def login(request, template_name='accounts/login.html',
extra_context={}):
"""
contrib.auth.views.login, but with a few added benefits: extra_context and
it redirects to settings.LOGIN_REDIRECT_URL if user is already logged in.
"""
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if form.is_valid():
redirect_to = get_redirect_url(request, redirect_field_name='next',
fallback=settings.LOGIN_REDIRECT_URL)
auth_raw_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
form = AuthenticationForm(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
context = {
'form': form,
'site': current_site,
'site_name': current_site.name
}
context.update(extra_context)
return direct_to_template(request, template_name, context)
def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
"Displays the login form and handles the login action."
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
if form.is_valid():
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
from django.contrib.auth import login
login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
form = AuthenticationForm(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site_name': current_site.name,
}, context_instance=RequestContext(request))
def login(request, template_name="lfs/checkout/login.html"):
"""Displays a form to login or register/login the user within the check out
process.
The form's post request goes to lfs.customer.views.login where all the logic
happens - see there for more.
"""
# If the user is already authenticate we don't want to show this view at all
if request.user.is_authenticated():
return HttpResponseRedirect(reverse("lfs_checkout"))
shop = lfs.core.utils.get_default_shop(request)
# If only anonymous checkout allowed we don't want to show this view at all.
if shop.checkout_type == CHECKOUT_TYPE_ANON:
return HttpResponseRedirect(reverse("lfs_checkout"))
# Using Djangos default AuthenticationForm
login_form = AuthenticationForm()
login_form.fields["username"].label = _(u"E-Mail")
register_form = RegisterForm()
if request.POST.get("action") == "login":
login_form = AuthenticationForm(data=request.POST)
login_form.fields["username"].label = _(u"E-Mail")
if login_form.is_valid():
from django.contrib.auth import login
login(request, login_form.get_user())
return lfs.core.utils.set_message_cookie(reverse("lfs_checkout"),
msg=_(u"You have been logged in."))
elif request.POST.get("action") == "register":
register_form = RegisterForm(data=request.POST)
if register_form.is_valid():
email = register_form.data.get("email")
password = register_form.data.get("password_1")
# Create user
user = User.objects.create_user(
username=create_unique_username(email), email=email, password=password)
# Notify
lfs.core.signals.customer_added.send(user)
# Log in user
from django.contrib.auth import authenticate
user = authenticate(username=email, password=password)
from django.contrib.auth import login
login(request, user)
return lfs.core.utils.set_message_cookie(reverse("lfs_checkout"),
msg=_(u"You have been registered and logged in."))
return render_to_response(template_name, RequestContext(request, {
"login_form": login_form,
"register_form": register_form,
"anonymous_checkout": shop.checkout_type != CHECKOUT_TYPE_AUTH,
}))
def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
if TEMP_DEBUG_LOGGING:
TEMP_DEBUG_FILE = open('/tmp/os-debug.log','a')
TEMP_DEBUG_FILE.write("\nLogin:"******"\n")
"Displays the login form and handles the login action."
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
from django.contrib.auth import login
if form.is_valid():
user = form.get_user()
# Check if the user is banned
user_ob = User.objects.filter(username = user)
if len(user_ob) != 0:
if len(BanishedUser.objects.filter(user = user_ob[0])) != 0:
return json_result({'form_errors': {"__all__":["User is banned"]}})
login(request, user)
# If this was a visitor, connect to a user
connect_visitor_to_user(request, user.id)
# Log the login
create_user_event_log(request, {"log_type": LogUserEvents.login})
if TEMP_DEBUG_LOGGING:
TEMP_DEBUG_FILE.write("Login results is user_authenticated?" + str(request.user.is_authenticated()))
TEMP_DEBUG_FILE.close()
return json_result({'success' : True, 'sms_can_change_password': get_sms_can_change_password(request.user)})#json_success()
else:
if Settings.objects.boolean('SOFT_ENTRY_CODES'):
c = request.POST.get('entrycode','')
code_object = EntryCode.objects.filter(code = c)
if len(code_object) <= 0:
return json_error('Invalid Entry Code')
u = User.objects.filter(username = code_object[0].username)
if len(u) <= 0:
return json_error('Entry code and user do not match')
if code_object[0].first_login:
first_login_time = UserData(user = u[0], key = 'first_login', value = time.time())
first_login_time.save()
code_object[0].first_login = False
code_object[0].save()
connect_visitor_to_user(request, u[0].id)
request.session['user_id'] = u[0].id
request.session['_auth_user_id'] = u[0].id
request.session['_auth_user_backend'] = 'opinion.email-auth.EmailOrUsernameModelBackend'
return json_success()
# Invalid login
if TEMP_DEBUG_LOGGING:
TEMP_DEBUG_FILE.write(json_result({'form_errors': errors_to_dict(form.errors)}).content)
TEMP_DEBUG_FILE.close()
return json_result({'form_errors': errors_to_dict(form.errors)})
else:
return json_error('Invalid request.')
