Example #1
0
    def login(self):
        _ = self.request.translate
        browser_error = checkBrowser(self.request)
        device_error = checkDevice(self.request)
        
        login = ''
        if self.request.method == 'POST':
            if self.request.POST.get('login') \
                and self.request.POST.get('password') \
                and self.request.POST.get('login').strip() != '' \
                and self.request.POST.get('password').strip() != '':
                login = self.request.POST.get('login')
                password = self.request.POST.get('password')
            
                user = DBSession.query(User).filter(User.username==login).first()
                if (    user is not None 
                    and user.active 
                    and user.validate_password(password, user.password)):
                    headers = security.remember(self.request, user.id)
                    self.request.session.flash(_(u"Welcome, ${username}! You are logged in.", mapping={'username':user.username}), 'success')
                    userLogin = UserLogin(user_id = user.id, ip = self.request.client_addr, user_agent = self.request.user_agent)
                    DBSession.add(userLogin)
                    DBSession.flush()
                    self.request.session['user_login_id'] = userLogin.id
                    if userhelpers.checkUserPasswordChangeNeed(self.request, user):
                        return HTTPFound(location='/settings/me/edit/', headers=headers)
                    return HTTPFound(location='/', headers=headers)

                self.request.session.flash(_(u"Login failed."), 'error')
                
            else:
                self.request.session.flash(_(u"Login failed. Please provide username and password."), 'error')

        return {'login':login, 'browser_error':browser_error, 'device_error':device_error}
Example #2
0
 def __init__(self, request):
     if checkBrowser(request) or checkDevice(request):
         request.redirect_forbidden = True
     else:
         request.redirect_forbidden = False
     self.request = request
 def forbidden_view(self):
     _ = self.request.translate
     browser_error = checkBrowser(self.request)
     device_error = checkDevice(self.request)
     path = self.request.path
     return {'path':path,'login':'', 'browser_error':browser_error, 'device_error':device_error}