def loginuser(request):
""" Renders the user login page(main page)."""
# ensure that the request is valid, otherwise raise
assert isinstance(request, HttpRequest)
# if we go to the main page, we need to ensure
# we log out the user for security reasons.
logout(request)
# override the form object with our custom one
authbackend = UserAuthBackend()
authForm = RegisterUserAuthenticationForm()
# the user has submitted the form.
if request.method == 'POST':
email = request.POST['email']
# verify if user is valid
user = authbackend.get_user(email)
userSalt = authbackend.get_user_salt(email)
if userSalt != '':
return render(
request,
'app/loginverify.html',
context_instance = RequestContext(request,
{
# pass all required variables to the login verify form
'title':'Enter your Password.',
'form': authForm,
# for the copyright note in the footer
'year': date.today().year,
'salt' : userSalt,
'email' : email
})
)
return render(
request,
'app/loginuser.html',
context_instance = RequestContext(request,
{
'title':'Welcome To CryptoStorage. Please Log In',
# override the value of form
'form': authForm,
# for the copyright note in the footer
'year': date.today().year
})
)
def authenticate(self,request):
""" check validation of user authentication """
# fetch data from the post
email = request.POST['email']
generated_hash = request.POST['hash']
data_returned = {'user': None, 'error':''}
# our custom authentication
authbackend = UserAuthBackend()
user = authbackend.get_user(email)
if user is not None:
if authbackend.confirm_login_allowed(user):
if authbackend.authenticate_hash(email=email,generatedHash=generated_hash):
# authenticated successfully.
data_returned['user'] = user
else:
data_returned['error'] = 'The user and password do not match'
else:
data_returned['error'] = 'The user is locked for security reasons. ' \
'Please contact customer service.'
else:
data_returned['error'] = 'The user and password do not match'
return data_returned
