def throttled_login(request):
"Displays the login form and handles the login action."
# if the user is already logged-in, simply redirect them to the entry page
if request.user.is_authenticated():
return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
template_name = 'accounts/login.html'
login_allowed = request.session.get('login_allowed', True)
if request.method == 'POST':
# if the session has already been flagged to not allow login attempts, then
# simply redirect back to the login page
if not login_allowed:
return HttpResponseRedirect(settings.LOGIN_URL)
login_allowed = throttle_login(request)
if login_allowed:
response = login(request, template_name=template_name,
authentication_form=AuthenticateForm)
# GHETTO: we know if the response is a redirect, the login
# was successful, thus we can clear the throttled login counter
if isinstance(response, HttpResponseRedirect):
clear_throttled_login(request)
return response
return render_to_response(template_name, {
'login_not_allowed': not login_allowed
}, context_instance=RequestContext(request))
def throttled_login(request):
"Displays the login form and handles the login action."
# if the user is already logged-in, simply redirect them to the entry page
if request.user.is_authenticated():
return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
template_name = 'accounts/login.html'
login_allowed = request.session.get('login_allowed', True)
if request.method == 'POST':
# if the session has already been flagged to not allow login attempts, then
# simply redirect back to the login page
if not login_allowed:
return HttpResponseRedirect(settings.LOGIN_URL)
login_allowed = throttle_login(request)
if login_allowed:
response = login(request,
template_name=template_name,
authentication_form=BrpAuthenticationForm)
# We know if the response is a redirect, the login
# was successful, thus we can clear the throttled login counter
if isinstance(response, HttpResponseRedirect):
clear_throttled_login(request)
return response
return render_to_response(template_name,
{'login_not_allowed': not login_allowed},
context_instance=RequestContext(request))
def throttled_login(request):
"Displays the login form and handles the login action."
is_IE = False
user_agent = request.META['HTTP_USER_AGENT']
# if the user is already logged-in, simply redirect them to the entry page
if request.user.is_authenticated():
return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
if (re.findall(r'MSIE', user_agent) or re.findall(r'Trident', user_agent)):
is_IE = True
template_name = 'accounts/login.html'
login_allowed = request.session.get('login_allowed', True)
if request.method == 'POST':
# if the session has already been flagged to not allow login attempts, then
# simply redirect back to the login page
if not login_allowed:
return HttpResponseRedirect(settings.LOGIN_URL)
# Check if cache is available
try:
cache.get('')
except ConnectionError:
form = {
'non_field_errors':
['Redis not connected. Unable to create session.']
}
return render(request, template_name, {
'form': form,
'is_IE': is_IE,
})
except:
raise
login_allowed = throttle_login(request)
if login_allowed:
response = login(request,
template_name=template_name,
authentication_form=BrpAuthenticationForm)
# We know if the response is a redirect, the login
# was successful, thus we can clear the throttled login counter
if isinstance(response, HttpResponseRedirect):
request.META['action'] = 'Login successful.'
clear_throttled_login(request)
return response
return render(request, template_name, {
'login_not_allowed': not login_allowed,
'is_IE': is_IE,
})
def throttled_login(request):
"Displays the login form and handles the login action."
# if the user is already logged-in, simply redirect them to the entry page
if request.user.is_authenticated():
return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
template_name = 'accounts/login.html'
login_allowed = request.session.get('login_allowed', True)
if request.method == 'POST':
# if the session has already been flagged to not allow login attempts, then
# simply redirect back to the login page
if not login_allowed:
return HttpResponseRedirect(settings.LOGIN_URL)
# Check if cache is available
try:
cache.get('')
except ConnectionError:
form = {
'non_field_errors': ['Redis not connected. Unable to create session.']
}
return render(request, template_name, {
'form': form
})
except:
raise
login_allowed = throttle_login(request)
if login_allowed:
response = login(request, template_name=template_name,
authentication_form=BrpAuthenticationForm)
# We know if the response is a redirect, the login
# was successful, thus we can clear the throttled login counter
if isinstance(response, HttpResponseRedirect):
request.META['action'] = 'Login successful.'
clear_throttled_login(request)
return response
return render(request, template_name, {
'login_not_allowed': not login_allowed
})
