def login(self, forward_url=None, previous_url=None, *args, **kw):
"""
The login form for not registered users
"""
from cherrypy import request, response
if not identity.current.anonymous and identity.was_login_attempted() and not identity.get_identity_errors():
raise redirect(forward_url)
forward_url = None
previous_url = request.path
if identity.was_login_attempted():
msg = _("The credentials you supplied were not correct or " "did not grant access to this resource.")
elif identity.get_identity_errors():
msg = _("You must provide your credentials before accessing " "this resource.")
else:
msg = _("Please log in.")
forward_url = request.headers.get("Referer", ".")
response.status = 403
return dict(
message=msg,
previous_url=previous_url,
logging_in=True,
original_parameters=request.params,
forward_url=forward_url,
)
def login(self, forward_url=None, previous_url=None, *args, **kw):
if not identity.current.anonymous and identity.was_login_attempted() and not identity.get_identity_errors():
raise redirect(forward_url)
# forward url will only be set if not passed from
# a previous login attempt.
# Case 1: user went to page that serves login page for credential reqs
# Case 2: public page offered login, so forward_url returns to the referrer
# note: case 2 was not in original TG code
forward_url = None
previous_url = request.path
if identity.was_login_attempted():
msg = _("The credentials you supplied were not correct or " "did not grant access to this resource.")
elif identity.get_identity_errors():
response.status = 401
msg = _("You must provide your credentials before accessing this resource.")
forward_url = previous_url
else:
msg = _("Please log in.")
forward_url = request.headers.get("Referer", "/")
return dict(
message=msg,
previous_url=previous_url,
logging_in=True,
original_parameters=request.params,
forward_url=forward_url,
)
def login(self, forward_url=None, previous_url=None, *args, **kw):
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
raise redirect(forward_url)
forward_url = None
previous_url = cherrypy.request.path
if identity.was_login_attempted():
msg = _("The credentials you supplied were not correct or "
"did not grant access to this resource.")
elif identity.get_identity_errors():
msg = _("You must provide your credentials before accessing "
"this resource.")
else:
msg = _("Please log in.")
forward_url = cherrypy.request.headers.get("Referer", "/")
cherrypy.response.status = 403
return dict(message=msg,
previous_url=previous_url,
logging_in=True,
original_parameters=cherrypy.request.params,
forward_url=forward_url)
def login(self, forward_url=None, previous_url=None, *args, **kw):
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
if identity.in_group("issuer"):
forward_url= url("issuer")
elif identity.in_group("bidder"):
forward_url= url("bidder")
elif identity.in_group("admin"):
forward_url = url("admin")
raise redirect(forward_url)
forward_url=None
previous_url= request.path
if identity.was_login_attempted():
msg=_("The credentials you supplied were not correct or "
"did not grant access to this resource.")
elif identity.get_identity_errors():
msg=_("You must provide your credentials before accessing "
"this resource.")
else:
msg=_("Please log in.")
forward_url= request.headers.get("Referer", "/")
response.status=403
return dict(message=msg, previous_url=previous_url, logging_in=True,
original_parameters=request.params,
forward_url=forward_url)
def login(forward_url=None, *args, **kwargs):
'''Page to become authenticated to the Account System.
This shows a small login box to type in your username and password
from the Fedora Account System.
To use this, replace your current login controller method with::
from fedora.controllers import login as fc_login
@expose(template='yourapp.yourlogintemplate', allow_json=True)
def login(self, forward_url=None, *args, **kwargs):
login_dict = fc_login(forward_url, args, kwargs)
# Add anything to the return dict that you need for your app
return login_dict
:kwarg: forward_url: The url to send to once authentication succeeds
'''
if forward_url:
if isinstance(forward_url, list):
forward_url = forward_url.pop(0)
else:
del request.params['forward_url']
if not identity.current.anonymous and identity.was_login_attempted() \
and not identity.get_identity_errors():
# User is logged in
flash(f_('Welcome, %s') % identity.current.user_name)
if request_format() == 'json':
# When called as a json method, doesn't make any sense to redirect
# to a page. Returning the logged in identity is better.
return dict(user=identity.current.user,
_csrf_token=identity.current.csrf_token)
redirect(forward_url or '/')
if identity.was_login_attempted():
msg = f_('The credentials you supplied were not correct or '
'did not grant access to this resource.')
elif identity.get_identity_errors():
msg = f_('You must provide your credentials before accessing '
'this resource.')
else:
msg = f_('Please log in.')
if not forward_url:
forward_url = request.headers.get('Referer', '/')
response.status = 403
return dict(
logging_in=True, message=msg,
forward_url=forward_url, previous_url=request.path_info,
original_parameters=request.params
)
def login(forward_url=None, *args, **kwargs):
'''Page to become authenticated to the Account System.
