Example #1
0
    def _checklogin(request, *args, **kwargs):
        if not request.user.is_anonymous() and request.user.is_staff:
            # The user is valid. Continue to the admin page.
            return view_func(request, *args, **kwargs)

        assert hasattr(request, 'session'), "The Django admin requires session middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.middleware.sessions.SessionMiddleware'."

        # If this isn't already the login page, display it.
        if not request.POST.has_key(LOGIN_FORM_KEY):
            if request.POST:
                message = "Please log in again, because your session has expired. "\
                          "Don't worry: Your submission has been saved."
            else:
                message = ""
            return _display_login_form(request, message)

        # Check that the user accepts cookies.
        if not request.session.test_cookie_worked():
            message = "Looks like your browser isn't configured to accept cookies. Please enable cookies, reload this page, and try again."
            return _display_login_form(request, message)

        # Check the password.
        username = request.POST.get('username', '')
        try:
            user = users.get_object(username__exact=username, is_staff__exact=True)
        except users.UserDoesNotExist:
            message = ERROR_MESSAGE
            if '@' in username:
                # Mistakenly entered e-mail address instead of username? Look it up.
                try:
                    user = users.get_object(email__exact=username)
                except users.UserDoesNotExist:
                    message = "Usernames cannot contain the '@' character."
                else:
                    message = "Your e-mail address is not your username. Try '%s' instead." % user.username
            return _display_login_form(request, message)

        # The user data is correct; log in the user in and continue.
        else:
            if user.check_password(request.POST.get('password', '')):
                request.session[users.SESSION_KEY] = user.id
                if request.POST.has_key('post_data'):
                    post_data = _decode_post_data(request.POST['post_data'])
                    if post_data and not post_data.has_key(LOGIN_FORM_KEY):
                        # overwrite request.POST with the saved post_data, and continue
                        request.POST = post_data
                        request.user = user
                        return view_func(request, *args, **kwargs)
                    else:
                        request.session.delete_test_cookie()
                        return httpwrappers.HttpResponseRedirect(request.path)
            else:
                return _display_login_form(request, ERROR_MESSAGE)
Example #2
0
def createsuperuser():
    "Creates a superuser account."
    from django.core import validators
    from django.models.auth import users
    import getpass
    try:
        while 1:
            username = raw_input('Username (only letters, digits and underscores): ')
            if not username.isalnum():
                sys.stderr.write("Error: That username is invalid.\n")
                continue
            try:
                users.get_object(username__exact=username)
            except users.UserDoesNotExist:
                break
            else:
                sys.stderr.write("Error: That username is already taken.\n")
        while 1:
            email = raw_input('E-mail address: ')
            try:
                validators.isValidEmail(email, None)
            except validators.ValidationError:
                sys.stderr.write("Error: That e-mail address is invalid.\n")
            else:
                break
        while 1:
            password = getpass.getpass()
            password2 = getpass.getpass('Password (again): ')
            if password != password2:
                sys.stderr.write("Error: Your passwords didn't match.\n")
                continue
            if password.strip() == '':
                sys.stderr.write("Error: Blank passwords aren't allowed.\n")
                continue
            break
    except KeyboardInterrupt:
        sys.stderr.write("\nOperation cancelled.\n")
        sys.exit(1)
    u = users.create_user(username, email, password)
    u.is_staff = True
    u.is_active = True
    u.is_superuser = True
    u.save()
    print "User created successfully."
Example #3
0
 def _get_user(self):
     if not hasattr(self, '_user'):
         from django.models.auth import users
         try:
             user_id = self.session[users.SESSION_KEY]
             if not user_id:
                 raise ValueError
             self._user = users.get_object(pk=user_id)
         except (AttributeError, KeyError, ValueError, users.UserDoesNotExist):
             from django.parts.auth import anonymoususers
             self._user = anonymoususers.AnonymousUser()
     return self._user
Example #4
0
 def _get_user(This):
     if not hasattr(This, '_user'):
         from django.models.auth import users
         try:
             user_id = This.session[users.SESSION_KEY]
             if not user_id:
                 raise ValueError
             This._user = users.get_object(pk=user_id)
         except (AttributeError, KeyError, ValueError,
                 users.UserDoesNotExist):
             from django.parts.auth import anonymoususers
             This._user = anonymoususers.AnonymousUser()
     return This._user
Example #5
0
def login(request):
    try:
        user = users.get_object(username__exact=request.POST["username"])
        if not user.check_password(request.POST["password"]):
            raise users.UserDoesNotExist
        # set the session's user active
        request.session[users.SESSION_KEY] = user.id
        try:
            nextpage = request.GET["next"]
        except KeyError:
            nextpage = "/gappy/"
        return HttpResponseRedirect(nextpage)
    except KeyError:
        return render_to_response("gappy/login")
    except users.UserDoesNotExist:
        t = loader.get_template("gappy/login")
        c = Context({"error":"Some login information was wrong."})
        return HttpResponse(t.render(c))
Example #6
0
 def isValidUser(self, field_data, all_data):
     try:
         self.user_cache = users.get_object(username__exact=field_data)
     except users.UserDoesNotExist:
         raise validators.ValidationError, "Please enter a correct username and password. Note that both fields are case-sensitive."
Example #7
0
 def isValidUserEmail(self, new_data, all_data):
     "Validates that a user exists with the given e-mail address"
     try:
         self.user_cache = users.get_object(email__iexact=new_data)
     except users.UserDoesNotExist:
         raise validators.ValidationError, "That e-mail address doesn't have an associated user acount. Are you sure you've registered?"