def login(request):
extra_context = {
"no_users": UserProfile.objects.all_users().count() == 0,
"create_command": django_settings.MAAS_CLI,
"external_auth_url": Config.objects.get_config("external_auth_url"),
}
if request.user.is_authenticated:
return HttpResponseRedirect(reverse("index"))
else:
redirect_url = request.GET.get(
REDIRECT_FIELD_NAME, request.POST.get(REDIRECT_FIELD_NAME)
)
if redirect_url == reverse("logout"):
redirect_field_name = None # Ignore next page.
else:
redirect_field_name = REDIRECT_FIELD_NAME
result = dj_login(
request,
redirect_field_name=redirect_field_name,
extra_context=extra_context,
)
if request.user.is_authenticated:
create_audit_event(
EVENT_TYPES.AUTHORISATION,
ENDPOINT.UI,
request,
None,
description=(
"Logged in %s."
% ("admin" if request.user.is_superuser else "user")
),
)
return result
def login(request):
extra_context = {
'no_users': UserProfile.objects.all_users().count() == 0,
'create_command': django_settings.MAAS_CLI,
'external_auth_url': Config.objects.get_config('external_auth_url'),
}
if request.user.is_authenticated:
return HttpResponseRedirect(reverse('index'))
else:
redirect_url = request.GET.get(REDIRECT_FIELD_NAME,
request.POST.get(REDIRECT_FIELD_NAME))
if redirect_url == reverse('logout'):
redirect_field_name = None # Ignore next page.
else:
redirect_field_name = REDIRECT_FIELD_NAME
result = dj_login(request,
redirect_field_name=redirect_field_name,
extra_context=extra_context)
if request.user.is_authenticated:
create_audit_event(
EVENT_TYPES.AUTHORISATION,
ENDPOINT.UI,
request,
None,
description=(
"%s" % ('Admin' if request.user.is_superuser else 'User') +
" '%(username)s' logged in."))
return result
def login(request, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME,
*args, **kwargs):
# until anon users return False for is_authenticated
# anon domains and pass-throughs are incompatible
if request.user.is_authenticated() and not(settings.ANONYMOUS_DOMAINS):
# Similar redirect_to processing as in django.contrib.auth.views.login
redirect_to = request.REQUEST.get(redirect_field_name, '')
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or ' ' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Heavier security check -- redirects to http://example.com should
# not be allowed, but things like /view/?param=http://example.com
# should be allowed. This regex checks if there is a '//' *before* a
# question mark.
elif '//' in redirect_to and re.match(r'[^\?]*//', redirect_to):
redirect_to = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect_to)
try:
response = dj_login(request, *args, **kwargs)
except ValueError:
# Certain values in the database password field can cause a ValueError
# in that case, return a redirect back to the login page
return HttpResponseRedirect((login_url or reverse('login')) + '?' + request.GET.urlencode())
if type(response) == HttpResponseRedirect:
# Successful login, add user to IP based groups
update_membership_by_ip(request.user, request.META['REMOTE_ADDR'])
Activity.objects.create(event='login',
request=request,
content_object=request.user)
return response
def custom_login(request):
title = _('Log in')
if request.user.is_authenticated():
return redirect('/')
return dj_login(request,
template_name='auth/login.html',
extra_context={'title': title})
def login(request,
login_url=None,
redirect_field_name=REDIRECT_FIELD_NAME,
*args,
**kwargs):
if request.user.is_authenticated():
request.session.modified = True
# Similar redirect_to processing as in django.contrib.auth.views.login
redirect_to = request.GET.get(redirect_field_name, '')
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or ' ' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Heavier security check -- redirects to http://example.com should
# not be allowed, but things like /view/?param=http://example.com
# should be allowed. This regex checks if there is a '//' *before* a
# question mark.
elif '//' in redirect_to and re.match(r'[^\?]*//', redirect_to):
redirect_to = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect_to)
try:
response = dj_login(request, *args, **kwargs)
except ValueError:
# Certain values in the database password field can cause a ValueError
# in that case, return a redirect back to the login page
return HttpResponseRedirect((login_url or reverse('login')) + '?' +
request.GET.urlencode())
if type(response) == HttpResponseRedirect:
# Successful login, add user to IP based groups
Activity.objects.create(event='login',
request=request,
content_object=request.user)
return response
def login(request, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME, *args, **kwargs):
if request.user.is_authenticated():
# Similar redirect_to processing as in django.contrib.auth.views.login
redirect_to = request.REQUEST.get(redirect_field_name, "")
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or " " in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Heavier security check -- redirects to http://example.com should
# not be allowed, but things like /view/?param=http://example.com
# should be allowed. This regex checks if there is a '//' *before* a
# question mark.
elif "//" in redirect_to and re.match(r"[^\?]*//", redirect_to):
redirect_to = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect_to)
try:
response = dj_login(request, *args, **kwargs)
except ValueError:
# Certain values in the database password field can cause a ValueError
# in that case, return a redirect back to the login page
return HttpResponseRedirect((login_url or reverse("login")) + "?" + request.GET.urlencode())
if type(response) == HttpResponseRedirect:
# Successful login, add user to IP based groups
Activity.objects.create(event="login", request=request, content_object=request.user)
return response
def login(request):
extra_context = {
'no_users': UserProfile.objects.all_users().count() == 0,
'create_command': django_settings.MAAS_CLI,
}
if request.user.is_authenticated():
return HttpResponseRedirect(reverse('index'))
else:
return dj_login(request, extra_context=extra_context)
def login(request):
extra_context = {
'no_users': UserProfile.objects.all_users().count() == 0,
'create_command': django_settings.MAAS_CLI,
}
if request.user.is_authenticated():
return HttpResponseRedirect(reverse('index'))
else:
return dj_login(request, extra_context=extra_context)
def login(request, login_url=None, *args, **kwargs):
try:
response = dj_login(request, *args, **kwargs)
except ValueError:
# Certain values in the database password field can cause a ValueError
# in that case, return a redirect back to the login page
return HttpResponseRedirect((login_url or reverse('login')) + '?' + request.GET.urlencode())
if type(response) == HttpResponseRedirect:
# Successful login, add user to IP based groups
update_membership_by_ip(request.user, request.META['REMOTE_ADDR'])
return response
def login(request):
extra_context = {
'no_users': UserProfile.objects.all_users().count() == 0,
'create_command': django_settings.MAAS_CLI,
}
if request.user.is_authenticated:
return HttpResponseRedirect(reverse('index'))
else:
redirect_url = request.GET.get(REDIRECT_FIELD_NAME,
request.POST.get(REDIRECT_FIELD_NAME))
if redirect_url == reverse('logout'):
redirect_field_name = None # Ignore next page.
else:
redirect_field_name = REDIRECT_FIELD_NAME
return dj_login(request,
redirect_field_name=redirect_field_name,
extra_context=extra_context)
def login(request):
return dj_login(request, authentication_form=UsernameOrEmailAuthenticationForm)
def custom_login(request):
title = _("Log in")
if request.user.is_authenticated():
return redirect("/")
return dj_login(request, template_name="auth/login.html", extra_context={"title": title})
