def registration(request): context = RequestContext(request) user = request.session.get('user') data = {'system_name': SYSTEM_NAME, 'page' : 'view_student', 'action_url' : '' } if user is not None: #and hasValidUserGrpAccess(user['id'], 'student'): return HttpResponseRedirect('/registration/searchRegStud') elif request.method == 'POST': # authenticate user login_form = LogInForm(request.POST) if login_form.is_valid(): employee = authenticate(username=login_form.cleaned_data['userID'], password=login_form.cleaned_data['password']) if employee is not None and employee.is_active and hasAccess(employee.id, 'student'): login(request, employee) request.session['user'] = {'id':employee.id, 'userID': employee.username, 'firstname':employee.first_name, 'lastname':employee.last_name} return HttpResponseRedirect('/registration/searchRegStud') else: data['form'] = login_form return render_to_response('login.html', data, context) else: data['errors'] = login_form.errors data['form'] = login_form return render_to_response('login.html', data, context) else:#login precedes data['form'] = LogInForm() return render_to_response('login.html', data, context)
def validateUserLogin(request): cursor = connection.cursor() frmlogin = LogInForm(request.POST) if frmlogin.is_valid(): user = authenticate(username=frmlogin.cleaned_data['userID'], password=frmlogin.cleaned_data['password']) if user is not None and user.is_active and hasAccess(user.id, 'employee'): login(request,user) request.session['user'] = {'id':user.id, 'userID':user.username, 'firstname':user.first_name, 'lastname':user.last_name} return HttpResponseRedirect('/security/employee_search') else: return HttpResponseRedirect('/security/login?valid=ok&has_access=no') else: return HttpResponseRedirect('/security/login?valid=no&has_access=no')