update help text with market analysis and resources - protect with password

2025-07-24 09:45:46 +02:00 · 2025-07-24 09:45:46 +02:00 · 347f3d1655
commit 347f3d1655
parent 469f7af7a4
2 changed files with 270 additions and 3 deletions
--- a/hub/services/views/calculator.py
+++ b/hub/services/views/calculator.py
@ -55,14 +55,52 @@ def csp_roi_calculator(request):
    return render(request, "calculator/csp_roi_calculator.html", context)


+@require_http_methods(["GET", "POST"])
 def roi_calculator_help(request):
    """
-    ROI Calculator Help page - Shows detailed information about investment models
-    This page is publicly accessible without password protection
+    ROI Calculator Help page - Protected view with same password authentication as calculator
+    Shows detailed information about investment models and market analysis
    """
+    # Handle logout
+    if request.method == "POST" and request.POST.get("logout"):
+        request.session.pop("csp_calculator_authenticated", None)
+        return redirect("services:roi_calculator_help")
+
+    # Get password from Django settings
+    calculator_password = getattr(settings, "CSP_CALCULATOR_PASSWORD", None)
+
+    # If no password is configured, deny access
+    if not calculator_password:
+        messages.error(
+            request,
+            "Calculator help is not properly configured. Please contact administrator.",
+        )
+        return render(
+            request, "calculator/password_form.html", {"password_error": True}
+        )
+
+    # Password protection - check if authenticated in session
+    if not request.session.get("csp_calculator_authenticated", False):
+        if request.method == "POST":
+            password = request.POST.get("password", "")
+
+            # Validate password
+            if password == calculator_password:
+                request.session["csp_calculator_authenticated"] = True
+                # Set session timeout (optional - expires after 24 hours of inactivity)
+                request.session.set_expiry(86400)  # 24 hours
+                messages.success(request, "Access granted to CSP ROI Calculator Help.")
+                return redirect("services:roi_calculator_help")
+            else:
+                messages.error(request, "Invalid password. Please try again.")
+
+        # Show password form
+        return render(request, "calculator/password_form.html")
+
+    # User is authenticated, show the help page
    context = {
        "page_title": "ROI Calculator Help - Investment Models",
-        "page_description": "Understand Servala's Loan and Direct Investment models with detailed explanations and examples",
+        "page_description": "Understand Servala's Loan and Direct Investment models with detailed explanations and market analysis",
    }
    
    return render(request, "calculator/roi_calculator_help.html", context)