This shows a small login box to type in your username and password
from the Fedora Account System.
To use this, replace your current login controller method with::
from fedora.controllers import login as fc_login
@expose(template='yourapp.yourlogintemplate', allow_json=True)
def login(self, forward_url=None, *args, **kwargs):
login_dict = fc_login(forward_url, args, kwargs)
# Add anything to the return dict that you need for your app
return login_dict
:kwarg: forward_url: The url to send to once authentication succeeds
'''
if forward_url:
if isinstance(forward_url, list):
forward_url = forward_url.pop(0)
else:
del request.params['forward_url']
if not identity.current.anonymous and identity.was_login_attempted() \
and not identity.get_identity_errors():
# User is logged in
flash(_('Welcome, %s') % identity.current.user_name)
if request_format() == 'json':
# When called as a json method, doesn't make any sense to redirect
# to a page. Returning the logged in identity is better.
return dict(user=identity.current.user,
_csrf_token=identity.current.csrf_token)
redirect(forward_url or '/')
if identity.was_login_attempted():
msg = _('The credentials you supplied were not correct or '
'did not grant access to this resource.')
elif identity.get_identity_errors():
msg = _('You must provide your credentials before accessing '
'this resource.')
else:
msg = _('Please log in.')
if not forward_url:
forward_url = request.headers.get('Referer', '/')
response.status = 403
return dict(logging_in=True,
message=msg,
forward_url=forward_url,
previous_url=request.path_info,
original_parameters=request.params)
def login(self, forward_url=None, *args, **kwargs):
'''Page to become authenticated to the Account System.
This shows a small login box to type in your username and password
from the Fedora Account System.
:kwarg forward_url: The url to send to once authentication succeeds
'''
login_dict = f_ctrlers.login(forward_url=forward_url, *args, **kwargs)
if not identity.current.anonymous and identity.was_login_attempted() \
and not identity.get_identity_errors():
# Success that needs to be passed back via json
return login_dict
if identity.was_login_attempted() and request.fas_provided_username:
if request.fas_identity_failure_reason == 'status_inactive':
turbogears.flash(_('Your old password has expired. Please'
' reset your password below.'))
if request_format() != 'json':
redirect('/user/resetpass')
if request.fas_identity_failure_reason == 'status_account_disabled':
turbogears.flash(_('Your account is currently disabled. For'
' more information, please contact %(admin_email)s' %
{'admin_email': config.get('accounts_email')}))
if request_format() != 'json':
redirect('/login')
return login_dict
def login_args(previous_url=None, *args, **kwargs):
forward_url=None
if 'forward_url' in kwargs:
forward_url = kwargs['forward_url']
if identity.was_login_attempted():
cherrypy.response.status=403
msg=_("Your username or password were incorrect. "
"Please try again.")
elif identity.get_identity_errors():
msg=_("Please log in.")
else:
msg=_("Please log in.")
forward_url=cherrypy.request.headers.get("Referer", "/")
try:
location = get_location_from_base_url()
updates = get_updates_data(location)
except:
location = None
updates = None
if (not identity.current.anonymous and identity.current.user.active) and not (is_host(identity.current.user, location) and not identity.was_login_attempted()):
redirect(cherrypy.request.base)
login_dict = dict(login_message=msg, previous_url=previous_url, logging_in=True,
original_parameters=cherrypy.request.params,
forward_url=forward_url, updates=updates, location=location)
return login_dict
def login(self, forward_url=None, *args, **kwargs):
'''Page to become authenticated to the Account System.
This shows a small login box to type in your username and password
from the Fedora Account System.