def custlogin(request, template_name="custlogin.html"):
context = {}
context.update(csrf(request))
next = None
try:
next = request.GET['next']
except:
next = ""
auth_frm = AuthenticationForm(data=request.POST or None)
context['form'] = auth_frm
if auth_frm.is_valid():
try:
user = authenticate(
username=auth_frm.cleaned_data['username'],
password=auth_frm.cleaned_data['password'])
login(request, user)
except Exception:
pass
#return the same form and say login failed
return HttpResponseRedirect('')
return render(
template_name, context, context_instance=RequestContext(request))
def login(request):
"""Try to login existing user"""
if request.user.is_authenticated():
return redirect('profile')
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if not form.is_valid():
return render(
request,
'index.html',
{'error_message': 'Sorry, could not login', 'login': True}
# {'error_message':
# ' '.join([e.as_text() for e in form.errors.values()])}
)
# If form is valid, try to authenticate user
user = authenticate(
username=form.cleaned_data['username'],
password=form.cleaned_data['password']
)
if user is not None:
# Log in and redirect to profile
login_user(request, user)
return redirect('profile')
else:
return render(
request,
'index.html',
{'error_message': 'Sorry, could not login', 'login': True}
)
# Otherwise, display login page
return render(request, 'index.html', {'login': True})
def entrar(request):
user = request.user
ctx = {}
if request.method == 'GET' and 'next' in request.GET: #miramos si está la variables next para redirección
ctx['next'] = request.GET['next'] #guardamos la variables next para enviar al template
#Comprobamos si el usuario está autenticado!
if user.is_authenticated():
return redirect( get_url_redir(request) )
#Si el usuario envía datos por POST para su autenticación
if request.method == 'POST':
form = AuthenticationForm(data=request.POST) #usamos el formulario de auth de django
if form.is_valid(): #si el form es válido obtenemos el usuario y password
u = form.cleaned_data['username']
p = form.cleaned_data['password']
user = authenticate(username=u, password=p) #comprobamos usuario y contraseña
if user is not None and user.is_active: #si existe y si está activo
login(request, user) #logueado en las sesion de django
# dependiendo del depto al q pertenece el user así se redirecionará
return redirect( get_url_redir(request) )
else:
ctx['form'] = form #guardamos el form con los datos resultantes de la validación
return render(request, 'GestionUser/entrar.html', ctx)
form = AuthenticationForm() #un formulario sin datos del POST
ctx['form'] = form #guardamos un form limpio
return render(request, 'GestionUser/entrar.html', ctx)
def preview_login(request, course_prefix, course_suffix):
"""
Login to c2g in preview mode
"""
login_form = AuthenticationForm(data=request.POST)
if login_form.is_valid():
auth_login(request, login_form.get_user())
if not request.common_page_data['course'].preview_only_mode and \
date.today() >= request.common_page_data['course'].calendar_start :
redirect_to = 'courses.views.main'
else:
redirect_to = 'courses.preview.views.preview'
return redirect(reverse(redirect_to, args=[course_prefix, course_suffix]))
else:
form = form_class(initial={'course_prefix':course_prefix,'course_suffix':course_suffix})
context = RequestContext(request)
# default template, unless there is one in the soruce tree, then use that
template_name='previews/default.html'
class_template='previews/'+request.common_page_data['course'].handle+'.html'
dirs = getattr(settings,'TEMPLATE_DIRS', [])
for dir in dirs:
if os.path.isfile(dir+'/'+class_template):
template_name=class_template
return render_to_response(template_name,
{'form': form,
'login_form': login_form,
'common_page_data': request.common_page_data,
'display_login': True},
context_instance=context)
def login_view(request):
# TODO: rethink and rewrite
next = request.GET.get('next', '')
if request.method != 'POST':
form = AuthenticationForm(request)
return render_to_response('registration/login.html', {'form': form, 'next': next},
context_instance=RequestContext(request))
else:
form = AuthenticationForm(data=request.POST)
if not form.is_valid():
return render_to_response('registration/login.html', {'form': form, 'next': next},
context_instance=RequestContext(request))
user = authenticate(username=request.POST['username'], password=request.POST['password'])
if user is not None:
if user.is_active:
#Save username in session
PREFIX = "_user:"******"login", game = None, public=False)
if request.POST.get('next'):
return HttpResponseRedirect(request.POST.get('next'))
return redirect(settings.LOGIN_REDIRECT_URL)
