malpliigas rendimento-mezuradon far Sentry por neensalutintaj uzantoj…

… (ref 1f135f8)

core/urls.py

@@ -1,6 +1,5 @@
-from django.conf import settings
 from django.contrib.auth.views import (
-    LogoutView, PasswordResetCompleteView, PasswordResetDoneView,
+    PasswordResetCompleteView, PasswordResetDoneView,
 )
 from django.urls import include, path, re_path
 from django.utils.translation import pgettext_lazy
@@ -9,7 +8,8 @@
 from .forms import SystemPasswordResetForm, SystemPasswordResetRequestForm
 
 from .views import (  # isort:skip
-    HomeView, RegisterView, LoginView, AccountRestoreRequestView,
+    HomeView,
+    RegisterView, LoginView, AccountRestoreRequestView, LogoutView,
     PasswordResetView, PasswordResetConfirmView,
     UsernameRemindView, UsernameRemindDoneView,
     AgreementView, AgreementRejectView,
@@ -36,10 +36,7 @@
         AccountRestoreRequestView.as_view(), name='login_restore'),
     path(
         pgettext_lazy("URL", 'logout/'),
-        LogoutView.as_view(
-            redirect_field_name=settings.REDIRECT_FIELD_NAME,
-        ),
-        name='logout'),
+        LogoutView.as_view(), name='logout'),
 
     path(
         pgettext_lazy("URL", 'agreement/'), include([

core/views.py

@@ -9,7 +9,7 @@
 from django.contrib import messages
 from django.contrib.auth import authenticate, get_user_model, login, logout
 from django.contrib.auth.views import (
-    LoginView as LoginBuiltinView,
+    LoginView as LoginBuiltinView, LogoutView as LogoutBuiltinView,
     PasswordChangeDoneView as PasswordChangeDoneBuiltinView,
     PasswordChangeView as PasswordChangeBuiltinView,
     PasswordResetConfirmView as PasswordResetConfirmBuiltinView,
@@ -128,6 +128,42 @@ def get_redirect_url(self):
         else:
             return redirect_to
 
+    def render_to_response(self, context, **response_kwargs) -> HttpResponse:
+        # The view is rendered, which means that the user is not logged in.
+        response = super().render_to_response(context, **response_kwargs)
+        response.delete_cookie(
+            'seen_at',
+            domain=settings.SESSION_COOKIE_DOMAIN, path=settings.SESSION_COOKIE_PATH,
+        )
+        return response
+
+    def form_valid(self, form) -> HttpResponse:
+        # User successfully logged in.
+        response = super().form_valid(form)
+        response.set_cookie(
+            'seen_at', str(int(datetime.now().timestamp())),
+            max_age=(
+                settings.SESSION_COOKIE_AGE
+                if not settings.SESSION_EXPIRE_AT_BROWSER_CLOSE
+                else None
+            ),
+            domain=settings.SESSION_COOKIE_DOMAIN, path=settings.SESSION_COOKIE_PATH,
+            secure=settings.SESSION_COOKIE_SECURE, httponly=True, samesite='Lax',
+        )
+        return response
+
+
+class LogoutView(LogoutBuiltinView):
+    redirect_field_name = settings.REDIRECT_FIELD_NAME
+
+    def dispatch(self, request, *args, **kwargs):
+        response = super().dispatch(request, *args, **kwargs)
+        response.delete_cookie(
+            'seen_at',
+            domain=settings.SESSION_COOKIE_DOMAIN, path=settings.SESSION_COOKIE_PATH,
+        )
+        return response
+
 
 class RegisterView(generic.CreateView):
     model = User

pasportaservo/settings/sentry.py

@@ -38,25 +38,31 @@ class TracesSampler:
         + r'|facebookexternalhit|feedfetcher|feedburner',
         re.IGNORECASE
     )
+    authenticated_user_cookie_re = re.compile(r'\bseen_at=[A-Za-z0-9]')
 
     def __call__(self, sampling_context: SamplingContext) -> float:
         if sampling_context['parent_sampled'] is not None:
             return sampling_context['parent_sampled']
 
