def sign_in_by_user_pw(request, redirect_field_name=REDIRECT_FIELD_NAME):
"""
Displays the login form and handles the login action.
"""
redirect_to = request.POST.get(redirect_field_name,
request.GET.get(redirect_field_name, ''))
if request.method == "POST":
form = LoginForm(request, data=request.POST)
if form.is_valid():
# Ensure the user-originating redirection url is safe.
if not is_safe_url(url=redirect_to, host=request.get_host()):
redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
user = form.get_user()
from course.exam import may_sign_in
if not may_sign_in(request, user):
messages.add_message(
request, messages.ERROR,
_("Sign-in not allowed in this facility."))
raise PermissionDenied(
_("user not allowed to sign in in facility"))
# Okay, security check complete. Log the user in.
auth_login(request, user)
return HttpResponseRedirect(redirect_to)
else:
form = LoginForm(request)
current_site = get_current_site(request)
context = {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
}
return TemplateResponse(request, "course/login.html", context)
def sign_in_by_user_pw(request, redirect_field_name=REDIRECT_FIELD_NAME):
"""
Displays the login form and handles the login action.
"""
redirect_to = request.POST.get(redirect_field_name,
request.GET.get(redirect_field_name, ''))
if request.method == "POST":
form = LoginForm(request, data=request.POST)
if form.is_valid():
# Ensure the user-originating redirection url is safe.
if not is_safe_url(url=redirect_to, host=request.get_host()):
redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
user = form.get_user()
from course.exam import may_sign_in
if not may_sign_in(request, user):
messages.add_message(request, messages.ERROR,
_("Sign-in not allowed in this facility."))
raise PermissionDenied(
_("user not allowed to sign in in facility"))
# Okay, security check complete. Log the user in.
auth_login(request, user)
return HttpResponseRedirect(redirect_to)
else:
form = LoginForm(request)
current_site = get_current_site(request)
context = {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
}
return TemplateResponse(request, "course/login.html", context)
def sign_in_stage2_with_token(request, user_id, sign_in_key):
if settings.STUDENT_SIGN_IN_VIEW != "relate-sign_in_by_email":
raise SuspiciousOperation(_("email-based sign-in is not being used"))
from django.contrib.auth import authenticate, login
user = authenticate(user_id=int(user_id), token=sign_in_key)
if user is None:
messages.add_message(request, messages.ERROR,
_("Invalid sign-in token. Perhaps you've used an old "
"token email?"))
raise PermissionDenied(_("invalid sign-in token"))
if not user.is_active:
messages.add_message(request, messages.ERROR,
_("Account disabled."))
raise PermissionDenied(_("invalid sign-in token"))
from course.exam import may_sign_in
if not may_sign_in(request, user):
messages.add_message(request, messages.ERROR,
_("Sign-in not allowed in this facility."))
raise PermissionDenied(_("user not allowed to sign in in facility"))
login(request, user)
if not (user.first_name and user.last_name):
messages.add_message(request, messages.INFO,
_("Successfully signed in. "
"Please complete your registration information below."))
return redirect(
reverse("relate-user_profile")+"?first_login=1")
else:
messages.add_message(request, messages.INFO,
_("Successfully signed in."))
return redirect("relate-home")
def sign_in_stage2_with_token(request, user_id, sign_in_key):
if settings.STUDENT_SIGN_IN_VIEW != "relate-sign_in_by_email":
raise SuspiciousOperation(_("email-based sign-in is not being used"))
from django.contrib.auth import authenticate, login
user = authenticate(user_id=int(user_id), token=sign_in_key)
if user is None:
messages.add_message(request, messages.ERROR,
_("Invalid sign-in token. Perhaps you've used an old "
"token email?"))
raise PermissionDenied(_("invalid sign-in token"))
if not user.is_active:
messages.add_message(request, messages.ERROR,
_("Account disabled."))
raise PermissionDenied(_("invalid sign-in token"))
from course.exam import may_sign_in
if not may_sign_in(request, user):
messages.add_message(request, messages.ERROR,
_("Sign-in not allowed in this facility."))
raise PermissionDenied(_("user not allowed to sign in in facility"))
login(request, user)
if not (user.first_name and user.last_name):
messages.add_message(request, messages.INFO,
_("Successfully signed in. "
"Please complete your registration information below."))
return redirect(
reverse("relate-user_profile")+"?first_login=1")
else:
messages.add_message(request, messages.INFO,
_("Successfully signed in."))
return redirect("relate-home")