def login(request, template_name='registration/login.html', redirect_if_logged_in=None, redirect_field_name=REDIRECT_FIELD_NAME, authentication_form=AuthenticationForm): """Displays the login form and handles the login action.""" if request.user.is_authenticated() and redirect_if_logged_in: return HttpResponseRedirect(reverse(redirect_if_logged_in)) redirect_to = request.REQUEST.get(redirect_field_name, '') ip = get_remote_ip(request) if request.method == "POST": login = urlquote(request.REQUEST.get('login', '').strip()) failed_attempt = _get_login_failed_attempts(username=login, ip=ip) remember_me = True if request.REQUEST.get('remember_me', '') == 'on' else False # check the form used_captcha_already = False if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True: form = authentication_form(data=request.POST) else: if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT: form = CaptchaAuthenticationForm(data=request.POST) used_captcha_already = True else: form = authentication_form(data=request.POST) if form.is_valid(): return _handle_login_form_valid(request, form.get_user(), redirect_to, remember_me) # form is invalid user_logged_in_failed.send(sender=None, request=request) failed_attempt = _incr_login_failed_attempts(username=login, ip=ip) if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT: if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True: # log user in if password is valid otherwise freeze account logger.warn( 'Login attempt limit reached, try freeze the user, email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) login = request.REQUEST.get('login', '') email = Profile.objects.get_username_by_login_id(login) if email is None: email = login try: user = User.objects.get(email) if user.is_active: user.freeze_user(notify_admins=True) logger.warn( 'Login attempt limit reached, freeze the user email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) except User.DoesNotExist: logger.warn( 'Login attempt limit reached with invalid email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) pass form.errors['freeze_account'] = _( 'This account has been frozen due to too many failed login attempts.' ) else: # use a new form with Captcha logger.warn( 'Login attempt limit reached, show Captcha, email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) if not used_captcha_already: form = CaptchaAuthenticationForm() else: ### GET failed_attempt = _get_login_failed_attempts(ip=ip) if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT: if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True: form = authentication_form() else: logger.warn( 'Login attempt limit reached, show Captcha, ip: %s, attempts: %d' % (ip, failed_attempt)) form = CaptchaAuthenticationForm() else: form = authentication_form() request.session.set_test_cookie() if Site._meta.installed: current_site = Site.objects.get_current() else: current_site = RequestSite(request) multi_tenancy = getattr(settings, 'MULTI_TENANCY', False) if config.ENABLE_SIGNUP: if multi_tenancy: org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False) if org_account_only: signup_url = reverse('org_register') else: signup_url = reverse('choose_register') else: signup_url = reverse('registration_register') else: signup_url = '' enable_shib_login = getattr(settings, 'ENABLE_SHIB_LOGIN', False) enable_krb5_login = getattr(settings, 'ENABLE_KRB5_LOGIN', False) enable_adfs_login = getattr(settings, 'ENABLE_ADFS_LOGIN', False) login_bg_image_path = LOGIN_BG_IMAGE_PATH # get path that background image of login page custom_login_bg_image_file = os.path.join(MEDIA_ROOT, CUSTOM_LOGIN_BG_IMAGE_PATH) if os.path.exists(custom_login_bg_image_file): login_bg_image_path = CUSTOM_LOGIN_BG_IMAGE_PATH return render_to_response(template_name, { 'form': form, redirect_field_name: redirect_to, 'site': current_site, 'site_name': current_site.name, 'remember_days': config.LOGIN_REMEMBER_DAYS, 'signup_url': signup_url, 'enable_shib_login': enable_shib_login, 'enable_krb5_login': enable_krb5_login, 'enable_adfs_login': enable_adfs_login, 'login_bg_image_path': login_bg_image_path, }, context_instance=RequestContext(request))
def login(request, template_name='registration/login.html', redirect_if_logged_in='libraries', redirect_field_name=REDIRECT_FIELD_NAME, authentication_form=AuthenticationForm): """Displays the login form and handles the login action.""" redirect_to = request.GET.get(redirect_field_name, '') if request.user.is_authenticated(): if redirect_to: return HttpResponseRedirect(redirect_to) else: return HttpResponseRedirect(reverse(redirect_if_logged_in)) ip = get_remote_ip(request) if request.method == "POST": login = request.POST.get('login', '').strip() failed_attempt = get_login_failed_attempts(username=login, ip=ip) remember_me = True if request.POST.get('remember_me', '') == 'on' else False redirect_to = request.POST.get(redirect_field_name, '') or redirect_to # check the form used_captcha_already = False if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True: form = authentication_form(data=request.POST) else: if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT: form = CaptchaAuthenticationForm(data=request.POST) used_captcha_already = True else: form = authentication_form(data=request.POST) if form.is_valid(): return _handle_login_form_valid(request, form.get_user(), redirect_to, remember_me) # form is invalid user_logged_in_failed.send(sender=None, request=request) failed_attempt = incr_login_failed_attempts(username=login, ip=ip) if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT: if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True: # log user in if password is valid otherwise freeze account logger.warn( 'Login attempt limit reached, try freeze the user, email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) email = Profile.objects.get_username_by_login_id(login) if email is None: email = login try: user = User.objects.get(email) if user.is_active: user.freeze_user(notify_admins=True) logger.warn( 'Login attempt limit reached, freeze the user email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) except User.DoesNotExist: logger.warn( 'Login attempt limit reached with invalid email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) pass form.errors['freeze_account'] = _( 'This account has been frozen due to too many failed login attempts.' ) else: # use a new form with Captcha logger.warn( 'Login attempt limit reached, show Captcha, email/username: %s, ip: %s, attemps: %d' % (login, ip, failed_attempt)) if not used_captcha_already: form = CaptchaAuthenticationForm() else: ### GET failed_attempt = get_login_failed_attempts(ip=ip) if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT: if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True: form = authentication_form() else: logger.warn( 'Login attempt limit reached, show Captcha, ip: %s, attempts: %d' % (ip, failed_attempt)) form = CaptchaAuthenticationForm() else: form = authentication_form() request.session.set_test_cookie() current_site = get_current_site(request) multi_tenancy = getattr(settings, 'MULTI_TENANCY', False) if config.ENABLE_SIGNUP: if multi_tenancy: org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False) if org_account_only: signup_url = reverse('org_register') else: signup_url = reverse('choose_register') else: signup_url = reverse('registration_register') else: signup_url = '' enable_sso = getattr(settings, 'ENABLE_SHIB_LOGIN', False) or \ getattr(settings, 'ENABLE_KRB5_LOGIN', False) or \ getattr(settings, 'ENABLE_ADFS_LOGIN', False) or \ getattr(settings, 'ENABLE_OAUTH', False) or \ getattr(settings, 'ENABLE_CAS', False) or \ getattr(settings, 'ENABLE_REMOTE_USER_AUTHENTICATION', False) or \ getattr(settings, 'ENABLE_WORK_WEIXIN', False) login_bg_image_path = get_login_bg_image_path() return render( request, template_name, { 'form': form, redirect_field_name: redirect_to, 'site': current_site, 'site_name': get_site_name(), 'remember_days': config.LOGIN_REMEMBER_DAYS, 'signup_url': signup_url, 'enable_sso': enable_sso, 'login_bg_image_path': login_bg_image_path, })