:kwarg forward_url: The url to send to once authentication succeeds
'''
login_dict = f_ctrlers.login(forward_url=forward_url, *args, **kwargs)
if not identity.current.anonymous and identity.was_login_attempted() \
and not identity.get_identity_errors():
# Success that needs to be passed back via json
return login_dict
if identity.was_login_attempted() and request.fas_provided_username:
if request.fas_identity_failure_reason == 'status_inactive':
turbogears.flash(
_('Your old password has expired. Please'
' reset your password below.'))
if request_format() != 'json':
redirect('/user/resetpass')
if request.fas_identity_failure_reason == 'status_account_disabled':
turbogears.flash(
_('Your account is currently disabled. For'
' more information, please contact %(admin_email)s' %
{'admin_email': config.get('accounts_email')}))
if request_format() != 'json':
redirect('/login')
return login_dict
def login(self, forward_url=None, previous_url=None, *args, **kw):
if not identity.current.anonymous and identity.was_login_attempted() \
and not identity.get_identity_errors():
raise redirect(tg.url(forward_url or previous_url or '/', kw))
forward_url = None
previous_url = request.path
msg = "You can use guest/guest if you don't yet have a login."
if identity.was_login_attempted():
msg = "The credentials you supplied were not correct or did not grant access to this resource."
elif identity.get_identity_errors():
msg = "You must provide your credentials before accessing this resource."
else:
msg = "Please log in."
forward_url = request.headers.get("Referer", "/")
forward_url="/buildLP"
response.status = 403
return dict(message=msg, previous_url=previous_url, logging_in=True,
original_parameters=request.params, forward_url=forward_url)
def login(self, forward_url='/', previous_url=None, message="", *args, **kw):
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
# Create a visitor log entry for them
masterdb.VisitLog(user = identity.current.user,
login_time = datetime.now(),
logout_time = None,
visit_key = identity.current.visit_key,
ip_address = cherrypy.request.headers.get("X-Forwarded-For"))
# Reset their superuser customer
identity.current.user.superuser_customer = None
if forward_url.find("/ResetPassword") != -1:
forward_url = "/"
if forward_url == "http://www.panopta.com/":
forward_url = "/"
raise redirect(forward_url)
forward_url=None
previous_url= request.path
if identity.was_login_attempted():
msg=_("The username and/or password you supplied were not correct. Please try again, or contact support for assistance.")
elif identity.get_identity_errors():
msg=_("You must login before accessing this resource.")
else:
msg=_("%(message)s Please enter your username and password to login.") % {'message': message}
forward_url= request.headers.get("Referer", "/")
response.status=403
print "EXITING FROM LOGIN"
# return self.index(message=msg)
return dict(message=msg, previous_url=previous_url, logging_in=True,
original_parameters=request.params,
forward_url=forward_url)
def login(self, forward_url=None, previous_url=None, *args, **kw):
log.debug("In Login action")
log.debug("Forward URL: " + str(forward_url))
if forward_url:
forward_url = config.get("url.root") + forward_url
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
raise redirect(forward_url)
forward_url = None
previous_url = config.get("url.root") + request.path
log.debug("Previous URL: " + str(previous_url))
log.debug("Login Errors" + str(identity.get_identity_errors()))
if identity.was_login_attempted():
msg=_("The credentials you supplied were not correct or "
"did not grant access to this resource.")
elif identity.get_identity_errors():
msg=_("You must provide your credentials before accessing "
"this resource.")
else:
msg=_("Please log in.")
forward_url= request.headers.get("Referer", "/")
if forward_url:
forward_url = config.get("url.root") + forward_url
log.debug("Forward URL (2): " + str(forward_url))
response.status=403
out = dict(message=msg, previous_url=previous_url, logging_in=True,
original_parameters=request.params,
forward_url=forward_url)
log.debug("Login output: " + str(out))
return out
def login(self, forward_url=None, *args, **kw):
"""Show the login form or forward user to previously requested page."""
if forward_url:
if isinstance(forward_url, list):
forward_url = forward_url.pop(0)
else:
del request.params['forward_url']
new_visit = visit.current()
if new_visit:
new_visit = new_visit.is_new
if (not new_visit and not identity.current.anonymous
and identity.was_login_attempted()
and not identity.get_identity_errors()):
redirect(forward_url or '/', kw)
if identity.was_login_attempted():
if new_visit:
msg = _(u"Cannot log in because your browser "
"does not support session cookies.")
