def login(request): if 'authenticated_users' in request.session: del request.session['authenticated_users'] context = { 'user_password_length': settings.USER_PASSWORD_LENGTH, 'memberid_lookups_limit': settings.MEMBERID_LOOKUPS_LIMIT, 'countries': FocusCountry.get_sorted(), } if request.method == 'GET': if request.user.is_authenticated(): # User is already authenticated, skip login return redirect(request.GET.get('next', reverse('user.views.home'))) if 'registreringsnokkel' in request.GET: try: user = User.get_users(include_pending=True).get(pending_registration_key=request.GET['registreringsnokkel']) context['prefilled_user'] = user except User.DoesNotExist: pass context['next'] = request.GET.get('next') return render(request, 'common/user/login/login.html', context) elif request.method == 'POST': matches, message = attempt_login(request) if len(matches) == 1: return redirect(request.GET.get('next', reverse('user.views.home'))) elif len(matches) > 1: # Multiple matches, offer a choice between all matches request.session['authenticated_users'] = [u.id for u in matches] if 'next' in request.GET: return redirect("%s?next=%s" % (reverse('user.login.views.choose_authenticated_user'), request.GET['next'])) else: return redirect('user.login.views.choose_authenticated_user') else: messages.error(request, message) context['next'] = request.GET.get('next') context['email'] = request.POST['email'] return render(request, 'common/user/login/login.html', context) else: return redirect('user.login.views.login')
def signon_login(request): if not 'dntconnect' in request.session: # Use a friendlier error message here? raise PermissionDenied if request.user.is_authenticated(): # Shouldn't happen, but handle it just in case. add_signon_session_value(request, 'logget_inn') return redirect('connect:signon_complete') else: context = { 'user_password_length': settings.USER_PASSWORD_LENGTH, 'countries': FocusCountry.get_sorted(), } if 'registreringsnokkel' in request.GET: try: user = User.get_users(include_pending=True).get(pending_registration_key=request.GET['registreringsnokkel']) context['prefilled_user'] = user except User.DoesNotExist: pass if request.method == 'GET': return render(request, 'central/connect/%s/signon.html' % request.session['dntconnect']['client_id'], context) elif request.method == 'POST': matches, message = attempt_login(request) if len(matches) == 1: add_signon_session_value(request, 'logget_inn') return redirect('connect:signon_complete') elif len(matches) > 1: # Multiple matches, offer a choice between all matches request.session['authenticated_users'] = [u.id for u in matches] return redirect('connect:signon_choose_authenticated_user') else: messages.error(request, message) context['email'] = request.POST['email'] return render(request, 'central/connect/%s/signon.html' % request.session['dntconnect']['client_id'], context) else: raise PermissionDenied
def login(request): if 'authenticated_users' in request.session: del request.session['authenticated_users'] context = { 'user_password_length': settings.USER_PASSWORD_LENGTH, 'memberid_lookups_limit': settings.MEMBERID_LOOKUPS_LIMIT, 'countries': FocusCountry.get_sorted(), } if request.method == 'GET': # If the user is already authenticated, send them straight forwards if request.user.is_authenticated(): return redirect(request.GET.get('next', reverse('user:home'))) # If logging in on a non-central site, first send the user to the # central site to try automatic login. Except if 'sso_checked' is set in # session, in which case they've already tried and failed. if not request.site.is_central() \ and 'sso_checked' not in request.session: return_address = 'https://%s%s?next=%s' % ( request.site.domain, reverse('user:login.single_signon_return'), request.GET.get('next', reverse('user:home')), ) return redirect('https://%s%s?next=%s' % ( Site.get_central().domain, reverse('user:login.single_signon_check'), urlquote(return_address), )) if 'registreringsnokkel' in request.GET: try: user = User.get_users(include_pending=True).get( pending_registration_key=request.GET['registreringsnokkel'] ) context['prefilled_user'] = user except User.DoesNotExist: pass if 'next' in request.GET: context['next'] = urlquote(request.GET['next']) if request.session.get('OAuth-authorization'): context['stripped_layout'] = True return render(request, 'common/user/login/login.html', context) elif request.method == 'POST': matches, message = attempt_login(request) if len(matches) == 1: if request.session.get('OAuth-authorization'): try: o = urlparse(request.GET.get('next', None)) client_id = [a[1] for a in parse_qsl(o.query) if a[0] == 'client_id'][0] request.user.last_login_oauth_date = datetime.now() request.user.save() log, created = UserOauthActiveLog.objects.get_or_create( user=request.user, oauth_client_id=client_id, defaults={ 'first_date': request.user.last_login_oauth_date, 'last_date': request.user.last_login_oauth_date }) if not created: log.last_date = request.user.last_login_oauth_date log.save() except: pass else: request.user.last_login_site_date = datetime.now() request.user.save() if request.site.is_central(): return redirect(request.GET.get('next', reverse('user:home'))) else: if 'sso_checked' in request.session: del request.session['sso_checked'] return redirect(sso_login_url( request.site, request.user, request.GET.get('next', reverse('user:home')), )) elif len(matches) > 1: # Multiple matches, offer a choice between all matches request.session['authenticated_users'] = [u.id for u in matches] if 'next' in request.GET: return redirect( "%s?next=%s" % ( reverse('user:login.choose_authenticated_user'), urlquote(request.GET['next']), ) ) else: return redirect('user:login.choose_authenticated_user') else: messages.error(request, message) if 'next' in request.GET: context['next'] = urlquote(request.GET['next']) context['email'] = request.POST['email'] if request.session.get('OAuth-authorization'): context['stripped_layout'] = True return render(request, 'common/user/login/login.html', context) else: return redirect('user:login.login')