def autologin(request):
# if user logged in, no need to check auto login
if safe_dict_get(request.session, 'user_id'):
return request
auth_token = safe_dict_get(request.COOKIES, 'auth_token')
if auth_token:
try:
auth_token = eval(auth_token)
except Exception:
return request
try:
user = User.objects.get(id=safe_dict_get(auth_token, 'user_id'))
ua = User_AutoLogin.objects.get(user=user, remember_token=safe_dict_get(auth_token, 'remember_token'))
except (User.DoesNotExist, User_AutoLogin.DoesNotExist):
return request
# check if cookie expired and delete db record
now = datetime.datetime.now()
expires = ua.expires_at
if now > expires:
ua.delete()
return request
# log in user
request.session['user_id'] = user.id
request.session['user'] = user
return request
def forget_user(response, request):
auth_token = safe_dict_get(request.COOKIES, 'auth_token')
if auth_token:
try:
# cookies are strings, need to eval them, but they might be invalid
try:
auth_token = eval(auth_token)
except Exception:
return
user = User.objects.get(id=safe_dict_get(auth_token, 'user_id'))
ua = User_AutoLogin.objects.get(user=user, remember_token=safe_dict_get(auth_token, 'remember_token'))
# delete auto login record from db
ua.delete()
except (User.DoesNotExist, User_AutoLogin.DoesNotExist):
pass
# delete corresponding cookie
response.delete_cookie('auth_token', domain=settings.SESSION_COOKIE_DOMAIN or None)
return response
def is_logged_in(request):
if safe_dict_get(request.session, 'user_id'):
return True
return False