else:
msg = _(u"The credentials you supplied were not correct or "
"did not grant access to this resource.")
elif identity.get_identity_errors():
msg = _(u"You must provide your credentials before accessing "
"this resource.")
else:
msg = _(u"Please log in.")
if not forward_url:
forward_url = request.headers.get("Referer", "/")
# we do not set the response status here anymore since it
# is now handled in the identity exception.
return dict(logging_in=True,
message=msg,
forward_url=forward_url,
previous_url=request.path_info,
original_parameters=request.params)
def login(self, redirect_to=None, tg_errors=None, *args,
**kw):
if not redirect_to:
if request.path_info != '/login':
redirect_to = request.path_info
else:
redirect_to = '/dashboard'
if tg_errors:
flash(_(u'Hubo un error en el formulario!'))
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
raise redirect(redirect_to)
if identity.was_login_attempted():
msg = _(u'Las credenciales proporcionadas no son correctas o no '
'le dan acceso al recurso solicitado.')
elif identity.get_identity_errors():
msg = _(u'Debe proveer sus credenciales antes de acceder a este '
'recurso.')
else:
msg = _(u'Por favor ingrese sus credenciales.')
fields = list(LoginForm.fields)
fields.append(W.HiddenField(name='redirect_to'))
fields.extend([W.HiddenField(name=name) for name in request.params
if name not in ('login_user', 'login_password', 'login_submit',
'redirect_to')])
login_form = LoginForm(fields=fields, action='/login')
values = dict(request.params)
values['redirect_to'] = redirect_to
response.status=403
return dict(login_form=login_form, form_data=values, message=msg,
logging_in=True)
def login(self, forward_url=None, *args, **kw):
"""Show the login form or forward user to previously requested page."""
if forward_url:
if isinstance(forward_url, list):
forward_url = forward_url.pop(0)
else:
del request.params['forward_url']
new_visit = visit.current()
if new_visit:
new_visit = new_visit.is_new
if (not new_visit and not identity.current.anonymous
and identity.was_login_attempted()
and not identity.get_identity_errors()):
redirect(forward_url or '/', kw)
if identity.was_login_attempted():
if new_visit:
msg = _(u"Cannot log in because your browser "
"does not support session cookies.")
else:
msg = _(u"The credentials you supplied were not correct or "
"did not grant access to this resource.")
elif identity.get_identity_errors():
msg = _(u"You must provide your credentials before accessing "
"this resource.")
else:
msg = _(u"Please log in.")
if not forward_url:
forward_url = request.headers.get("Referer", "/")
# we do not set the response status here anymore since it
# is now handled in the identity exception.
return dict(logging_in=True, message=msg,
forward_url=forward_url, previous_url=request.path_info,
original_parameters=request.params)
def login(self, forward_url=None, previous_url=None, *args, **kw):
if not identity.current.anonymous and \
identity.was_login_attempted() and not \
identity.get_identity_errors():
raise redirect(forward_url)
forward_url = None
previous_url = request.path
if identity.was_login_attempted():
msg = 'The credentials you supplied were not correct.'
elif identity.get_identity_errors():
msg = 'You must provide your credentials.'
else:
msg = 'Please log in.'
forward_url = request.headers.get('Referer', '/')
response.status = 403
return dict(message=msg,
previous_url=previous_url,
logging_in=True,
original_parameters=request.params,
forward_url=forward_url)
def login(self, forward_url=None, previous_url=None, *args, **kw):
if not identity.current.anonymous and \
identity.was_login_attempted() and not \
identity.get_identity_errors():
raise redirect(forward_url)
forward_url = None
previous_url = request.path
if identity.was_login_attempted():
msg = 'The credentials you supplied were not correct.'
elif identity.get_identity_errors():
msg = 'You must provide your credentials.'
else:
msg = 'Please log in.'
forward_url = request.headers.get('Referer', '/')
response.status = 403
return dict(message=msg,
previous_url=previous_url,
logging_in=True,
original_parameters=request.params,
forward_url=forward_url)
def login(self, forward_url=None, previous_url=None, *args, **kw):
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
raise redirect(forward_url)
forward_url=None
previous_url= request.path
if identity.was_login_attempted():
msg=_("The credentials you supplied were not correct or "
"did not grant access to this resource.")
