Example #1
0
def signout(request):
    user = request.user
    request.session.sign_out(request)
    request.messages.set_flash(Message(_("You have been signed out.")), 'info', 'security')
    if request.firewall.admin:
        return redirect(reverse(site.get_admin_index()))
    return redirect(reverse('index'))
Example #2
0
def signout(request):
    user = request.user
    request.session.sign_out(request)
    request.messages.set_flash(Message(request, 'security/signed_out', extra={'user': user}), 'info', 'security')
    if request.firewall.admin:
        return redirect(reverse(site.get_admin_index()))
    return redirect(reverse('index'))
    
Example #3
0
def signout(request):
    user = request.user
    request.session.sign_out(request)
    messages.info(request, _("You have been signed out."), 'security')
    if request.firewall.admin:
        return redirect(reverse(site.get_admin_index()))
    else:
        ranks_online = cache.get('ranks_online', 'nada')
        if ranks_online != 'nada':
            for rank in ranks_online:
                if rank['id'] == user.rank_id:
                    cache.delete('ranks_online')
                    break
    return redirect(reverse('index'))
Example #4
0
def signin(request):
    message = request.messages.get_message('security')
    bad_password = False
    not_active = False
    banned_account = False

    if request.method == 'POST':
        form = SignInForm(
                          request.POST,
                          show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
                          request=request
                          )

        if form.is_valid():
            try:
                # Configure correct auth and redirect links
                if request.firewall.admin:
                    auth_method = auth_admin
                    success_redirect = reverse(site.get_admin_index())
                else:
                    auth_method = auth_forum
                    success_redirect = reverse('index')

                # Authenticate user
                user = auth_method(
                                  request,
                                  form.cleaned_data['user_email'],
                                  form.cleaned_data['user_password'],
                                  )

                sign_user_in(request, user)
                remember_me_token = False

                if not request.firewall.admin and request.settings['remember_me_allow'] and form.cleaned_data['user_remember_me']:
                    remember_me_token = get_random_string(42)
                    remember_me = Token(
                                        id=remember_me_token,
                                        user=user,
                                        created=timezone.now(),
                                        accessed=timezone.now(),
                                        )
                    remember_me.save()
                if remember_me_token:
                    request.cookie_jar.set('TOKEN', remember_me_token, True)
                request.messages.set_flash(Message(_("Welcome back, %(username)s!") % {'username': user.username}), 'success', 'security')
                return redirect(success_redirect)
            except AuthException as e:
                message = Message(e.error, 'error')
                bad_password = e.password
                banned_account = e.ban
                not_active = e.activation

                # If not in Admin, register failed attempt
                if not request.firewall.admin and e.type == auth.CREDENTIALS:
                    SignInAttempt.objects.register_attempt(request.session.get_ip(request))

                    # Have we jammed our account?
                    if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
                        request.jam.expires = timezone.now()
                        return redirect(reverse('sign_in'))
        else:
            message = Message(form.non_field_errors()[0], 'error')
    else:
        form = SignInForm(
                          show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
                          request=request
                          )
    return request.theme.render_to_response('signin.html',
                                            {
                                             'message': message,
                                             'bad_password': bad_password,
                                             'banned_account': banned_account,
                                             'not_active': not_active,
                                             'form': FormLayout(form),
                                             'hide_signin': True,
                                             },
                                            context_instance=RequestContext(request));
Example #5
0
def signin(request):
    message = request.messages.get_message('security')
    bad_password = False
    not_active = False
    banned_account = False

    if request.method == 'POST':
        form = SignInForm(
                          request.POST,
                          show_remember_me=not request.firewall.admin and settings.remember_me_allow,
                          request=request
                          )

        if form.is_valid():
            try:
                # Configure correct auth and redirect links
                if request.firewall.admin:
                    auth_method = auth_admin
                    success_redirect = reverse(site.get_admin_index())
                else:
                    auth_method = auth_forum
                    success_redirect = reverse('index')