return HttpResponseRedirect("/")
def index(request):
if request.method == "POST":
# User authentication
auth_form = AuthenticationForm(data = request.POST)
if auth_form.is_valid():
user = auth_form.get_user()
if user.is_active:
login(request, user)
# Contact form handling
contact_form = AkismetContactForm(request = request, data = request.POST)
if contact_form.is_valid():
contact_form.save()
else:
auth_form = AuthenticationForm()
contact_form = AkismetContactForm(request = request)
return render_to_response('index.html',{
'auth_form': auth_form,
'contact_form': contact_form,
'project_list': Project.objects.all(),
'user_list': User.objects.all().order_by('first_name')
}, context_instance = RequestContext(request))
def authenticate_user(username, password):
# reuse form-model logic in AuthenticationForm
auth_dict = {"username": username, "password": password}
auth_form = AuthenticationForm(None, auth_dict)
is_valid = auth_form.is_valid() # just run the validation
auth_user = auth_form.get_user()
return auth_user
def fg_login(request,template_name="Login.html"):
context = {}
context.update(csrf(request))
next = None
try:
next = request.GET['next']
except:
next = ""
auth_frm = AuthenticationForm(data=request.POST or None)
context['form'] = auth_frm
if auth_frm.is_valid():
try:
user = authenticate(username=auth_frm.cleaned_data['username'], password=auth_frm.cleaned_data['password'])
login(request, user)
except Exception, e:
pass
return redirect('manager_home')
def loginUsuario(request, template_name='user/loginUsuario.html'):
if not request.user.is_anonymous():
return redirect('home')
if request.method == 'POST':
formulario = AuthenticationForm(None, request.POST or None)
if formulario.is_valid():
usuario = request.POST['username']
clave = request.POST['password']
acceso = authenticate(username=usuario, password=clave)
if acceso is not None:
if acceso.is_active:
login(request, acceso)
return redirect('home')
print 'acceso'
else:
print 'no activo'
return redirect('home')
else:
print 'no usuario'
return redirect('home')
else:
formulario = AuthenticationForm()
else:
formulario = AuthenticationForm()
return render(request, template_name, locals())
def login(request):
c = all_page_infos(request)
nexturl = request.GET.get("next", "/")
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
form.fields["password"].max_length = 4096
if form.is_valid():
user = form.get_user()
django_contrib_auth_login(request, user)
logger.info("Logged in user '%s' (%s) a.k.a '%s'", user.username, user.last_name, user.userprofile.aliases)
if request.user.userprofile.game_pref_fixed or request.session.get("game_pref", 0) == 0:
# if pref was set explicitely, always set cookie according to profile
# or if no cookie set, use profiles setting (even if 0)
request.session["game_pref"] = request.user.userprofile.game_pref
else:
# cookie is already set (!=0), overwrite users pref as it's not fixed
try:
request.user.userprofile.game_pref = int(request.session["game_pref"])
request.user.userprofile.save()
except ValueError:
# not int, ignore
pass
return HttpResponseRedirect(nexturl)
else:
logger.info("login error: %s", form.errors)
else:
form = AuthenticationForm()
c["next"] = nexturl
c['form'] = form
form.fields["password"].max_length = 4096
return render(request, 'login.html', c)
def login(request):
'''
Small wrapper around the django login view
'''
context = {}
if request.REQUEST.get('next'):
context['next'] = request.REQUEST.get('next')
# Sane login, with POST
if request.method == "POST":
return django_loginview(request,
template_name='user/login.html',
extra_context=context)
# log in with GET parameters so users can easily get in by scanning a QR code
elif request.REQUEST.get('get_login'):
form = AuthenticationForm(request, data=request.GET)
if form.is_valid():
auth_login(request, form.get_user())
return HttpResponseRedirect(reverse('oracle:dashboard'))
return django_loginview(request,
template_name='user/login.html',
extra_context=context)
def test_invalid_username(self):
# The user submits an invalid username.
data = {"username": "******", "password": "******"}
form = AuthenticationForm(None, data)
self.assertFalse(form.is_valid())
self.assertEqual(form.non_field_errors(), [force_unicode(form.error_messages["invalid_login"])])
def is_authenticated(self, request):
"""
if user is_authenticated: return True
else try to authenticate with django and return true/false dependent of
result
"""
# is authenticated
if request.user.is_authenticated():
return True
# not authenticated, call authentication form
f = AuthenticationForm(data={
'username': request.REQUEST.get('username',''),
'password': request.REQUEST.get('password',''),
})
