From 219ab1a837beb3f860b3aad7ad0b22391fa48765 Mon Sep 17 00:00:00 2001
From: Giorgos Kazelidis <giorgkazelidis@gmail.com>
Date: Thu, 28 Jun 2018 22:40:40 +0300
Subject: [PATCH] - Corrected some minor display issues in login template -
 Created the DB schema/models and added Greek support to the initiated DB -
 Created a script to populate DB with test data - Implemented the
 authentication, login and logout back-ends (modified built-in auth, backends
 and middleware modules) as well as the relative front-ends (user home, admin
 home and logout templates) - Implemented some basic validation checks and
 error handling for the login form - Created custom HTTP error (400, 403, 404,
 500) templates - Added new instructions to README.md

---
 README.md                                   | 52 ++++++++---
 myprj/myprj/settings.py                     | 14 ++-
 myprj/populateDB.py                         | 29 ++++++
 myprj/usermerge/auth.py                     | 99 +++++++++++++++++++++
 myprj/usermerge/backends.py                 | 70 +++++++++++++++
 myprj/usermerge/forms.py                    | 45 ++++++++++
 myprj/usermerge/middleware.py               | 25 ++++++
 myprj/usermerge/migrations/0001_initial.py  | 63 +++++++++++++
 myprj/usermerge/models.py                   | 67 ++++++++++++++
 myprj/usermerge/templates/400.html          | 12 +++
 myprj/usermerge/templates/403.html          | 12 +++
 myprj/usermerge/templates/404.html          | 13 +++
 myprj/usermerge/templates/500.html          | 12 +++
 myprj/usermerge/templates/admin_home.html   | 11 +++
 myprj/usermerge/templates/base.html         | 45 ++++++----
 myprj/usermerge/templates/login.html        | 63 +++++++++----
 myprj/usermerge/templates/logout.html       | 11 +++
 myprj/usermerge/templates/template_refs.txt |  2 +
 myprj/usermerge/templates/user_home.html    | 11 +++
 myprj/usermerge/urls.py                     |  7 +-
 myprj/usermerge/views.py                    | 78 +++++++++++++++-
 21 files changed, 684 insertions(+), 57 deletions(-)
 create mode 100644 myprj/populateDB.py
 create mode 100644 myprj/usermerge/auth.py
 create mode 100644 myprj/usermerge/backends.py
 create mode 100644 myprj/usermerge/forms.py
 create mode 100644 myprj/usermerge/middleware.py
 create mode 100644 myprj/usermerge/migrations/0001_initial.py
 mode change 100644 => 100755 myprj/usermerge/models.py
 create mode 100644 myprj/usermerge/templates/400.html
 create mode 100644 myprj/usermerge/templates/403.html
 create mode 100644 myprj/usermerge/templates/404.html
 create mode 100644 myprj/usermerge/templates/500.html
 create mode 100644 myprj/usermerge/templates/admin_home.html
 create mode 100644 myprj/usermerge/templates/logout.html
 create mode 100644 myprj/usermerge/templates/template_refs.txt
 create mode 100644 myprj/usermerge/templates/user_home.html

diff --git a/README.md b/README.md
index 2623d91..0e18879 100644
--- a/README.md
+++ b/README.md
@@ -9,10 +9,10 @@
 
 ## DOWNLOADING THE PROJECT & SETTING UP THE ENVIRONMENT
 (A) install pip3 (`pip3 --version` to see if it is already installed):
-    
+
     sudo apt-get install python3-pip
 (B) install virtualenv (`virtualenv --version` to see if it is already installed):
-    
+
     pip3 install virtualenv
 (C\) install and configure Git [sources:  
 &nbsp; &nbsp; &nbsp; -- "How To Install Git with Apt" and "How To Set Up Git" sections of https://www.digitalocean.com/community/tutorials/how-to-install-git-on-ubuntu-16-04  
@@ -25,7 +25,9 @@
 
     git config --global user.name "YOUR_NAME"
     git config --global user.email "YOUR_EMAIL"
-(D) create a local instance of the remote repository (userbase):  
+(D) create a local instance of the remote repository (userbase) [sources:  
+&nbsp; &nbsp; &nbsp; -- https://git-scm.com/docs/git-clone  
+&nbsp; &nbsp; &nbsp; ]:  
 &nbsp; &nbsp; &nbsp; (1) navigate to Desktop:
 
     cd ~/Desktop
@@ -41,7 +43,12 @@
 &nbsp; &nbsp; &nbsp; -- end of section http://docs.python-guide.org/en/latest/dev/virtualenvs/#lower-level-virtualenv  
 &nbsp; &nbsp; &nbsp; -- https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-16-04  
 &nbsp; &nbsp; &nbsp; -- "Create a MySQL Database" section of http://www.marinamele.com/taskbuster-django-tutorial/install-and-configure-mysql-for-django  
+&nbsp; &nbsp; &nbsp; -- https://gist.github.com/hofmannsven/9164408  
 &nbsp; &nbsp; &nbsp; -- https://www.tutorialspoint.com/django/django_admin_interface.htm  
+&nbsp; &nbsp; &nbsp; -- https://docs.djangoproject.com/en/2.0/ref/django-admin/  
+&nbsp; &nbsp; &nbsp; -- https://docs.python.org/3/tutorial/interpreter.html  
+&nbsp; &nbsp; &nbsp; -- https://stackoverflow.com/questions/436198/what-is-an-alternative-to-execfile-in-python-3  
+&nbsp; &nbsp; &nbsp; -- https://docs.python.org/3.6/tutorial/inputoutput.html#reading-and-writing-files  
 &nbsp; &nbsp; &nbsp; ]:  
 &nbsp; &nbsp; &nbsp; (1) specify the full file path (/usr/bin/python3) to the installed Python version:
 
