user can add to tags now

quest/forms.py

@@ -52,7 +52,7 @@ class EditQuestForm(forms.Form):
 
 class QuestForm(forms.ModelForm):
 	"""
-	The main create_quest form.
+	The main new quest form.
 	"""
 	class Meta:
 		model = Quest

quest/jinja2/quest/quest_homepage.html

@@ -48,6 +48,14 @@
 	<div id="questPane" style="width:{% if request.session.get("hide_chat") == True %}100%{% else %}70%{% endif %};">
 		<center><h1>{{ quest.title }}</h1></center>
 		Tags: {% for tag in quest.tags.names() %}<a href="{{ url('search:index') + '?tags=' + tag }}">{{ tag }}</a>{% if not loop.last %}, {% endif %}{% endfor %}
+		{% if request.user == quest.owner %}
+		<form method="post" action="{{ url('quest:new_tag', kwargs={'quest_id': quest_id}) }}">
+			{{ csrf_input }}
+			<input type="text" name="tag">
+			<input type="hidden" name="quest_id" value="{{ quest.id }}">
+			<input type="submit">
+		</form>
+		{% endif %}
 		<h3>Pages</h3>
 		<ul>
 			{% for page in pages %}

quest/urls.py

@@ -9,6 +9,7 @@ from . import views
 app_name = 'quest'
 urlpatterns = [
 	path('', views.index, name='index'),
+	path('<int:quest_id>/new_tag', views.new_tag, name='new_tag'),
 	path('<int:quest_id>/edit_quest', views.edit_quest, name='edit_quest'),
 	path('<int:quest_id>/<page_num>/edit_quest', views.edit_quest, name='edit_quest'),
 	path('<int:quest_id>', views.quest, name='quest'),

quest/views.py

@@ -4,6 +4,8 @@ Quest and quest accessory views.
 """
 from datetime import timedelta, datetime, timezone
 
+import bleach
+from django.views.decorators.http import require_POST
 from django.contrib import messages
 from django.http import HttpResponse
 from django.shortcuts import render, redirect
@@ -87,6 +89,8 @@ def new_quest(request):
 	"""
 	The page for creating new quests.
 	"""
+	if not request.user.is_authenticated:
+		return redirect('login:index')
 	if request.method == 'POST':
 		# TODO: clean the post body
 		quest = Quest(owner=request.user)
@@ -119,3 +123,21 @@ def new_quest(request):
 		post_form = PostForm()
 	context = {'quest_form': quest_form, 'post_form': post_form}
 	return render(request, 'quest/new_quest.html', context)
+
+
+@require_POST
+def new_tag(request, quest_id):
+	"""Endpoint for adding new tags to a quest."""
+	if not request.user.is_authenticated:
+		return redirect('login:index')
+	tag = request.POST.get('tag', '').strip()
+	if not tag:
+		return redirect('quest:quest', quest_id=quest_id, page_num='0')
+
+	quest = Quest.objects.get(id=quest_id)
+	tag = bleach.clean(tag)
+	if tag in quest.tags.names():
+		return redirect('quest:quest', quest_id=quest_id, page_num='0')
+
+	quest.tags.add(tag)
+	return redirect('quest:quest', quest_id=quest_id, page_num='0')

set_session/views.py

@@ -3,7 +3,9 @@
 /set_session app views.
 """
 from django.http import HttpResponse
+from django.views.decorators.http import require_POST
 
+@require_POST
 def index(request):
 	"""
 	A simple API endpoint for setting certain values in the users session.

titivillus/urls.py

@@ -9,7 +9,6 @@ urlpatterns = [
 	path('', include('homepage.urls')),
 	path('admin/', admin.site.urls),
 	path('quest/', include('quest.urls')),
-	path('create_quest/', include('create_quest.urls')),
 	path('set_session/', include('set_session.urls')),
 	path('signup/', include('signup.urls')),
 	path('login/', include('login.urls')),