# if authenticated log the user in.
if f.is_valid():
auth_login(request, f.get_user())
# this ** should ** return true
return request.user.is_authenticated()
else:
# fail to auth, save form errors
#self.errors = f.errors
return False
def login_or_logout_form(context, next):
"""
Usage: {% login_or_logout_form next %}
After: Depending on whether the browsing user is logged in or not a login or logout
form has been displayed
After a successful login the user is redirected to the url next
"""
user = context['user']
request = context['request']
login_url = reverse('login')
if request.path == login_url:
return {'on_login_page': True }
if next == login_url:
next = reverse('index')
if not user.is_authenticated():
form = AuthenticationForm(auto_id = "login-form-%s")
form.fields['username'].widget.attrs['tabindex'] = 1
form.fields['password'].widget.attrs['tabindex'] = 2
form.id = "login-form"
return {'login' : True, 'form' : form , 'next': next}
else:
return {'login': False }
def wrapper(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
if request.method == 'POST':
# sometimes we won't have made a get request yet (i.e. if we use a
# form on a different page to login) so if the referer was
# from our own site skip the cookie check
referer = request.META.get('HTTP_REFERER', None)
try:
referer = referer.split(u'//')[1]
except AttributeError:
referer = ''
cookies = request.session.test_cookie_worked()
form = AuthenticationForm(request, request.POST)
form.is_valid()
else:
cookies = True
form = AuthenticationForm(request.POST)
request.session.set_test_cookie()
if cookies or referer.startswith(current_site.domain):
request.session.delete_test_cookie()
return f(request, template_name, redirect_field_name)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_field_name,
'site_name': current_site.name,
}, context_instance=RequestContext(request))
def login(request):
result = {"status": 0, "apiVersion": "1.0", "msg": "", "data": {}}
form = AuthenticationForm(request, request.POST)
if not form.is_valid():
result['msg'] = u'用户名或者密码错误'
return json_response(result)
user = form.get_user()
if not user.is_active:
result['msg'] = u'该账户未激活,请先使用邮箱链接进行激活'
return json_response(result)
# if not check_user(user):
# result['msg'] = u'该用户不存在'
# return json_response(result)
if is_super_admin(user):
result['data']['next'] = '/superadmin/'
elif is_admin(user):
result['data']['next'] = '/secretary/'
elif is_instructor(user):
result['data']['next'] = '/instructor/'
# return HttpResponseRedirect(reverse('instructor'))
elif is_student(user):
result['data']['next'] = '/student/'
else:
result['msg'] = '该用户不存在'
return json_response(result)
auth_login(request, user)
result['status'] = 1
result['msg'] = u'登录成功'
return json_response(result)
def post(self, request):
form = AuthenticationForm(data=request.POST)
if not form.is_valid():
return self.response(request, form)
user = form.get_user()
auth_login(request, user)
# Retrieve user to use some methods of UserProxy
user = UserProxy.objects.get(pk=user.pk)
if user.is_superuser or user.is_system_user or user.is_audit_user or user.is_safety_user:
return redirect('management')
udc_set = UDC.objects.filter(user=user)
if udc_set.exists():
request.session["UDC_ID"] = udc_set[0].id
elif user.is_approver:
request.session["UDC_ID"] = -1
else:
return redirect('no_udc')
Notification.pull_announcements(user)
return HttpResponseRedirect(reverse("cloud"))
def login(request, species_wid=None):
next = request.REQUEST.get('next', '')
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
if form.is_valid():
auth_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(next)
else:
form = AuthenticationForm(request)
request.session.set_test_cookie()
return render_queryset_to_response(
species_wid = species_wid,
request = request,
templateFile = 'public/login.html',
data = {
'form': form,
'next': next,
})
def login_usuario(request):
menu=permisos(request)
if request.method=="POST":
form=AuthenticationForm(request.POST)
if(form.is_valid()==False):
username=request.POST["username"]
password=request.POST["password"]
resultado=authenticate(username=username,password=password)
if resultado:
login(request,resultado)
request.session["name"]=username
return HttpResponseRedirect("/blog/active/")
else:
request.session['cont']=request.session['cont']+1
aux=request.session['cont']
estado=True
mensaje="Error en los datos "+str(aux)
if aux>3:
formulario2=fcapcha()
datos={'form':form,'formulario2':formulario2,'estado':estado,'mensaje':mensaje}
else:
datos={'form':form,'estado':estado,'mensaje':mensaje}
return render_to_response("usuario/login.html",datos,context_instance=RequestContext(request))
else:
request.session['cont']=0
form=AuthenticationForm()
return render_to_response("usuario/login.html",{"menu":menu,"form":form},RequestContext(request))
def index(request):
if request.method == 'POST': # If the form has been submitted...