                # Authenticate user
                user = auth_method(
                                  request,
                                  form.cleaned_data['user_email'],
                                  form.cleaned_data['user_password'],
                                  )

                sign_user_in(request, user)
                remember_me_token = False

                if not request.firewall.admin and settings.remember_me_allow and form.cleaned_data['user_remember_me']:
                    remember_me_token = random_string(42)
                    remember_me = Token(
                                        id=remember_me_token,
                                        user=user,
                                        created=timezone.now(),
                                        accessed=timezone.now(),
                                        )
                    remember_me.save()
                if remember_me_token:
                    request.cookiejar.set('TOKEN', remember_me_token, True)
                messages.success(request, _("Welcome back, %(username)s!") % {'username': user.username}, 'security')
                return redirect(success_redirect)
            except AuthException as e:
                message = Message(e.error, messages.ERROR)
                bad_password = e.password
                banned_account = e.ban
                not_active = e.activation

                # If not in Admin, register failed attempt
                if not request.firewall.admin and e.type == auth.CREDENTIALS:
                    SignInAttempt.objects.register_attempt(request.session.get_ip(request))

                    # Have we jammed our account?
                    if SignInAttempt.objects.is_jammed(request.session.get_ip(request)):
                        request.jam.expires = timezone.now()
                        return redirect(reverse('sign_in'))
        else:
            message = Message(form.non_field_errors()[0], messages.ERROR)
    else:
        form = SignInForm(
                          show_remember_me=not request.firewall.admin and settings.remember_me_allow,
                          request=request
                          )
    return render_to_response('signin.html',
                              {
                              'message': message,
                              'bad_password': bad_password,
                              'banned_account': banned_account,
                              'not_active': not_active,
                              'form': form,
                              'hide_signin': True,
                              },
                              context_instance=RequestContext(request));
Example #6
0
def signin(request):
    message = request.messages.get_message('security')
    if request.method == 'POST':
        form = SignInForm(
                          request.POST,
                          show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
                          show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
                          request=request
                          )
        if form.is_valid():
            try:
                # Configure correct auth and redirect links
                if request.firewall.admin:
                    auth_method = auth_admin
                    success_redirect = reverse(site.get_admin_index())
                else:
                    auth_method = auth_forum
                    success_redirect = reverse('index')
                
                # Authenticate user
                user = auth_method(
                                  request,
                                  form.cleaned_data['user_email'],
                                  form.cleaned_data['user_password'],
                                  )
                
                if not request.firewall.admin and request.settings['sessions_hidden'] and form.cleaned_data['user_stay_hidden']:
                    request.session.hidden = True                    
                
                sign_user_in(request, user, request.session.hidden)     
                           
                remember_me_token = False
                if not request.firewall.admin and request.settings['remember_me_allow'] and form.cleaned_data['user_remember_me']:
                    remember_me_token = get_random_string(42)
                    remember_me = Token(
                                        id=remember_me_token,
                                        user=user,
                                        created=timezone.now(),
                                        accessed=timezone.now(),
                                        hidden=request.session.hidden
                                        )
                    remember_me.save()
                if remember_me_token:
                    request.cookie_jar.set('TOKEN', remember_me_token, True)
                request.messages.set_flash(Message(request, 'security/signed_in', extra={'user': user}), 'success', 'security')
                return redirect(success_redirect)
            except AuthException as e:
                message = Message(request, e.type, extra={'user':e.user, 'ban':e.ban})
                message.type = 'error'
                # If not in Admin, register failed attempt
                if not request.firewall.admin and e.type == auth.CREDENTIALS:
                    SignInAttempt.objects.register_attempt(request.session.get_ip(request))
                    # Have we jammed our account?
                    if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
                        request.jam.expires = timezone.now()
                        return redirect(reverse('sign_in'))
        else:
            message = Message(request, form.non_field_errors()[0])
            message.type = 'error'
    else:
        form = SignInForm(
                          show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
                          show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
                          request=request
                          )
    return request.theme.render_to_response('signin.html',
                                            {
                                             'message': message,
                                             'form': FormLayout(form, [
                                                 (
                                                     None,
                                                     [('user_email', {'attrs': {'placeholder': _("Enter your e-mail")}}), ('user_password', {'has_value': False, 'placeholder': _("Enter your password")})]
                                                 ),
                                                 (
                                                     None,
                                                     ['user_remember_me', 'user_stay_hidden'],
                                                 ),
                                             ]),
                                             'hide_signin': True, 
                                            },
                                            context_instance=RequestContext(request));