@@ -68,36 +75,53 @@
     sudo apt-get install mysql-server
     mysql_secure_installation
 &nbsp; &nbsp; &nbsp; &nbsp;(7) use the password that was set for the root user during MySQL server installation as the 'PASSWORD' value of the 'default' dictionary of the DATABASES dictionary in **~/Desktop/userbase/myprj/myprj/settings.py**  
-&nbsp; &nbsp; &nbsp; &nbsp;(8) if you have not created the project database (usermergeDB) yet, open MySQL console with root privileges (you should provide the password that was set for the root user during MySQL server installation), create the project database and exit MySQL console:
+&nbsp; &nbsp; &nbsp; &nbsp;(8) open MySQL console with root privileges:
+
+    python manage.py dbshell
+&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;ALTERNATIVELY, you could run the following command by providing the password that was set for the root user during MySQL server installation:
+
+    mysql -u root -p
+&nbsp; &nbsp; &nbsp; &nbsp;(9) if the project database (usermergeDB) has already been created (`SHOW DATABASES;` to check), delete it:
+
+    DROP DATABASE usermergeDB;
+&nbsp; &nbsp; &nbsp; &nbsp;(10) create the project database:
 
-    mysql -u root -p (ALTERNATIVELY: python manage.py dbshell)
     CREATE DATABASE usermergeDB;
+&nbsp; &nbsp; &nbsp; &nbsp;(11) exit MySQL console:
+
     EXIT;
-&nbsp; &nbsp; &nbsp; &nbsp;(9) initiate the database:
-    
+&nbsp; &nbsp; &nbsp; &nbsp;(12) initiate the database:
+
     python manage.py migrate
-&nbsp; &nbsp; &nbsp; &nbsp;(10) deactivate the virtual environment:
-    
+&nbsp; &nbsp; &nbsp; &nbsp;(13) open Python interpreter in interactive mode:
+
+    python manage.py shell
+&nbsp; &nbsp; &nbsp; &nbsp;(14) populate the database with test data, i.e. execute populateDB.py script, by typing the following line and pressing `Enter` TWICE:
+
+    with open('./populateDB.py') as popDB: exec(popDB.read())
+&nbsp; &nbsp; &nbsp; &nbsp;(15) close Python interpreter by pressing `Ctrl-D`  
+&nbsp; &nbsp; &nbsp; &nbsp;(16) deactivate the virtual environment:
+
     deactivate
 
 ## RUNNING THE PROJECT (INSIDE THE VIRTUAL ENVIRONMENT)
-(A) activate the virtual environment: 
+(A) activate the virtual environment:
 
     cd ~/Desktop/userbase
     source venv/bin/activate
 (B) navigate to the project directory (myprj):
-    
+
     cd myprj
 (C\) start the Django development server (at http://127.0.0.1:8000/):
-    
+
     python manage.py runserver
-(D) navigate to http://127.0.0.1:8000/usermerge/login/ via web browser to run the project
+(D) navigate to http://127.0.0.1:8000/usermerge/login/default/ via web browser to run the project
 
 ## STOPPING THE PROJECT (AND EXITING THE VIRTUAL ENVIRONMENT)
 (A) stop the Django development server (running at http://127.0.0.1:8000/):  
 &nbsp; &nbsp; &nbsp; &nbsp;-- return to the terminal where you have run `python manage.py runserver` and press `Ctrl-C`  
 (B) deactivate the virtual environment:
-    
+
     deactivate
 
 ## UPDATING THE PROJECT
diff --git a/myprj/myprj/settings.py b/myprj/myprj/settings.py
index 28f89be..d5eebf0 100644
--- a/myprj/myprj/settings.py
+++ b/myprj/myprj/settings.py
@@ -45,7 +45,7 @@ MIDDLEWARE = [
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'usermerge.middleware.AuthenticationMiddleware', # instead of default 'django.contrib.auth.middleware.AuthenticationMiddleware'
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
@@ -70,6 +70,10 @@ TEMPLATES = [
 
 WSGI_APPLICATION = 'myprj.wsgi.application'
 
+AUTHENTICATION_BACKENDS = ['usermerge.backends.UserBackend']
+
+LOGIN_URL = '/usermerge/login/default/'
+
 