# ContactForm was defined in the the previous section
print request.POST
form = AuthenticationForm(data=request.POST) # A form bound to the POST data
form2 = UserCreateForm(data=request.POST) # A form bound to the POST data
if form.is_valid(): # All validation rules pass
# Process the data in form.cleaned_data
# ...
return HttpResponseRedirect('/thanks/') # Redirect after POST
if form2.is_valid(): # All validation rules pass
# Process the data in form.cleaned_data
# ...
return HttpResponseRedirect('/thanks/') # Redirect after POST
else:
form = AuthenticationForm() # An unbound form
form2 = UserCreateForm() # An unbound form
return render(request, 'promotion/index.html', {
'form_auth': form,
'form_rec': form2,
})
def login(request, template_name="login.html"):
if request.method == "GET":
authenticationForm = AuthenticationForm()
elif request.method == "POST":
authenticationForm = AuthenticationForm(data=request.POST)
if authenticationForm.is_valid():
user = authenticationForm.get_user()
auth_login(request, user)
if user.is_superuser:
return redirect('management')
ucc = UDC.objects.filter(user=user)
if ucc:
request.session["UDC_ID"] = ucc[0].id
else:
raise Exception("User has not register to any SDDC")
return HttpResponseRedirect(reverse("cloud"))
return render_to_response(template_name, RequestContext(request, {
"authenticationForm": authenticationForm,
"error": authenticationForm.errors.get('__all__', None),
"BRAND": settings.BRAND,
}))
def login(request):
if request.method == 'GET':
redirect_to = request.GET.get('next', '/')
return render(request, 'accounts/login.html', {
'form': AuthenticationForm(),
'next': redirect_to
})
else:
form = AuthenticationForm(request, request.POST)
if form.is_valid():
login(request, form.get_user())
return HttpResponseRedirect(redirect_to)
redirect_to = request.POST.get('next', '/')
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
auth.login(request, user)
return HttpResponseRedirect(redirect_to)
return render(request, 'accounts/login.html', {
'form': form,
'next': redirect_to
})
def home(request):
form = AuthenticationForm()
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
if form.is_valid():
login(request, form.get_user())
return render_to_response('home.html', {'form': form}, context_instance=RequestContext(request))
def login(request):
username = request.REQUEST.get('username')
if username:
userlist = get_user_model().objects.filter(username=username)[:1]
if len(userlist) > 0:
user = userlist[0]
if not user.is_active:
return getResult(False, u'用户已经停止使用。')
form = AuthenticationForm(data=request.POST)
if form.is_valid():
# Okay, security checks complete. Log the user in.
auth_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
org_num = request.user.person_set.filter(is_action=True).count()
if org_num == 1:
request.session['person'] = request.user.paper_set.filter(is_action=True)[0]
request.session['org'] = request.session['person'].org
if not request.user.email_active:
return getResult(True, u'登录成功,请完成邮箱验证', None, 202)
return getResult(True, u'登录成功', None)
else:
return getResult(False, u'用户名密码错误', request.session.session_key, 500)
def login(request):
redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, "")
if request.method == "POST":
form = AuthenticationForm(request, data=request.POST)
if form.is_valid():
# Worden we wel naar een veilige pagina gestuurd?
if not is_safe_url(url=redirect_to, host=request.get_host()):
redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
user = form.get_user()
auth_login(request, user)
# Primaire organisatie instellen
if hasattr(user, "profile") and user.profile.current_organization:
request.session["organization_pk"] = user.profile.current_organization.pk
if not user.first_name or not user.email:
# User information is not complete, redirect to register page.
return redirect(register)
return redirect(redirect_to)
else:
form = AuthenticationForm(request)
redirect_field_name = REDIRECT_FIELD_NAME
return render(request, "general/login.html", locals())
def login(request):
#messages.debug(request, "Debug!")
#messages.info(request, "Info!")
#messages.success(request, "Success!")
#messages.warning(request, "Warning!")
