def login(self):
_ = self.request.translate
browser_error = checkBrowser(self.request)
device_error = checkDevice(self.request)
login = ''
if self.request.method == 'POST':
if self.request.POST.get('login') \
and self.request.POST.get('password') \
and self.request.POST.get('login').strip() != '' \
and self.request.POST.get('password').strip() != '':
login = self.request.POST.get('login')
password = self.request.POST.get('password')
user = DBSession.query(User).filter(User.username==login).first()
if ( user is not None
and user.active
and user.validate_password(password, user.password)):
headers = security.remember(self.request, user.id)
self.request.session.flash(_(u"Welcome, ${username}! You are logged in.", mapping={'username':user.username}), 'success')
userLogin = UserLogin(user_id = user.id, ip = self.request.client_addr, user_agent = self.request.user_agent)
DBSession.add(userLogin)
DBSession.flush()
self.request.session['user_login_id'] = userLogin.id
if userhelpers.checkUserPasswordChangeNeed(self.request, user):
return HTTPFound(location='/settings/me/edit/', headers=headers)
return HTTPFound(location='/', headers=headers)
self.request.session.flash(_(u"Login failed."), 'error')
else:
self.request.session.flash(_(u"Login failed. Please provide username and password."), 'error')
return {'login':login, 'browser_error':browser_error, 'device_error':device_error}
def __init__(self, request):
if checkBrowser(request) or checkDevice(request):
request.redirect_forbidden = True
else:
request.redirect_forbidden = False
self.request = request
def forbidden_view(self):
_ = self.request.translate
browser_error = checkBrowser(self.request)
device_error = checkDevice(self.request)
path = self.request.path
return {'path':path,'login':'', 'browser_error':browser_error, 'device_error':device_error}