 # Database
 # https://docs.djangoproject.com/en/2.0/ref/settings/#databases
@@ -84,8 +88,12 @@ DATABASES = {
         'HOST': '',
         'PORT': '',
         'OPTIONS': {
-            'init_command': "SET default_storage_engine=INNODB;" \
-                            "SET sql_mode='STRICT_TRANS_TABLES'",
+            'init_command': 'SET default_storage_engine = INNODB;' \
+                            "SET sql_mode = 'STRICT_TRANS_TABLES';" \
+            # greek language support
+            # https://stackoverflow.com/questions/37307146/difference-between-utf8mb4-unicode-ci-and-utf8mb4-unicode-520-ci-collations-in-m
+            # https://stackoverflow.com/questions/43644218/why-is-table-charset-set-to-utf8mb4-and-collation-to-utf8mb4-unicode-520-ci?rq=1
+                            'ALTER DATABASE usermergeDB CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci;',
         },
     }
 }
diff --git a/myprj/populateDB.py b/myprj/populateDB.py
new file mode 100644
index 0000000..6a04a70
--- /dev/null
+++ b/myprj/populateDB.py
@@ -0,0 +1,29 @@
+"""
+Populate usermergeDB (see models.py) with test data to check the correctness of the usermerge application features.
+"""
+from django.contrib.auth.hashers import make_password
+from usermerge.models import Admin, Platform, Registry, User
+
+# Populate Admin table with test admins.
+admin_hashed_password = make_password('sesame')
+admin1 = Admin.objects.create(first_name = 'Νικόλαος', last_name = 'Παπασπύρου', email = 'nikolaos@softlab.ntua.gr',
+                              username = 'nikolaos', password = admin_hashed_password)
+admin2 = Admin.objects.create(first_name = 'Ευστάθιος', last_name = 'Ζάχος', email = 'eustathios@corelab.ntua.gr',
+                              username = 'eustathios', password = admin_hashed_password)
+
+# Populate Platform table with test platforms.
+ece_ntua = Platform.objects.create(name = 'ECE-NTUA')
+novice = Platform.objects.create(name = 'Novice')
+grader = Platform.objects.create(name = 'Grader')
+moodle = Platform.objects.create(name = 'Moodle')
+plgrader = Platform.objects.create(name = 'PLgrader')
+
+# Populate User table with test users.
+user1 = User.objects.create(first_name = 'Γεώργιος', last_name = 'Καζελίδης', ece_id = '03199999',
+                            email = 'gkazelid@undergraduate.ece.ntua.gr')
+user2 = User.objects.create()
+
+# Populate Registry table with test registries.
+user_hashed_password = make_password('password')
+registry1 = Registry.objects.create(user = user1, platform = novice, username = 'pi99b999', password = user_hashed_password)
+registry2 = Registry.objects.create(user = user2, platform = moodle, username = 'moodler', password = user_hashed_password)
diff --git a/myprj/usermerge/auth.py b/myprj/usermerge/auth.py
new file mode 100644
index 0000000..e1d1512
--- /dev/null
+++ b/myprj/usermerge/auth.py
@@ -0,0 +1,99 @@
+"""
+Modified version of django.contrib.auth module (https://docs.djangoproject.com/en/2.0/_modules/django/contrib/auth/).
+"""
+from django.apps import apps as django_apps
+from django.conf import settings
+from django.contrib.auth import _get_backends, load_backend
+from django.contrib.auth.signals import user_logged_in
+from django.middleware.csrf import rotate_token
+from django.utils.crypto import constant_time_compare
+
+BACKEND_SESSION_KEY = '_auth_user_backend'
+CLASS_SESSION_KEY = '_auth_user_class'
+HASH_SESSION_KEY = '_auth_user_hash'
+SESSION_KEY = '_auth_user_id'
+
+def get_user_model(user_class):
+    """
+    Return the user model (User/Admin from usermerge.models - see models.py) that is active in the session.
+    """
+    # user_class is either 'usermerge.User' or 'usermerge.Admin' (the format should necessarily be 'app_label.model_name').
+    return django_apps.get_model(user_class, require_ready = False)
+
+def _get_user_session_key(request):
+    # This value in the session is always serialized to a string, so we need
+    # to convert it back to Python whenever we access it.
+    return get_user_model(request.session[CLASS_SESSION_KEY])._meta.pk.to_python(request.session[SESSION_KEY])
+
+def login(request, user, backend = None):
+    """
+    Persist a user id and a backend in the request. This way a user doesn't
+    have to reauthenticate on every request. Note that data set during
+    the anonymous session is retained when the user logs in.
+    """
+    session_auth_hash = ''
+    if user is None:
+        user = request.user
+    if hasattr(user, 'get_session_auth_hash'):
+        session_auth_hash = user.get_session_auth_hash()
+    if SESSION_KEY in request.session:
+        if _get_user_session_key(request) != user.pk or (
+                session_auth_hash and
+                not constant_time_compare(request.session.get(HASH_SESSION_KEY, ''), session_auth_hash)):
+            # To avoid reusing another user's session, create a new, empty
+            # session if the existing session corresponds to a different
+            # authenticated user.
+            request.session.flush()
+    else:
+        request.session.cycle_key()
+    try:
+        backend = backend or user.backend
+    except AttributeError:
+        backends = _get_backends(return_tuples = True)
+        if len(backends) == 1:
+            _, backend = backends[0]
+        else:
+            raise ValueError(
+                'You have multiple authentication backends configured and '
+                'therefore must provide the `backend` argument or set the '
+                '`backend` attribute on the user.'
+            )
+    request.session[SESSION_KEY] = user._meta.pk.value_to_string(user)
+    # The value of CLASS_SESSION_KEY is needed to clarify if the authenticated user
+    # is a User ('usermerge.User') or an Admin ('usermerge.Admin').
+    request.session[CLASS_SESSION_KEY] = str(user.__class__).replace('.models', '').split("'")[1]
+    request.session[BACKEND_SESSION_KEY] = backend
+    request.session[HASH_SESSION_KEY] = session_auth_hash
+    if hasattr(request, 'user'):
+        request.user = user
+    rotate_token(request)
+    user_logged_in.send(sender = user.__class__, request = request, user = user)
+
+def get_user(request):
+    """
+    Return the user model instance associated with the given request session.
+    If no user is retrieved, return an instance of `AnonymousUser`.
+    """
+    from django.contrib.auth.models import AnonymousUser
+    user = None
+    try:
+        user_id = _get_user_session_key(request)
+        backend_path = request.session[BACKEND_SESSION_KEY]
+    except KeyError:
+        pass
+    else:
+        if backend_path in settings.AUTHENTICATION_BACKENDS:
+            backend = load_backend(backend_path)
+            user = backend.get_user(request.session[CLASS_SESSION_KEY], user_id)
+            # Verify the session.
+            if hasattr(user, 'get_session_auth_hash'):
+                session_hash = request.session.get(HASH_SESSION_KEY)
+                session_hash_verified = session_hash and constant_time_compare(
+                    session_hash,
+                    user.get_session_auth_hash()
+                )
+                if not session_hash_verified:
+                    request.session.flush()
+                    user = None
+    return user or AnonymousUser()
+
diff --git a/myprj/usermerge/backends.py b/myprj/usermerge/backends.py
new file mode 100644
index 0000000..ea041eb
--- /dev/null
+++ b/myprj/usermerge/backends.py
@@ -0,0 +1,70 @@
+from django.contrib.auth.hashers import check_password
+from usermerge.models import Admin, Platform, Registry, User
+
+# Create your backends here.
+# https://docs.djangoproject.com/en/2.0/topics/auth/customizing/#other-authentication-sources
+
+# For more information on Admin, Platform, Registry and User models, see models.py .
+# For more information on the platform names that are provided in the drop-down list of the login form, see login.html and get_names_of_SoftLab_provided_platforms_from_DB() function of views.py .
+# For more information on password management functions (e.g. check_password()), see https://docs.djangoproject.com/en/2.0/topics/auth/passwords/ .
+
+class UserBackend:
+    def authenticate(self, request, platform, username, password):
+        """
+        Authenticate the credentials POSTed via the login form.
+
+        If the selected platform is SLUB, the user should be authenticated as Admin with the happy path being:
+        * Try to find an Admin instance of usermergeDB that corresponds to the provided username.
+        * If a corresponding instance is found, check if the provided password matches the one of the instance.
+        * If the provided password matches the one of the instance, the user is authenticated successfully as Admin and
+          the instance is returned.
+
+        If the selected platform is not SLUB, the user should be authenticated as User with the happy path being:
+        * Try to find a Registry instance of usermergeDB that corresponds to the provided platform and username.