#messages.error(request, "Error!")
if request.user.is_authenticated():
return redirect("/student")
context = {}
if request.method == "POST":
form = AuthenticationForm(None, request.POST)
if form.is_valid():
user = form.get_user()
print(user)
if user.is_active:
do_login(request, user)
return redirect("/student")
else:
messages.error(request, "Benutzeraccount ist deaktiviert!")
else:
form = AuthenticationForm()
context["form"] = form
return render(request, "session/login.html", context, context_instance=RequestContext(request))
def accounts(request):
return render_to_response("registration/accounts.html", {
"createForm": UserCreationForm(),
"loginForm": AuthenticationForm()
}, RequestContext(request))
def index(request) -> render:
if request.method == 'GET':
form = AuthenticationForm()
return render(request, 'general/index.html', {'form': form})
def log_request(request, login_unsuccessful):
failures = 0
attempt = get_user_attempt(request)
if attempt:
failures = attempt.failures_since_start
# no matter what, we want to lock them out
# if they're past the number of attempts allowed
if failures > FAILURE_LIMIT and LOCK_OUT_AT_FAILURE:
# We log them out in case they actually managed to enter
# the correct password.
logout(request)
log.warning('AXES: locked out %s after repeated login attempts.',
attempt.ip_address)
return False
if login_unsuccessful:
#interpret the auth form to get the user in question
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
if form.is_valid():
attempted_username = form.get_user().username
else:
attempted_username = form.data.get('username')
attempted_password = form.data.get('password')
# add a failed attempt for this user
failures += 1
# Create an AccessAttempt record if the login wasn't successful
# has already attempted, update the info
if attempt:
#attempt.get_data.append(query2str(request.GET.items()))
#attempt.post_data.append(query2str(request.POST.items()))
attempt.access_type = models.ACCESS_FAILED
attempt.user = attempted_username
attempt.http_accept = request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info = request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start = failures
attempt.event_date = datetime.utcnow() #why do we do this?
attempt.save()
log.info(
'AXES: Repeated login failure by %s. Updating access '
'record. Count = %s', attempt.ip_address, failures)
else:
ip = get_ip(request)
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempt = AccessAudit()
attempt.event_date = datetime.utcnow()
attempt.doc_type = AccessAudit.__name__
attempt.access_type = models.ACCESS_FAILED
attempt.user_agent = ua
attempt.user = attempted_username
attempt.ip_address = ip
#attempt.get_data = [query2str(request.GET.items())]
#attempt.post_data= [query2str(request.POST.items())]
attempt.http_accept = request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info = request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start = failures
attempt.save()
log.info('AXES: New login failure by %s. Creating access record.',
ip)
return True
def get_context_data(self, **kwargs):
context = super(LoginView, self).get_context_data(**kwargs)
context['login_form'] = AuthenticationForm(data=self.request.POST)
return context
def get(self, request):
form = AuthenticationForm()
return Response({'form': form})
def login_form():
return {'form': AuthenticationForm()}
def login(request):
if request.method == 'POST':
pass
else:
af = AuthenticationForm()
return render(request, 'users/login.html' , {'form' : af})
def get(self, request):
login_form = AuthenticationForm()
return render(request, 'votingusers/login.html', {
'login_form': login_form,
})
def home(request):
form = AuthenticationForm()
return render(request, 'todo/home.html', {'form': form})
def post(self, request, post_id):
# Variable to check if an error message is needed (non logged in user tried to interact)
needsWarning = False
# This is only here because there is never an error messaged needed with a GET request
if request.user.is_authenticated:
# The user can only interact with the post significantly if they're logged in.
postResponse = Response.objects.get_or_create(
responseUser=request.user,
responsePost=Post.objects.get(id=post_id))[0]
# Replying to the post:
if request.POST.get('reply',
"") != "Input text" and request.POST.get(
'reply', "") != "":
newPost = Post(
post_content=request.POST['reply'],
# Sorry for the long line here -- Post.objects.get(id=X) was not working :()
post_plant=Post.objects.get(id=post_id).
post_plant, # same as that of parent comment
post_parent=Post.objects.get(id=post_id),
author=request.
