def autologin(request): # if user logged in, no need to check auto login if safe_dict_get(request.session, 'user_id'): return request auth_token = safe_dict_get(request.COOKIES, 'auth_token') if auth_token: try: auth_token = eval(auth_token) except Exception: return request try: user = User.objects.get(id=safe_dict_get(auth_token, 'user_id')) ua = User_AutoLogin.objects.get(user=user, remember_token=safe_dict_get(auth_token, 'remember_token')) except (User.DoesNotExist, User_AutoLogin.DoesNotExist): return request # check if cookie expired and delete db record now = datetime.datetime.now() expires = ua.expires_at if now > expires: ua.delete() return request # log in user request.session['user_id'] = user.id request.session['user'] = user return request
def forget_user(response, request): auth_token = safe_dict_get(request.COOKIES, 'auth_token') if auth_token: try: # cookies are strings, need to eval them, but they might be invalid try: auth_token = eval(auth_token) except Exception: return user = User.objects.get(id=safe_dict_get(auth_token, 'user_id')) ua = User_AutoLogin.objects.get(user=user, remember_token=safe_dict_get(auth_token, 'remember_token')) # delete auto login record from db ua.delete() except (User.DoesNotExist, User_AutoLogin.DoesNotExist): pass # delete corresponding cookie response.delete_cookie('auth_token', domain=settings.SESSION_COOKIE_DOMAIN or None) return response
def is_logged_in(request): if safe_dict_get(request.session, 'user_id'): return True return False