+        * If a corresponding instance is found, check if the provided password matches the one of the instance.
+        * If the provided password matches the one of the instance, the user is authenticated successfully as User and
+          the User instance that is associated with the corresponding Registry instance is returned.
+
+        If any of the checks (finding the corresponding instance and comparing the passwords) fails, the authentication
+        fails and an empty instance (None) is returned (if the first check fails, the second is never performed).
+        """
+        if platform != 'SLUB':
+            # User authentication
+            platform_instance = Platform.objects.get(name = platform)
+            try:
+                registry = Registry.objects.get(platform = platform_instance, username = username)
+            except Registry.DoesNotExist:
+                return None
+            else:
+                if check_password(password, registry.password):
+                    return registry.user
+                else:
+                    return None
+        else:
+            # Admin authentication
+            try:
+                admin = Admin.objects.get(username = username)
+            except Admin.DoesNotExist:
+                return None
+            else:
+                if check_password(password, admin.password):
+                    return admin
+                else:
+                    return None
+
+    def get_user(self, user_class, user_id):
+        """
+        Return the user instance associated with the given class/model (User/Admin) and id.
+        If no associated user instance is found, return an empty instance (None).
+        """
+        if user_class == 'usermerge.User':
+            try:
+                return User.objects.get(pk = user_id)
+            except User.DoesNotExist:
+                return None
+        else:
+            try:
+                return Admin.objects.get(pk = user_id)
+            except Admin.DoesNotExist:
+                return None
+
diff --git a/myprj/usermerge/forms.py b/myprj/usermerge/forms.py
new file mode 100644
index 0000000..9cd3ac5
--- /dev/null
+++ b/myprj/usermerge/forms.py
@@ -0,0 +1,45 @@
+import re
+from django import forms
+from usermerge.models import Platform
+
+# Create your forms here.
+# https://docs.djangoproject.com/en/2.0/ref/forms/
+
+# The below-defined forms are based on the models defined in models.py .
+# For more information on clean_<fieldname>() and clean() methods, see https://docs.djangoproject.com/en/2.0/ref/forms/validation/ .
+# For more information on the platform names that are provided in the drop-down list of the login form, see login.html and get_names_of_SoftLab_provided_platforms_from_DB() function of views.py .
+
+class LoginForm(forms.Form):
+    platform = forms.CharField(error_messages = {'required': 'Το δηλωθέν όνομα πλατφόρμας δεν ανταποκρίνεται σε καμία από τις '
+                                                             'υποστηριζόμενες πλατφόρμες της βάσης!'})
+    username = forms.CharField(max_length = 50,
+                               error_messages = {'required': 'Το όνομα χρήστη πρέπει απαραίτητα να συμπληρωθεί!',
+                                                 'max_length': 'Το όνομα χρήστη δεν πρέπει να υπερβαίνει τους 50 χαρακτήρες!'})
+    password = forms.CharField(max_length = 50,
+                               error_messages = {'required': 'Ο κωδικός πρόσβασης πρέπει απαραίτητα να συμπληρωθεί!',
+                                                 'max_length': 'Ο κωδικός πρόσβασης δεν πρέπει να υπερβαίνει τους 50 χαρακτήρες!'})
+
+    def clean_platform(self):
+        platform = self.cleaned_data['platform']
+        # Ensure that the platform (name) is selected among the provided ones in the drop-down list of the login form.
+        # If it is not (e.g. it is misedited via JavaScript), raise a ValidationError that will be printed under the form.
+        if platform == 'SLUB' or (platform != 'ECE-NTUA' and platform in Platform.objects.values_list('name', flat = True)):
+            return platform
+        else:
+            raise forms.ValidationError('Το δηλωθέν όνομα πλατφόρμας δεν ανταποκρίνεται σε καμία '
+                                        'από τις υποστηριζόμενες πλατφόρμες της βάσης!')
+
+    def clean(self):
+        cleaned_data = super().clean()
+        # If platform and username have survived the initial individual field checks (by the time the form’s clean() method is called,
+        # all the individual field clean methods will have been run, so cleaned_data will be populated with any data that has survived
+        # so far) and platform refers either to Novice or to Grader, ensure that the username format is piYYbRRR (if it is not, raise a
+        # ValidationError that will be printed under the login form), where YY refers to year and RRR refers to username serial number.
+        if set(('platform', 'username')).issubset(cleaned_data):
+            platform = cleaned_data['platform']
+            username = cleaned_data['username']
+            if platform == 'Novice' or platform == 'Grader':
+                if not re.match('pi[0-9]{2}b[0-9]{3}', username):
+                    raise forms.ValidationError('Το όνομα χρήστη στις πλατφόρμες Novice και Grader πρέπει να είναι '
+                                                'της μορφής piYYbRRR (ΥΥ: έτος, RRR: σειριακός αριθμός ονόματος)!')
+
diff --git a/myprj/usermerge/middleware.py b/myprj/usermerge/middleware.py
new file mode 100644
index 0000000..3d6bd82
--- /dev/null
+++ b/myprj/usermerge/middleware.py
@@ -0,0 +1,25 @@
+"""
+Modified version of django.contrib.auth.middleware module (https://github.com/django/django/blob/master/django/contrib/auth/middleware.py).
+"""
+from django.conf import settings
+from django.utils.deprecation import MiddlewareMixin
+from django.utils.functional import SimpleLazyObject
+from usermerge import auth
+
+# Create your middleware here.
+# https://docs.djangoproject.com/en/2.0/topics/http/middleware/
+
+def get_user(request):
+    if not hasattr(request, '_cached_user'):
+        request._cached_user = auth.get_user(request)
+    return request._cached_user
+
+class AuthenticationMiddleware(MiddlewareMixin):
+    def process_request(self, request):
+        assert hasattr(request, 'session'), (
+            "The Django authentication middleware requires session middleware "
+            "to be installed. Edit your MIDDLEWARE%s setting to insert "
+            "'django.contrib.sessions.middleware.SessionMiddleware' before "
+            "'usermerge.middleware.AuthenticationMiddleware'."
+        ) % ("_CLASSES" if settings.MIDDLEWARE is None else "")
+        request.user = SimpleLazyObject(lambda: get_user(request))
diff --git a/myprj/usermerge/migrations/0001_initial.py b/myprj/usermerge/migrations/0001_initial.py
new file mode 100644
index 0000000..b15d323
--- /dev/null
+++ b/myprj/usermerge/migrations/0001_initial.py
@@ -0,0 +1,63 @@
+# Generated by Django 2.0.4 on 2018-06-28 11:10
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Admin',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('first_name', models.CharField(max_length=100)),
+                ('last_name', models.CharField(max_length=100)),
+                ('email', models.EmailField(max_length=254, unique=True)),
+                ('username', models.CharField(max_length=50, unique=True)),
+                ('password', models.CharField(max_length=100)),
+                ('last_login', models.DateTimeField(null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Platform',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=50, unique=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Registry',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('username', models.CharField(max_length=50)),
+                ('password', models.CharField(max_length=100)),
+                ('platform', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='usermerge.Platform')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('first_name', models.CharField(max_length=100)),
+                ('last_name', models.CharField(max_length=100)),
+                ('ece_id', models.CharField(max_length=8, null=True, unique=True)),
+                ('email', models.EmailField(max_length=254, null=True, unique=True)),
+                ('last_login', models.DateTimeField(null=True)),
+            ],
+        ),
+        migrations.AddField(
+            model_name='registry',
+            name='user',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='usermerge.User'),
+        ),
+        migrations.AlterUniqueTogether(
+            name='registry',
+            unique_together={('user', 'platform'), ('platform', 'username')},
+        ),
+    ]
diff --git a/myprj/usermerge/models.py b/myprj/usermerge/models.py
old mode 100644
new mode 100755
index 71a8362..834d678
--- a/myprj/usermerge/models.py
+++ b/myprj/usermerge/models.py
@@ -1,3 +1,70 @@
 from django.db import models
+from django.utils.crypto import salted_hmac
 