elif identity.get_identity_errors():
msg=_("For assistance, please contact your program administrator.")
else:
msg=_("Please log in.")
forward_url= request.headers.get("Referer", "/")
response.status=403
return dict(message=msg, previous_url=previous_url, logging_in=True,
original_parameters=request.params,
forward_url=forward_url)
def login(self, forward_url=None, previous_url=None, *args, **kw):
print "logging in"
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
raise redirect(forward_url)
session.begin()
password = base64.encodestring(str(random.getrandbits(64))).strip()
username = uuid.uuid1().hex
user = User(user_name=username,
display_name='Guest User',
password=identity.encrypt_password(password))
session.commit()
session.flush()
identity.current_provider.validate_identity(username, password,
identity.current.visit_key)
raise redirect(request.path)
def login(self, forward_url=None, previous_url=None, *args, **kw):
print "logging in"
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
raise redirect(forward_url)
session.begin()
password = base64.encodestring(str(random.getrandbits(64))).strip()
username = uuid.uuid1().hex
user = User(user_name=username,
display_name='Guest User',
password=identity.encrypt_password(password))
session.commit()
session.flush()
identity.current_provider.validate_identity(username,
password,
identity.current.visit_key)
raise redirect(request.path)
def login(self, *args, **kw):
if not identity.current.anonymous and identity.was_login_attempted():
util.redirect(kw['forward_url'])
forward_url = None
previous_url = cherrypy.request.path
if identity.was_login_attempted():
msg = _("Login incorrect.")
elif identity.get_identity_errors():
msg = _("Login error.")
else:
msg = _("Please log in.")
forward_url = cherrypy.request.headers.get("Referer", "/")
cherrypy.response.status = 403
form_vals = dict(forward_url=forward_url)
return dict(message=msg, previous_url=previous_url, logging_in=True,
original_parameters=cherrypy.request.params,
forward_url=forward_url,
newuser_form=newuser_form, form_vals=form_vals)
def login(self, forward_url=None, previous_url=None, message="", top_message="", *args, **kw):
template = 'genshi:ControlPanel.templates.login'
if not identity.current.anonymous \
and identity.was_login_attempted() \
and not identity.get_identity_errors():
masterdb.Visit.setOriginalUser(identity.current.user)
# Request the sitetemplate to make KissMetrics tracking call
cherrypy.session['track_login'] = True
# Create a visitor log entry for them
masterdb.VisitLog(user = identity.current.user,
login_time = datetime.now(),
logout_time = None,
visit_key = identity.current.visit_key,
ip_address = cherrypy.request.headers.get("X-Forwarded-For"))
# Reset their superuser customer
identity.current.user.superuser_customer = None
# https://jira.quattrosource.com:8443/browse/PANOPTA-714
if isinstance(forward_url, (list, tuple)):
forward_url = forward_url[0]
if forward_url == None: forward_url='/'
if forward_url.find("/ResetPassword") != -1:
forward_url = "/"
if forward_url == "http://www.panopta.com/":
forward_url = "/"
if forward_url.startswith("http://www.panopta.com/order/signup"):
forward_url = "/"
if forward_url.endswith("/login"):
forward_url = "/"
# Remove password reset info
identity.current.user.forgotpassword_code = None
identity.current.user.forgotpassword_timestamp = None
redirect(forward_url)
forward_url=None
previous_url= request.path
if "reset" in kw:
if kw["reset"] == "1":
msg='An email has been sent to you with required info to reset your password.'
msg_type='success'
else:
msg='We could not validate your password reset verification code. Please try again.'
msg_type='danger'
forward_url = "/"
else:
if identity.was_login_attempted():
msg=_("The username and/or password you supplied were not correct. Please try again, or contact support for assistance.")
msg_type='danger'
elif identity.get_identity_errors():
msg=_("You must login before accessing this resource.")