-        request_info = (
+        request_info: tuple[str, str] = (
             sampling_context['wsgi_environ'].get('PATH_INFO', ''),
             sampling_context['wsgi_environ'].get('REQUEST_METHOD'),
         )
 
         bot_match = re.search(
             self.robot_crawler_re,
             sampling_context['wsgi_environ'].get('HTTP_USER_AGENT', ''))
-        if bot_match or request_info[0].startswith((STATIC_URL, MEDIA_URL)):
+        if (
+            bot_match
+            or request_info[0].startswith((STATIC_URL, MEDIA_URL))
+            or not request_info[0].endswith('/')
+        ):
             return 0
 
         if not hasattr(self, 'paths'):
             self.configure_paths()
         sampling_rate = 0
+        reduced_sampling_if_anonymous = False
 
         match request_info:
             case (path, method) \
@@ -65,13 +71,22 @@ def __call__(self, sampling_context: SamplingContext) -> float:
             case (path, _) \
                     if path.startswith(self.paths['exploration']):
                 sampling_rate = 0.75
+                reduced_sampling_if_anonymous = True
             case (path, method) \
                     if path.startswith(self.paths['interesting']):
                 sampling_rate = 0.50 if method == 'POST' else 0.40
+                reduced_sampling_if_anonymous = True
             case (path, _) \
                     if path.startswith(self.paths['action_link']):
                 sampling_rate = 1.00
 
+        if reduced_sampling_if_anonymous and sampling_rate > 0:
+            user_match = re.search(
+                self.authenticated_user_cookie_re,
+                sampling_context['wsgi_environ'].get('HTTP_COOKIE', ''))
+            if not user_match:
+                sampling_rate *= 0.25
+
         return sampling_rate
 
     def trim_path(self, path: str) -> str:

tests/views/mixins.py

@@ -18,6 +18,7 @@ def test_view_form(self):
                     self,
                     user=self.user if self.view_page.redirects_unauthenticated else None,
                     reuse_for_lang=lang)
+                assert 'object' in page.form
                 # Verify that the expected form class is in use on the view.
                 self.assertIsNotNone(page.form['object'])
                 self.assertIsInstance(page.form['object'], page.form_class)

tests/views/pages/__init__.py

@@ -1,4 +1,4 @@
-from .account import AccountSettingsPage, RegisterPage
+from .account import AccountSettingsPage, LoginPage, RegisterPage
 from .admin import MassMailPage, MassMailResultPage
 from .general import (
     AboutPage, FAQPage, HomePage, OkayPage, PrivacyPage, TCPage,

tests/views/pages/account.py

@@ -5,8 +5,8 @@
 from lxml.html import HtmlElement
 from pyquery import PyQuery
 
-from core.forms import UserRegistrationForm
-from core.views import AccountSettingsView, RegisterView
+from core.forms import UserAuthenticationForm, UserRegistrationForm
+from core.views import AccountSettingsView, LoginView, RegisterView
 
 from .base import PageTemplate, PageWithFormTemplate
 
@@ -35,6 +35,30 @@ class RegisterPage(PageWithFormTemplate):
     }
 
 
+class LoginPage(PageWithFormTemplate):
+    view_class = LoginView
+    form_class = UserAuthenticationForm
+    url = reverse_lazy('login')
+    explicit_url = {
+        'en': '/login/',
+        'eo': '/ensaluti/',
+    }
+    template = 'registration/login.html'
+    title = {
+        'en': "Log in & Find accommodation | Pasporta Servo",
+        'eo': "Ensalutu & Trovu loĝejon | Pasporta Servo",
+    }
+    redirects_unauthenticated = False
+    redirects_logged_in = True
+    form = {
+        'selector': ".login",
+        'title': {
+            'en': "Log In",
+            'eo': "Ensaluto",
+        },
+    }
+
+
 class AccountSettingsPage(PageTemplate):
     view_class = AccountSettingsView
     url = reverse_lazy('account_settings')

tests/views/pages/base.py

@@ -222,7 +222,7 @@ class _RenderedFormDefinitionBase(TypedDict):
         title: dict[str, str]
 
     class RenderedFormDefinition(_RenderedFormDefinitionBase, total=False):
-        object: type[Form] | type[ModelForm] | None
+        object: Form | ModelForm | None
 
     form_class: type[Form] | type[ModelForm]
     form: RenderedFormDefinition = {