 # Create your models here.
+# https://docs.djangoproject.com/en/2.0/ref/models/
+
+# Regarding the fields whose null attribute/option is set to True (WARNING: Any unique fields whose null attribute/option is undeclared, i.e. False by default, should NEVER be allowed to be empty): The empty DB value for DateTimeFields is NULL (interpreted as None in Python), thus designating the absence of value. The empty DB value for CharFields and EmailFields is the empty/zero-length string (''), which is a valid string value. For unique CharFields and EmailFields, such as ece_id and email of the User model, whose value may NOT always be declared when inserting/updating the respective DB entries/records, this could lead in integrity errors ("Duplicate entry '' for key 'ece_id'/'email'"). To avoid such errors, NULL should be used as the empty DB value of these fields (the empty string should NOT be used in this case). For more information, see https://docs.djangoproject.com/en/2.0/ref/models/fields/ .
+# first_name and last_name fields can contain greek characters. The length of each greek character is 2 bytes, while the length of each english/punctuation character is 1 byte.
+# Django creates hashed passwords using the PBKDF2 algorithm with a SHA256 hash by default (https://docs.djangoproject.com/en/2.0/topics/auth/passwords/). The length of each hashed password is 78 bytes.
+# The ECE-ID format is 031YYRRR (YY: year, RRR: registration number).
+# The user_logged_in signal (see login() function in auth.py) triggers the update of the last_login fields, so the latter are necessary.
+# Original source code for get_session_auth_hash() methods and is_authenticated attributes can be found in https://github.com/django/django/blob/master/django/contrib/auth/base_user.py (for more information, see https://docs.djangoproject.com/en/2.0/topics/auth/customizing/). get_session_auth_hash() methods are needed in login() and get_user() functions of auth.py, while is_authenticated attributes are needed for login_required() decorator of views.py .
+
+class User(models.Model):
+    first_name = models.CharField(max_length = 100)
+    last_name = models.CharField(max_length = 100)
+    ece_id = models.CharField(max_length = 8, unique = True, null = True)
+    email = models.EmailField(unique = True, null = True)
+    last_login = models.DateTimeField(null = True)
+
+    def get_session_auth_hash(self):
+        """
+        Return an HMAC of the email field.
+        """
+        key_salt = 'usermerge.models.User.get_session_auth_hash'
+        return salted_hmac(key_salt, self.email).hexdigest()
+
+    @property
+    def is_authenticated(self):
+        """
+        Always return True. This is a way to tell if the user has been
+        authenticated in views.
+        """
+        return True
+
+class Platform(models.Model):
+    name = models.CharField(max_length = 50, unique = True)
+
+class Registry(models.Model):
+    user = models.ForeignKey('User', on_delete = models.PROTECT)
+    platform = models.ForeignKey('Platform', on_delete = models.PROTECT)
+    username = models.CharField(max_length = 50)
+    password = models.CharField(max_length = 100)
+
+    class Meta:
+        unique_together = (('user', 'platform',), ('platform', 'username',),)
+
+class Admin(models.Model):
+    first_name = models.CharField(max_length = 100)
+    last_name = models.CharField(max_length = 100)
+    email = models.EmailField(unique = True)
+    username = models.CharField(max_length = 50, unique = True)
+    password = models.CharField(max_length = 100)
+    last_login = models.DateTimeField(null = True)
+
+    def get_session_auth_hash(self):
+        """
+        Return an HMAC of the email field.
+        """
+        key_salt = 'usermerge.models.Admin.get_session_auth_hash'
+        return salted_hmac(key_salt, self.email).hexdigest()
+
+    @property
+    def is_authenticated(self):
+        """
+        Always return True. This is a way to tell if the user has been
+        authenticated in views.
+        """
+        return True
+
diff --git a/myprj/usermerge/templates/400.html b/myprj/usermerge/templates/400.html
new file mode 100644
index 0000000..34e446d
--- /dev/null
+++ b/myprj/usermerge/templates/400.html
@@ -0,0 +1,12 @@
+{# https://docs.djangoproject.com/en/2.0/ref/views/#the-400-bad-request-view #}
+{# https://docs.djangoproject.com/en/2.0/_modules/django/views/defaults/ #}
+
+{% extends "base.html" %}
+
+{% block title %}
+    SLUB - Σφάλμα 400 (Bad Request)
+{% endblock %}
+
+{% block content %}
+    <h4>Σφάλμα 400 (Bad Request)</h4>
+{% endblock %}
diff --git a/myprj/usermerge/templates/403.html b/myprj/usermerge/templates/403.html
new file mode 100644
index 0000000..4de9977
--- /dev/null
+++ b/myprj/usermerge/templates/403.html
@@ -0,0 +1,12 @@
+{# https://docs.djangoproject.com/en/2.0/ref/views/#the-403-http-forbidden-view #}
+{# https://docs.djangoproject.com/en/2.0/_modules/django/views/defaults/ #}
+
+{% extends "base.html" %}
+
+{% block title %}
+    SLUB - Σφάλμα 403 (Forbidden)
+{% endblock %}
+
+{% block content %}
+    <h4>Σφάλμα 403 (Forbidden)</h4>
+{% endblock %}
diff --git a/myprj/usermerge/templates/404.html b/myprj/usermerge/templates/404.html
new file mode 100644
index 0000000..44ef1bd
--- /dev/null
+++ b/myprj/usermerge/templates/404.html
@@ -0,0 +1,13 @@
+{# https://docs.djangoproject.com/en/2.0/ref/views/#the-404-page-not-found-view #}
+{# https://docs.djangoproject.com/en/2.0/_modules/django/views/defaults/ #}
+
+{% extends "base.html" %}
+
+{% block title %}
+    SLUB - Σφάλμα 404 (Not Found)
+{% endblock %}
+
+{% block content %}
+    <h4>Σφάλμα 404 (Not Found)</h4>
+    <p>Η ζητηθείσα ιστοσελίδα "{{ request_path }}" δεν βρέθηκε στον παρόντα διακομιστή! :(</p>
+{% endblock %}
diff --git a/myprj/usermerge/templates/500.html b/myprj/usermerge/templates/500.html
new file mode 100644
index 0000000..d3de922
--- /dev/null
+++ b/myprj/usermerge/templates/500.html
@@ -0,0 +1,12 @@
+{# https://docs.djangoproject.com/en/2.0/ref/views/#the-500-server-error-view #}
+{# https://docs.djangoproject.com/en/2.0/_modules/django/views/defaults/ #}
+
+{% extends "base.html" %}
+
+{% block title %}
+    SLUB - Σφάλμα 500 (Server Error)
+{% endblock %}
+
+{% block content %}
+    <h4>Σφάλμα 500 (Server Error)</h4>
+{% endblock %}
diff --git a/myprj/usermerge/templates/admin_home.html b/myprj/usermerge/templates/admin_home.html
new file mode 100644
index 0000000..2b3aa7c
--- /dev/null
+++ b/myprj/usermerge/templates/admin_home.html
@@ -0,0 +1,11 @@
+{% extends "base.html" %}
+
+{% block title %}
+    SLUB - Αρχική Σελίδα Διαχειριστή
+{% endblock %}
+
+{% block content %}
+    <div class="bar" id="in-session-bar" style="padding-top:10px; padding-bottom:10px;">Έχετε εισέλθει επιτυχώς! :)</div>
+    <h4>Αρχική Σελίδα Διαχειριστή</h4>
+    <p><a href="{% url 'logout' %}">Έξοδος</a></p>
+{% endblock %}
diff --git a/myprj/usermerge/templates/base.html b/myprj/usermerge/templates/base.html
index 9dc548a..4155933 100644
--- a/myprj/usermerge/templates/base.html
+++ b/myprj/usermerge/templates/base.html
@@ -8,7 +8,7 @@
             {% endblock %}
         </title>
 