msg_type='danger'
else:
msg=_("%s" % message)
msg_type = None
forward_url= request.headers.get("Referer", "/")
# Redirect to a partner site if we don't support direct login
host = cherrypy.request.headers.get("X-Forwarded-Host")
brand = None
if host and host != 'my.panopta.com':
brand = masterdb.Brand.select(masterdb.Brand.q.base_domain == host)
if brand.count() and brand[0].controlpanel_url and host not in brand[0].controlpanel_url:
redirect(brand[0].controlpanel_url)
brand, brand_logo_url, brand_textkey, brand_name, brand_favicon_url = self.getBrandSpecificUI(host)
return dict(tg_template = template,
message=msg,
message_type=msg_type,
top_message=top_message,
previous_url=previous_url,
logging_in=True,
original_parameters=request.params,
forward_url=forward_url,
brand = brand,
brand_logo_url = brand_logo_url,
brand_textkey = brand_textkey,
brand_name = brand_name,
brand_favicon_url = brand_favicon_url,
)
class Root(plugin.RootController):
user = User()
group = Group()
fpca = FPCA()
json = JsonRequest()
config = Config()
help = Help()
def __init__(self):
# TODO: Find a better place for this.
os.environ['GNUPGHOME'] = config.get('gpghome')
plugin.RootController.__init__(self)
def getpluginident(self):
return 'fas'
@expose(template="fas.templates.welcome", allow_json=True)
def index(self):
if turbogears.identity.not_anonymous():
if request_format() == 'json':
# redirects don't work with JSON calls. This is a bit of a
# hack until we can figure out something better.
return dict()
turbogears.redirect('/home')
return dict(now=time.ctime())
@identity.require(identity.not_anonymous())
@expose(template="fas.templates.home", allow_json=True)
def home(self):
user_name = turbogears.identity.current.user_name
person = People.by_username(user_name)
(cla_done, undeprecated_cla) = undeprecated_cla_done(person)
person = person.filter_private()
return dict(person=person,
memberships=person['memberships'],
cla=undeprecated_cla)
@expose(template="fas.templates.about")
def about(self):
return dict()
@expose(template="fas.templates.login", allow_json=True)
def login(self, forward_url=None, *args, **kwargs):
'''Page to become authenticated to the Account System.
This shows a small login box to type in your username and password
from the Fedora Account System.
:kwarg forward_url: The url to send to once authentication succeeds
'''
actual_login_dict = f_ctrlers.login(forward_url=forward_url,
*args,
**kwargs)
try:
login_dict = Bunch()
login_dict['user'] = Bunch()
for field in People.allow_fields['complete']:
login_dict['user'][field] = None
for field in People.allow_fields['self']:
login_dict['user'][field] = getattr(actual_login_dict['user'],
field)
# Strip out things that the user shouldn't see about their own
# login
login_dict['user']['internal_comments'] = None
login_dict['user']['emailtoken'] = None
login_dict['user']['security_answer'] = None
login_dict['user']['alias_enabled'] = None
login_dict['user']['passwordtoken'] = None
# Add things that are needed by some other apps
login_dict['user'].approved_memberships = list(
actual_login_dict['user'].approved_memberships)
login_dict['user'].memberships = list(
actual_login_dict['user'].memberships)
login_dict['user'].unapproved_memberships = list(
actual_login_dict['user'].unapproved_memberships)
login_dict['user'].group_roles = list(
actual_login_dict['user'].group_roles)
login_dict['user'].roles = list(actual_login_dict['user'].roles)
login_dict['user'].groups = [
g.name for g in actual_login_dict['user'].approved_memberships
]
return login_dict
except KeyError, e:
# No problem, this usually means that we failed to login and
# therefore we don't have a user field.
login_dict = actual_login_dict
if not identity.current.anonymous and identity.was_login_attempted() \
and not identity.get_identity_errors():
# Success that needs to be passed back via json
return login_dict
if identity.was_login_attempted() and request.fas_provided_username:
if request.fas_identity_failure_reason == 'status_inactive':
turbogears.flash(
_('Your old password has expired. Please'
' reset your password below.'))
if request_format() != 'json':
redirect('/user/resetpass')
if request.fas_identity_failure_reason == 'status_account_disabled':
turbogears.flash(
_('Your account is currently disabled. For'
' more information, please contact %(admin_email)s' %
{'admin_email': config.get('accounts_email')}))
if request_format() != 'json':
redirect('/login')
return login_dict