user, # person who sent the request is the author
pub_date=timezone.now(),
likes=0,
helpful=0, # both of the "like" values start at zero
also_questioning=0,
celebrating=0)
newPost.save()
# Reacting to the post (four different reactions):
elif request.POST.get('like', "") == "like":
postResponse.liked = not postResponse.liked # switch the status of the post
postResponse.save()
# Increment the counter if the user just liked the post
if postResponse.liked:
postToLike = Post.objects.get(id=post_id)
postToLike.likes += 1
postToLike.save()
# Decrement the counter if the user just unliked the post
else:
postToLike = Post.objects.get(id=post_id)
postToLike.likes -= 1
postToLike.save()
elif request.POST.get('helped', "") == "helped":
postResponse.helpful = not postResponse.helpful # switch the status of the post
postResponse.save()
# Increment the counter if the user just marked the post as "helpful"
if postResponse.helpful:
postToHelp = Post.objects.get(id=post_id)
postToHelp.helpful += 1
postToHelp.save()
# Decrement the counter if the user just unmarked the post as "helpful"
else:
postToHelp = Post.objects.get(id=post_id)
postToHelp.helpful -= 1
postToHelp.save()
elif request.POST.get('questioned', "") == "questioned":
postResponse.questioned = not postResponse.questioned # switch the status of the post
postResponse.save()
# Increment the counter if the user just questioned the post
if postResponse.questioned:
postToQuestion = Post.objects.get(id=post_id)
postToQuestion.also_questioning += 1
postToQuestion.save()
# Decrement the counter if the user just unliked the post
else:
postToQuestion = Post.objects.get(id=post_id)
postToQuestion.also_questioning -= 1
postToQuestion.save()
elif request.POST.get('celebrated', "") == "celebrated":
postResponse.celebrated = not postResponse.celebrated # switch the status of the post
postResponse.save()
# Increment the counter if the user just questioned the post
if postResponse.celebrated:
postToQuestion = Post.objects.get(id=post_id)
postToQuestion.celebrating += 1
postToQuestion.save()
# Decrement the counter if the user just unliked the post
else:
postToQuestion = Post.objects.get(id=post_id)
postToQuestion.celebrating -= 1
postToQuestion.save()
else:
# Alert the user that they must be logged in to interact with a post
needsWarning = True
# New context -- same as old one
post_objects = Post.objects.order_by('id')
form = AuthenticationForm()
# Adds placeholders to the fields
form.fields['username'].widget.attrs.update({
'placeholder': 'username',
})
form.fields['password'].widget.attrs.update(
{'placeholder': 'password'})
context = {
'post':
Post.objects.get(id=post_id),
'post_replies':
post_objects.filter(post_parent=Post.objects.get(id=post_id)),
'likes':
post_objects.get(id=post_id).likes,
'helpfuls':
post_objects.get(id=post_id).helpful,
'questions':
post_objects.get(id=post_id).also_questioning,
'celebrations':
post_objects.get(id=post_id).celebrating,
'form':
form,
'needsWarning':
needsWarning
}
return HttpResponse(
loader.get_template('post.html').render(context, request))
def globales(request):
form_principal = PrincipalForm(request.POST)
form1 = AuthenticationForm()
return {'form_principal': form_principal, 'form1': form1}
def index(request):
if not request.user.is_authenticated():
return {'form': AuthenticationForm(), 'reg_form': RegistrationForm()}
else:
return HttpResponseRedirect('/posts')
def login(request,
template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME):
if TEMP_DEBUG_LOGGING:
TEMP_DEBUG_FILE = open('/tmp/os-debug.log', 'a')
TEMP_DEBUG_FILE.write("\nLogin:"******"\n")
"Displays the login form and handles the login action."
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
from django.contrib.auth import login
if form.is_valid():
user = form.get_user()
# Check if the user is banned
user_ob = User.objects.filter(username=user)
if len(user_ob) != 0:
if len(BanishedUser.objects.filter(user=user_ob[0])) != 0:
return json_result(
{'form_errors': {
"__all__": ["User is banned"]
}})
login(request, user)
# If this was a visitor, connect to a user
connect_visitor_to_user(request, user.id)
# Log the login
create_user_event_log(request, {"log_type": LogUserEvents.login})
if TEMP_DEBUG_LOGGING:
TEMP_DEBUG_FILE.write("Login results is user_authenticated?" +
str(request.user.is_authenticated()))
TEMP_DEBUG_FILE.close()
return json_result({
'success':
True,
'sms_can_change_password':
get_sms_can_change_password(request.user)
}) #json_success()
else:
if Settings.objects.boolean('SOFT_ENTRY_CODES'):
c = request.POST.get('entrycode', '')
code_object = EntryCode.objects.filter(code=c)
if len(code_object) <= 0:
return json_error('Invalid Entry Code')
u = User.objects.filter(username=code_object[0].username)
if len(u) <= 0:
return json_error('Entry code and user do not match')
if code_object[0].first_login:
first_login_time = UserData(user=u[0],
key='first_login',
value=time.time())
first_login_time.save()
code_object[0].first_login = False
code_object[0].save()
connect_visitor_to_user(request, u[0].id)
request.session['user_id'] = u[0].id
request.session['_auth_user_id'] = u[0].id
request.session[
'_auth_user_backend'] = 'opinion.email-auth.EmailOrUsernameModelBackend'
return json_success()
# Invalid login
if TEMP_DEBUG_LOGGING:
TEMP_DEBUG_FILE.write(
json_result({
'form_errors': errors_to_dict(form.errors)
}).content)
TEMP_DEBUG_FILE.close()
return json_result({'form_errors': errors_to_dict(form.errors)})
else:
return json_error('Invalid request.')