-        <!-- https://docs.djangoproject.com/en/2.0/howto/static-files/ -->
+        {# https://docs.djangoproject.com/en/2.0/howto/static-files/ #}
         {% load static %}
         <link rel="icon" href="{% static 'usermerge/favicon.png' %}" type="image/png"/>
 
@@ -21,11 +21,17 @@
                 text-align: center;
                 text-decoration: underline;
             }
-            .footer, .header {
+            p {
+                text-align: center;
+            }
+            table {
+                margin: 0px auto; {# https://stackoverflow.com/questions/14073188/center-align-a-html-table #}
+            }
+            .bar, .footer, .header {
                 text-align: center;
                 width: 100%;
             }
-            #ece-ntua-header, #footer {
+            #ece-ntua-header, #footer, #in-session-bar {
                 background-color: #82B7EF;
             }
             #slub-header {
@@ -33,12 +39,12 @@
             }
         </style>
     </head>
-    
+
     <body>
         <div class="header" id="ece-ntua-header">
-            <table align="center" width="1000px">
+            <table>
                 <tr>
-                    <td style="width:235px;">
+                    <td style="width:240px;">
                         <img src="https://courses.softlab.ntua.gr/Images/Various/pyrforos.svg" alt="Προμηθέας Πυρφόρος" style="height:120px; width:120px;"/>
                     </td>
                     <td>
@@ -52,15 +58,22 @@
         </div>
 
         <div class="header" id="slub-header">
-            <table align="center" width="1000px">
+            <table>
                 <tr>
-                    <td style="width:235px;">
-                        <p><strong><span style="color:red;">S</span>oft<span style="color:red;">L</span>ab <span style="color:red;">U</span>ser<span style="color:red;">B</span>ase</strong></p>
+                    <td style="padding-left:10px; width:240px;">
+                        <p>
+                            <strong>
+                                <span style="color:red;">S</span>oft<span style="color:red;">L</span>ab
+                                <span style="color:red;">U</span>ser<span style="color:red;">B</span>ase
+                            </strong>
+                        </p>
                     </td>
                     <td>
                         <p>
-                            Το <strong><span style="color:red;">SLUB</span></strong> είναι το σύστημα διαχείρισης και συσχέτισης διαπιστευτηρίων για τους χρήστες των πλατφορμών του SoftLab. Οι πλατφόρμες που διατίθενται μέσω του SoftLab είναι
-                                ο <a href="novice.softlab.ntua.gr" target="_blank">Novice</a>,
+                            Το <strong><span style="color:red;">SLUB</span></strong> είναι το σύστημα διαχείρισης και συσχέτισης <br/>
+                            διαπιστευτηρίων για τους χρήστες των πλατφορμών του SoftLab. <br/>
+                            Οι πλατφόρμες που διατίθενται μέσω του SoftLab είναι <br/>
+                                ο <a href="http://courses.softlab.ntua.gr/progintro/" target="_blank">Novice</a>,
                                 o <a href="http://grader.softlab.ntua.gr/" target="_blank">Grader</a>,
                                 το <a href="https://moodle.softlab.ntua.gr/" target="_blank">Moodle</a> και
                                 ο <a href="http://plgrader.softlab.ntua.gr/" target="_blank">PLgrader</a>.
@@ -71,19 +84,19 @@
         </div>
 
