def login_view(request):
detail = None
user_is_blocked = False
if request.method == "POST":
username = request.POST['username']
password = request.POST['password']
login_unsuccessful = False
if utils.is_already_locked(request, username=username):
intentos_fallidos = config.FAILURE_LIMIT + 2
detail = _("Haz tratado de loguearte {intentos_fallidos} veces,"
" sin exito. Tu cuenta y dirección IP"
" permanecerán bloqueadas por {cooloff_time_seconds} segundos."
" Contacta al Administrador".format(intentos_fallidos=intentos_fallidos,
cooloff_time_seconds=config.COOLOFF_TIME)
)
user_is_blocked = True
login_unsuccessful = True
user = authenticate(username=username, password=password)
form = AuthenticationForm(request, data=request.POST)
if not form.is_valid():
login_unsuccessful = True
utils.add_login_attempt_to_db(request, login_valid=not login_unsuccessful,
username=username)
user_not_blocked = utils.check_request(request, login_unsuccessful=login_unsuccessful,
username=username)
# TODO: Si es cliente webphone lo bloqueo
if ClienteWebPhoneProfile.objects.filter(user__username=username).exists():
user_is_blocked = True
detail = _("Este tipo de usuario no puede loguearse en este momento.")
if user_not_blocked and not user_is_blocked and not login_unsuccessful:
if form.is_valid():
login(request, user)
user.set_session_key(request.session.session_key)
if 'next' in request.GET:
return redirect(request.GET.get('next'))
if user.is_agente:
return HttpResponseRedirect(reverse('consola_de_agente'))
else:
return HttpResponseRedirect(reverse('index'))
else:
if request.user.is_authenticated():
if 'next' in request.GET:
return redirect(request.GET.get('next'))
if request.user.is_agente:
return HttpResponseRedirect(reverse('consola_de_agente'))
else:
return HttpResponseRedirect(reverse('index'))
else:
form = AuthenticationForm(request)
context = {
'form': form,
'detail': detail,
'user_is_blocked': user_is_blocked,
}
template_name = 'registration/login.html'
return TemplateResponse(request, template_name, context)
def authenticate(self, request, username=None, password=None, **kwargs):
if username is None:
username = kwargs.get(UserModel.USERNAME_FIELD)
if utils.is_already_locked(request, username=username):
detail = "You have attempted to login {failure_limit} times, with no success. Your account is locked " \
"for {cooloff_time_seconds} seconds".format(failure_limit=config.FAILURE_LIMIT + 1,
cooloff_time_seconds=config.COOLOFF_TIME
)
raise exceptions.AuthenticationFailed(
{'non_field_errors': [_(detail)]})
user = None
try:
user = UserModel._default_manager.get_by_natural_key(username)
except UserModel.DoesNotExist as e:
# Run the default password hasher once to reduce the timing
# difference between an existing and a nonexistent user (#20760).
UserModel().set_password(password)
can_login = user and user.check_password(password)
if can_login:
login_unsuccessful = False
else:
login_unsuccessful = True
utils.add_login_attempt_to_db(request,
login_valid=not login_unsuccessful,
username=username)
user_not_blocked = utils.check_request(
request, login_unsuccessful=login_unsuccessful, username=username)
if user_not_blocked and not login_unsuccessful and can_login:
return user