def login(request, template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=StrictAuthenticationForm,
current_app=None, extra_context=None):
"""
Displays the login form and handles the login action.
Uses the StrictAuthenticationForm and triggers a password change after
login when required.
"""
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
form = authentication_form(request, data=request.POST)
if form.is_valid():
# Ensure the user-originating redirection url is safe.
if not is_safe_url(url=redirect_to, host=request.get_host()):
redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
# Okay, security check complete. Log the user in.
auth_login(request, form.get_user())
# Check for temporary or expired passwords and store in session
# The middleware should enforce a password change in next request
enforce, is_exp, is_temp = enforce_password_change(form.get_user())
request.session['password_change_enforce'] = enforce
request.session['password_is_expired'] = is_exp
request.session['password_is_temporary'] = is_temp
# Log password enforcement
if enforce:
if is_temp:
logger.info(u'User %s must change temporary password',
request.user)
if is_exp:
logger.info(u'User %s must change expired password',
request.user)
if not is_temp and not is_exp:
logger.info(u'User %s must change password',
request.user)
return HttpResponseRedirect(redirect_to)
else:
form = authentication_form(request)
current_site = get_current_site(request)
context = {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
}
if extra_context is not None:
context.update(extra_context)
return TemplateResponse(request, template_name, context,
current_app=current_app)
def process_response(self, request, response):
if not hasattr(request, 'user') or not request.user.is_authenticated():
return response
# When password change is enforced, check if this is still required
# for next request
if not request.session.get('password_change_enforce', False):
return response
enforce, is_exp, is_temp = enforce_password_change(request.user)
request.session['password_change_enforce'] = enforce
request.session['password_is_expired'] = is_exp
request.session['password_is_temporary'] = is_temp
return response
def process_response(self, request, response):
if not hasattr(request, 'user') or not request.user.is_authenticated():
return response
# When password change is enforced, check if this is still required
# for next request
if not request.session.get('password_change_enforce', False):
return response
enforce, is_exp, is_temp = enforce_password_change(request.user)
request.session['password_change_enforce'] = enforce
request.session['password_is_expired'] = is_exp
request.session['password_is_temporary'] = is_temp
return response
def login(request,
template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=StrictAuthenticationForm,
current_app=None,
extra_context=None):
"""
Displays the login form and handles the login action.
Uses the StrictAuthenticationForm and triggers a password change after
login when required.
"""
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
form = authentication_form(request, data=request.POST)
if form.is_valid():
# Ensure the user-originating redirection url is safe.
if not is_safe_url(url=redirect_to, host=request.get_host()):
redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
# Okay, security check complete. Log the user in.
auth_login(request, form.get_user())
# Check for temporary or expired passwords and store in session
# The middleware should enforce a password change in next request
enforce, is_exp, is_temp = enforce_password_change(form.get_user())
request.session['password_change_enforce'] = enforce
request.session['password_is_expired'] = is_exp
request.session['password_is_temporary'] = is_temp
# Log password enforcement
if enforce:
if is_temp:
logger.info(u'User %s must change temporary password',
request.user)
if is_exp:
logger.info(u'User %s must change expired password',
request.user)
if not is_temp and not is_exp:
logger.info(u'User %s must change password', request.user)
return HttpResponseRedirect(redirect_to)
else:
form = authentication_form(request)
current_site = get_current_site(request)
context = {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
}
if extra_context is not None:
context.update(extra_context)
return TemplateResponse(request,
template_name,
context,
current_app=current_app)