         {% block content %}
-            <p style="text-align:center;">Αυτή η ιστοσελίδα δεν έχει ακόμα περιεχόμενο... :(</p>
+            <p>Αυτή η ιστοσελίδα δεν έχει ακόμα περιεχόμενο... :(</p>
         {% endblock %}
 
         <div class="footer" id="footer">
-            <table align="center" width="1000px">
+            <table>
                 <tr>
-                    <td>
+                    <td style="padding-right:30px; width:240px;">
                         <p>&copy; {% now "Y" %} SoftLab</p>
                     </td>
-                    <td>
+                    <td style="width:240px;">
                         <p><a href="mailto:webmaster@courses.softlab.ntua.gr">Επικοινωνία με Webmaster</a></p>
                     </td>
-                    <td>
+                    <td style="padding-left:30px; width:240px;">
                         <p>
                             Αναπτύxθηκε σε <br/>
                                 <a href="https://www.python.org/" target="_blank">Python</a>,
diff --git a/myprj/usermerge/templates/login.html b/myprj/usermerge/templates/login.html
index 5751fb3..0cc2239 100644
--- a/myprj/usermerge/templates/login.html
+++ b/myprj/usermerge/templates/login.html
@@ -7,29 +7,54 @@
 {% block content %}
     <h4>Είσοδος Χρήστη/Διαχειριστή</h4>
 
-    <form name="login" style="text-align:center;" action="{% url 'login' %}" method="POST">
+    <form name="login" style="text-align:center;" action="{% url 'submit_login' %}" method="POST">
         {% csrf_token %}
-        <span>&nbsp; &nbsp; Είσοδος ως:</span>
-        <select name="platforms">
-            <option value="admin">διαχειριστής του SLUB</option>
-            <option value="novice" selected>χρήστης του Novice</option>
-            <option value="grader">χρήστης του Grader</option>
-            <option value="moodle">χρήστης του Moodle</option>
-            <option value="plgrader"> χρήστης του PLgrader</option>
-        </select>
+        <table>
+            <tr>
+                <td style="text-align:right;">Είσοδος ως:</td>
+                <td style="text-align:left;">
+                    <select name="platform">
+                        <option value="SLUB">διαχειριστής του SLUB</option>
+                        {% for platform in platform_list %}
+                            <option value="{{ platform }}" {% if platform == "Novice" %}selected{% endif %}>
+                                χρήστης του {{ platform }}
+                            </option>
+                        {% endfor %}
+                    </select>
+                </td>
+            </tr>
+            <tr>
+                <td style="text-align:right;">Όνομα χρήστη:</td>
+                <td style="text-align:left;">
+                    {# https://stackoverflow.com/questions/5272433/html5-form-required-attribute-set-custom-validation-message #}
+                    {# https://stackoverflow.com/questions/8078388/hiding-title-tags-on-hover #}
+                    <input type="text" name="username" maxlength="50" onmouseover="this.title='';"
+                           oninput="setCustomValidity('');" oninvalid="setCustomValidity('Παρακαλούμε συμπληρώστε το πεδίο!');" required/>
+                </td>
+            </tr>
+            <tr>
+                <td style="text-align:right;">Κωδικός πρόσβασης:</td>
+                <td style="text-align:left;">
+                    {# https://stackoverflow.com/questions/5272433/html5-form-required-attribute-set-custom-validation-message #}
+                    {# https://stackoverflow.com/questions/8078388/hiding-title-tags-on-hover #}
+                    <input type="password" name="password" maxlength="50" onmouseover="this.title='';"
+                           oninput="setCustomValidity('');" oninvalid="setCustomValidity('Παρακαλούμε συμπληρώστε το πεδίο!');" required/>
+                </td>
+            </tr>
+        </table>
         <br/>
-        <span>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Όνομα χρήστη:</span>
-        <input type="text" name="username" onmouseover="this.title='';" oninput="setCustomValidity('');" oninvalid="setCustomValidity('Παρακαλούμε συμπληρώστε το πεδίο!');" required/>
-        <br/>
-        <span>Κωδικός πρόσβασης:</span>
-        <input type="password" name="password" onmouseover="this.title='';" oninput="setCustomValidity('');" oninvalid="setCustomValidity('Παρακαλούμε συμπληρώστε το πεδίο!');" required/>
-        <br/>
-        <br/>
-        <button type="submit" value="login" name="login">
-            <strong>Είσοδος</strong>
-        </button>
+        <button type="submit" value="login" name="login"><strong>Είσοδος</strong></button>
     </form>
 
+    {% if error_messages %}
+        {% for message in error_messages %}
+            <p style="color:red; font-size:14px;">
+                <img src="https://moodle.softlab.ntua.gr/theme/image.php/softlab/core/1522849333/i/warning" alt="Σφάλμα"/>
+                <strong>{{ message | linebreaksbr }}</strong>
+            </p>
+        {% endfor %}
+    {% endif %}
+
     <br/>
 {% endblock %}
 
