1 = PasswordResetStep1Form(request.POST) if form1.is_valid(): input_code = form1.cleaned_data['verification_code'] stored_code = request.session.get('password_reset_code') if input_code == stored_code: request.session['password_reset_verified'] = True request.session['password_reset_step'] = 2 return redirect('accounts:password_reset') else: error = '인증번호가 일치하지 않습니다.' else: error = '인증번호를 확인해주세요.' else: form1 = PasswordResetStep1Form() return render(request, 'C_accounts/password_reset.html', { 'step': 1, 'form1': form1, 'code_sent': code_sent, 'error': error, 'message': message }) elif step == 2 and verified and phone: if request.method == 'POST': form2 = ForcePasswordSetForm(request.POST) if form2.is_valid(): new_password = form2.cleaned_data['new_password1'] # 해당 전화번호의 사용자 찾기 try: user = User.objects.get(username=phone) user.set_password(new_password) user.save() # 세션 정리 del request.session['password_reset_step'] del request.session['password_reset_code'] del request.session['password_reset_phone'] del request.session['password_reset_verified'] messages.success(request, '비밀번호가 성공적으로 재설정되었습니다. 새 비밀번호로 로그인해주세요.') return redirect('account_login') except User.DoesNotExist: error = '사용자를 찾을 수 없습니다.' else: return render(request, 'C_accounts/password_reset.html', { 'step': 2, 'form2': form2, 'phone': phone }) else: form2 = ForcePasswordSetForm() return render(request, 'C_accounts/password_reset.html', { 'step': 2, 'form2': form2, 'phone': phone }) # 기본: 1단계로 초기화 request.session['password_reset_step'] = 1 request.session['password_reset_verified'] = False return redirect('accounts:password_reset') # 모드2: 로그인 상태에서 비밀번호 변경 @login_required def password_change_logged_in(request): """로그인 상태에서 비밀번호 변경 뷰""" if request.method == 'POST': form = PasswordChangeLoggedInForm(request.POST, user=request.user) if form.is_valid(): new_password = form.cleaned_data['new_password1'] request.user.set_password(new_password) request.user.save() messages.success(request, '비밀번호가 성공적으로 변경되었습니다.') return redirect('accounts:custom_profile_edit') else: form = PasswordChangeLoggedInForm(user=request.user) return render(request, 'C_accounts/password_change_logged_in.html', {'form': form}) # 모드3: 강제 비밀번호 설정 @login_required def force_password_set(request): """강제 비밀번호 설정 뷰""" # 현재 사용자의 Person 인스턴스 확인 try: person = Person.objects.get(user=request.user) if not person.비밀번호설정필요: return redirect('main') except Person.DoesNotExist: return redirect('main') if request.method == 'POST': form = ForcePasswordSetForm(request.POST) if form.is_valid(): new_password = form.cleaned_data['new_password1'] request.user.set_password(new_password) request.user.save() # 비밀번호 설정 필요 플래그 해제 person.비밀번호설정필요 = False person.save() # 로그아웃 처리 from django.contrib.auth import logout logout(request) # 로그아웃 후 세션에 메시지 저장 (로그인 페이지에서 표시) request.session['password_set_message'] = '비밀번호가 성공적으로 설정되었습니다. 새 비밀번호로 로그인해주세요.' return redirect('account_login') else: form = ForcePasswordSetForm() return render(request, 'C_accounts/force_password_set.html', {'form': form})