def login_login(request):
redirect_to = request.REQUEST.get('redirect_to', '/')
redirect_to = clean.redirect_to(redirect_to)
if request.POST:
try:
login = request.POST.get('log', None)
password = request.POST.get('pwd', None)
rememberme = request.POST.get('rememberme', None)
# TODO validate
current_user = user.lookup_user_by_login(login, password)
if current_user:
if redirect_to == '/':
redirect_to = current_user.url('/overview')
# Attempt to do some cleanup on the user if necessary
api.user_cleanup(api.ROOT, current_user.nick)
# if we aren't hosted or aren't ssl just set the cookie and go home
if (not settings.HOSTED_DOMAIN_ENABLED
or not settings.SSL_LOGIN_ENABLED):
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, current_user,
rememberme)
return response
# otherwise, we're going to have to redirect to set the cookie on
# the proper domain
sso_token = util.generate_uuid()
cache.set('sso/%s' % sso_token,
(current_user.nick, rememberme),
timeout=10)
sso_url = 'http://%s/login/noreally' % (settings.DOMAIN)
sso_url = util.qsa(sso_url, {
'redirect_to': redirect_to,
'sso_token': sso_token
})
return http.HttpResponseRedirect(sso_url)
else:
raise exception.ValidationError("Invalid username or password")
except:
exception.handle_exception(request)
if request.user:
if redirect_to == '/':
redirect_to = request.user.url('/overview')
return http.HttpResponseRedirect(redirect_to)
c = template.RequestContext(request, locals())
t = loader.get_template('login/templates/login.html')
return http.HttpResponse(t.render(c))
def login_noreally(request):
if 'sso_token' in request.GET:
sso_token = request.GET['sso_token']
redirect_to = request.GET['redirect_to']
redirect_to = clean.redirect_to(redirect_to)
nick, rememberme = cache.get('sso/%s' % sso_token)
cache.delete('sso/%s' % sso_token)
actor_ref = api.actor_get(api.ROOT, nick)
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, actor_ref, rememberme)
return response
return http.HttpResponseRedirect('/login')
def login_noreally(request):
if 'sso_token' in request.GET:
sso_token = request.GET['sso_token']
redirect_to = request.GET['redirect_to']
redirect_to = clean.redirect_to(redirect_to)
nick, rememberme = cache.get('sso/%s' % sso_token)
cache.delete('sso/%s' % sso_token)
actor_ref = api.actor_get(api.ROOT, nick)
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, actor_ref, rememberme)
return response
return http.HttpResponseRedirect('/login')
def login_login(request):
redirect_to = request.REQUEST.get('redirect_to', '/')
redirect_to = clean.redirect_to(redirect_to)
if request.POST:
try:
login = request.POST.get('log', None)
password = request.POST.get('pwd', None)
rememberme = request.POST.get('rememberme', None)
# TODO validate
current_user = user.lookup_user_by_login(login, password)
if current_user:
if redirect_to == '/':
redirect_to = current_user.url('/overview')
# Attempt to do some cleanup on the user if necessary
api.user_cleanup(api.ROOT, current_user.nick)
# if we aren't hosted or aren't ssl just set the cookie and go home
if (not settings.HOSTED_DOMAIN_ENABLED
or not settings.SSL_LOGIN_ENABLED):
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, current_user, rememberme)
return response
# otherwise, we're going to have to redirect to set the cookie on
# the proper domain
sso_token = util.generate_uuid()
cache.set('sso/%s' % sso_token, (current_user.nick, rememberme), timeout=10)
sso_url = 'http://%s/login/noreally' % (settings.DOMAIN)
sso_url = util.qsa(
sso_url, {'redirect_to': redirect_to, 'sso_token': sso_token})
return http.HttpResponseRedirect(sso_url)
else:
raise exception.ValidationError("Invalid username or password")
except:
exception.handle_exception(request)
view =user.get_user_from_cookie_or_legacy_auth(request)
area="login"
if view:
if redirect_to == '/':
redirect_to = request.user.url('/overview')
return http.HttpResponseRedirect(redirect_to)
c = template.RequestContext(request, locals())
t = loader.get_template('login/templates/login.html')
return http.HttpResponse(t.render(c))
def login(request):
redirect_to = request.REQUEST.get('redirect_to', django_settings.LOGIN_REDIRECT_URL)
redirect_to = clean.redirect_to(redirect_to)
form = LoginForm()
if request.method == 'POST':
form = LoginForm(data=request.POST)
if form.is_valid():
user = form.get_user()
auth_login(request, user)
util.set_flash(request, "success_users_login")
return redirect(redirect_to)
c = template.RequestContext(request, locals())
return render_to_response('users_login.html', c)
def get_clean_redirect(request):
redirect_to = request.REQUEST.get('redirect_to', '/')
redirect_to = clean.redirect_to(redirect_to)
return redirect_to
def get_clean_redirect(request):
redirect_to = request.REQUEST.get('redirect_to', '/')
redirect_to = clean.redirect_to(redirect_to)
return redirect_to
