def login(request):
if 'authenticated_users' in request.session:
del request.session['authenticated_users']
context = {
'user_password_length': settings.USER_PASSWORD_LENGTH,
'memberid_lookups_limit': settings.MEMBERID_LOOKUPS_LIMIT,
'countries': FocusCountry.get_sorted(),
}
if request.method == 'GET':
if request.user.is_authenticated():
# User is already authenticated, skip login
return redirect(request.GET.get('next', reverse('user.views.home')))
if 'registreringsnokkel' in request.GET:
try:
user = User.get_users(include_pending=True).get(pending_registration_key=request.GET['registreringsnokkel'])
context['prefilled_user'] = user
except User.DoesNotExist:
pass
context['next'] = request.GET.get('next')
return render(request, 'common/user/login/login.html', context)
elif request.method == 'POST':
matches, message = attempt_login(request)
if len(matches) == 1:
return redirect(request.GET.get('next', reverse('user.views.home')))
elif len(matches) > 1:
# Multiple matches, offer a choice between all matches
request.session['authenticated_users'] = [u.id for u in matches]
if 'next' in request.GET:
return redirect("%s?next=%s" %
(reverse('user.login.views.choose_authenticated_user'), request.GET['next']))
else:
return redirect('user.login.views.choose_authenticated_user')
else:
messages.error(request, message)
context['next'] = request.GET.get('next')
context['email'] = request.POST['email']
return render(request, 'common/user/login/login.html', context)
else:
return redirect('user.login.views.login')
def signon_login(request):
if not 'dntconnect' in request.session:
# Use a friendlier error message here?
raise PermissionDenied
if request.user.is_authenticated():
# Shouldn't happen, but handle it just in case.
add_signon_session_value(request, 'logget_inn')
return redirect('connect:signon_complete')
else:
context = {
'user_password_length': settings.USER_PASSWORD_LENGTH,
'countries': FocusCountry.get_sorted(),
}
if 'registreringsnokkel' in request.GET:
try:
user = User.get_users(include_pending=True).get(pending_registration_key=request.GET['registreringsnokkel'])
context['prefilled_user'] = user
except User.DoesNotExist:
pass
if request.method == 'GET':
return render(request, 'central/connect/%s/signon.html' % request.session['dntconnect']['client_id'], context)
elif request.method == 'POST':
matches, message = attempt_login(request)
if len(matches) == 1:
add_signon_session_value(request, 'logget_inn')
return redirect('connect:signon_complete')
elif len(matches) > 1:
# Multiple matches, offer a choice between all matches
request.session['authenticated_users'] = [u.id for u in matches]
return redirect('connect:signon_choose_authenticated_user')
else:
messages.error(request, message)
context['email'] = request.POST['email']
return render(request, 'central/connect/%s/signon.html' % request.session['dntconnect']['client_id'], context)
else:
raise PermissionDenied
def login(request):
if 'authenticated_users' in request.session:
del request.session['authenticated_users']
context = {
'user_password_length': settings.USER_PASSWORD_LENGTH,
'memberid_lookups_limit': settings.MEMBERID_LOOKUPS_LIMIT,
'countries': FocusCountry.get_sorted(),
}
if request.method == 'GET':
# If the user is already authenticated, send them straight forwards
if request.user.is_authenticated():
return redirect(request.GET.get('next', reverse('user:home')))
# If logging in on a non-central site, first send the user to the
# central site to try automatic login. Except if 'sso_checked' is set in
# session, in which case they've already tried and failed.
if not request.site.is_central() \
and 'sso_checked' not in request.session:
return_address = 'https://%s%s?next=%s' % (
request.site.domain,
reverse('user:login.single_signon_return'),
request.GET.get('next', reverse('user:home')),
)
return redirect('https://%s%s?next=%s' % (
Site.get_central().domain,
reverse('user:login.single_signon_check'),
urlquote(return_address),
))
if 'registreringsnokkel' in request.GET:
try:
user = User.get_users(include_pending=True).get(
pending_registration_key=request.GET['registreringsnokkel']
)
context['prefilled_user'] = user
except User.DoesNotExist:
pass
if 'next' in request.GET:
context['next'] = urlquote(request.GET['next'])
if request.session.get('OAuth-authorization'):
context['stripped_layout'] = True
return render(request, 'common/user/login/login.html', context)
elif request.method == 'POST':
matches, message = attempt_login(request)
if len(matches) == 1:
if request.session.get('OAuth-authorization'):
try:
o = urlparse(request.GET.get('next', None))
client_id = [a[1] for a in parse_qsl(o.query) if a[0] == 'client_id'][0]
request.user.last_login_oauth_date = datetime.now()
request.user.save()
log, created = UserOauthActiveLog.objects.get_or_create(
user=request.user,
oauth_client_id=client_id,
defaults={
'first_date': request.user.last_login_oauth_date,
'last_date': request.user.last_login_oauth_date
})
if not created:
log.last_date = request.user.last_login_oauth_date
log.save()
except:
pass
else:
request.user.last_login_site_date = datetime.now()
request.user.save()
if request.site.is_central():
return redirect(request.GET.get('next', reverse('user:home')))
else:
if 'sso_checked' in request.session:
del request.session['sso_checked']
return redirect(sso_login_url(
request.site,
request.user,
request.GET.get('next', reverse('user:home')),
))
elif len(matches) > 1:
# Multiple matches, offer a choice between all matches
request.session['authenticated_users'] = [u.id for u in matches]
if 'next' in request.GET:
return redirect(
"%s?next=%s" % (
reverse('user:login.choose_authenticated_user'),
urlquote(request.GET['next']),
)
)
else:
return redirect('user:login.choose_authenticated_user')
else:
messages.error(request, message)
if 'next' in request.GET:
context['next'] = urlquote(request.GET['next'])
context['email'] = request.POST['email']
if request.session.get('OAuth-authorization'):
context['stripped_layout'] = True
return render(request, 'common/user/login/login.html', context)
else:
return redirect('user:login.login')