diff --git a/myprj/usermerge/templates/logout.html b/myprj/usermerge/templates/logout.html
new file mode 100644
index 0000000..820dab2
--- /dev/null
+++ b/myprj/usermerge/templates/logout.html
@@ -0,0 +1,11 @@
+{% extends "base.html" %}
+
+{% block title %}
+    SLUB - Έξοδος Χρήστη/Διαχειριστή
+{% endblock %}
+
+{% block content %}
+    <h4>Έξοδος Χρήστη/Διαχειριστή</h4>
+    <p>Εξήλθατε με επιτυχία! :)</p>
+    <p><a href="{% url 'default_login' %}">Θα θέλατε μήπως να εισέλθετε ξανά;</a></p>
+{% endblock %}
diff --git a/myprj/usermerge/templates/template_refs.txt b/myprj/usermerge/templates/template_refs.txt
new file mode 100644
index 0000000..0688deb
--- /dev/null
+++ b/myprj/usermerge/templates/template_refs.txt
@@ -0,0 +1,2 @@
+* W3Schools - HTML5 Tutorial: https://www.w3schools.com/Html/default.asp
+* Django References - Templates: https://docs.djangoproject.com/en/2.0/ref/templates/
diff --git a/myprj/usermerge/templates/user_home.html b/myprj/usermerge/templates/user_home.html
new file mode 100644
index 0000000..f960858
--- /dev/null
+++ b/myprj/usermerge/templates/user_home.html
@@ -0,0 +1,11 @@
+{% extends "base.html" %}
+
+{% block title %}
+    SLUB - Αρχική Σελίδα Χρήστη
+{% endblock %}
+
+{% block content %}
+    <div class="bar" id="in-session-bar" style="padding-top:10px; padding-bottom:10px;">Έχετε εισέλθει επιτυχώς! :)</div>
+    <h4>Αρχική Σελίδα Χρήστη</h4>
+    <p><a href="{% url 'logout' %}">Έξοδος</a></p>
+{% endblock %}
diff --git a/myprj/usermerge/urls.py b/myprj/usermerge/urls.py
index 162c654..85107f8 100644
--- a/myprj/usermerge/urls.py
+++ b/myprj/usermerge/urls.py
@@ -14,9 +14,12 @@ Including another URLconf
     2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
 from django.urls import re_path
-
 from usermerge import views
 
 urlpatterns = [
-    re_path(r'^login/', views.login, name='login'),
+    re_path(r'^login/default/', views.show_default_login_page, name = 'default_login'),
+    re_path(r'^login/submit/', views.log_in, name = 'submit_login'),
+    re_path(r'^home/user/', views.show_user_home_page, name = 'user_home'),
+    re_path(r'^home/admin/', views.show_admin_home_page, name = 'admin_home'),
+    re_path(r'^logout/', views.log_out, name = 'logout'),
 ]
diff --git a/myprj/usermerge/views.py b/myprj/usermerge/views.py
index 96940ed..16dbda6 100644
--- a/myprj/usermerge/views.py
+++ b/myprj/usermerge/views.py
@@ -1,6 +1,78 @@
-from django.shortcuts import render
+from django.contrib.auth import authenticate, logout
+from django.contrib.auth.decorators import login_required
+from django.shortcuts import redirect, render
+from usermerge.auth import login
+from usermerge.forms import LoginForm
+from usermerge.models import Platform
 
 # Create your views here.
+# https://docs.djangoproject.com/en/2.0/topics/http/views/
+
+# For more information on authenticate() and logout() functions and login_required() decorator, see https://docs.djangoproject.com/en/2.0/topics/auth/default/ . For more information on login() function, see auth.py .
+# For more information on working with forms, see https://docs.djangoproject.com/en/2.0/topics/forms/ .
+
+def get_names_of_SoftLab_provided_platforms_from_DB():
+    """
+    Return the list of all the platform names, except for ECE-NTUA (this 'platform' is not provided by SoftLab),
+    that exist in usermergeDB (see populateDB.py). This list can be used as part of the context
+    while rendering our application pages, e.g. in the platform drop-down list of the login form.
+    """
+    platform_names = list(Platform.objects.order_by('id').values_list('name', flat = True))
+    platform_names.remove('ECE-NTUA')
+    return platform_names
+
+def show_default_login_page(request):
+    """
+    Show login page without any validation/authentication error messages (that is, before submitting any invalid credentials).
+    """
+    return render(request, 'login.html', {'platform_list': get_names_of_SoftLab_provided_platforms_from_DB()})
+
+def log_in(request):
+    """
+    Collect the credentials POSTed via the login form and validate them. If they are not valid, redirect the user to
+    the login page and display the appropriate validation error messages. Otherwise, authenticate them. If they do
+    not correspond to any User or Admin instance of usermergeDB (see models.py), redirect the user to the login page and
+    display the appropriate authentication error message. Otherwise, log the user in and redirect him/her to the
+    appropriate home page depending on his/her representative model/class (User/Admin from usermerge.models).
+    """
+    form = LoginForm(request.POST)
+    if form.is_valid():
+        platform = form.cleaned_data['platform']
+        username = form.cleaned_data['username']
+        password = form.cleaned_data['password']
+        user = authenticate(request, platform = platform, username = username, password = password)
+        if user:
+            login(request, user)
+            # User instances have an ece_id attribute, whereas Admin instances do not.
+            # Therefore, if user has an ece_id attribute, he/she is a User. Otherwise, he/she is an Admin.
+            if hasattr(user, 'ece_id'):
+                return redirect('user_home')
+            else:
+                return redirect('admin_home')
+        else:
+            return render(request, 'login.html',
+                          {'platform_list': get_names_of_SoftLab_provided_platforms_from_DB(),
+                           'error_messages': ['Τα δηλωθέντα διαπιστευτήρια δεν ανταποκρίνονται σε κανένα χρήστη της βάσης!\n'
+                                              'Παρακαλούμε ελέγξτε την ορθότητα των διαπιστευτηρίων και δοκιμάστε ξανά!']})
+    else:
+        return render(request, 'login.html',
+                      {'platform_list': get_names_of_SoftLab_provided_platforms_from_DB(),
+                       # https://docs.python.org/3/tutorial/datastructures.html#list-comprehensions
+                       'error_messages': [list(form.errors.values())[k-1][0] for k in range(len(form.errors.values()))]})
+
+@login_required(redirect_field_name = None)
+def show_user_home_page(request):
+    return render(request, 'user_home.html', {})
+
+@login_required(redirect_field_name = None)
+def show_admin_home_page(request):
+    return render(request, 'admin_home.html', {})
+
+@login_required(redirect_field_name = None)
+def log_out(request):
+    """
+    Log the authenticated user out and redirect him/her to the logout page.
+    """
+    logout(request)
+    return render(request, 'logout.html', {})
 
-def login(request):
-    return render(request, 'login.html', {})
-- 
2.18.1