def user_authentication(request):
if SITE_DISABLED:
return render_to_response('core/site_disabled.html')
if not request.method == "POST":
return render_to_response(
'authentication/authentication_login_form.html',
{'form': AuthenticationForm()})
form = AuthenticationForm(data=request.POST)
username = request.POST.get('username')
password = request.POST.get('password')
# login Django, open session.
user = authenticate(username=username, password=password)
# user does not exist
if not user:
set_trylogin(username)
messages.error(request, _('Invalid username or password'))
return render_to_response(
'authentication/authentication_login_form.html', {'form': form},
context_instance=RequestContext(request))
else:
request.session['user_aux_id'] = user.id
# redirect to admin page
if user.is_staff or user.is_superuser:
login(request, user)
return HttpResponseRedirect(ADMIN_URL)
# user has not confirmed registration yet
if user.registrationprofile_set.all(
)[0].activation_key != 'ALREADY_ACTIVATED':
django_logout(request)
messages.error(
request,
_('Your account has not been confirmated yet. Please check your email and use your activation code to continue'
))
return render_to_response(
'authentication/authentication_login_form.html', {'form': form},
context_instance=RequestContext(request))
if not user.is_active:
django_logout(request)
messages.error(
request,
_('Your account has been disable. Please contact your administrator.'
))
return render_to_response(
'authentication/authentication_login_form.html', {'form': form},
context_instance=RequestContext(request))
# none restriction to login from where.
clear_login(user)
# django login, user.profile is required
login(request, user)
# choose a organization
if user.profile.organization.distinct().count() > 1:
# redirect to select org page
return HttpResponseRedirect(
reverse('authentication-select-organization'))
# just one organization
else:
# load profile user
user.profile.org_active = user.profile.organization.all()[
0] # just one org
user.profile.save()
# new role
user.groups.clear()
for role in user.get_profile().role_set.filter(
organization=user.profile.org_active):
user.groups.add(role.group)
# django login
login(request, user)
return HttpResponseRedirect('/')
def get(self, request):
context = {
'form': AuthenticationForm(),
'redirect_url': self.request.GET.get('next')
}
return render(request, self.template_name, context=context)
login(request, user)
state = "You're successfully logged in!"
try:
create_account(user)
except Exception, e:
print "Unable to create account"
print e
else:
state = "Your account is not active, please contact the site administrator"
else:
state = "Your username and/or password were incorrect."
login(request, user)
return redirect(nextPage)
else:
state = "Your username and/or password were incorrect."
return render_to_response(
"registration/login.html", {
'a_form': form,
'next': nextPage,
'state': state
},
context_instance=RequestContext(request))
except Exception as e:
print "Error authenticating form"
print e
else:
form = AuthenticationForm()
#return render_to_response("registration/login.html", {'a_form': form, 'next': nextPage, 'state': state}, context_instance=RequestContext(request))
return redirect("instagram.api.connectInstagram")
def logout(request):
auth.logout(request)
form = AuthenticationForm()
return render(request, 'signup.html', {'form': form})
def accounts(request):
return render(request, "registration/accounts.html", {
"createForm": UserCreationForm(),
"loginForm": AuthenticationForm()
})
def include_login_form(request):
from django.contrib.auth.forms import AuthenticationForm
form = AuthenticationForm()
return {"form": form}
def login_form(request):
return {'login_form': AuthenticationForm()}
def login_user(request):
if request.user.is_authenticated():
pk = signer.sign(str(request.user.pk))
return HttpResponseRedirect('./users/' + pk + '/products')
form = AuthenticationForm()
return render(request, 'lostnfound/login.html', {'form': form})
def get(self, request):
form = AuthenticationForm()
return render(request, "login/page-login.html", {
'form': form,
'message': ''
})
def get(self, request):
form = AuthenticationForm()
return render(request, 'registration/login.html', {'form': form})
def login_auth(request):
"""
登录表单验证
:param request:
:return:
"""
if request.method != "POST":
return HttpResponse("wrong method", status=403)
callback = request.session.get('callback', None)
api_key = request.session.get('api_key', None)
try:
netloc = urlparse.urlparse(callback).netloc
error, site = check_basic_params(callback, api_key, netloc)
except:
error = "callback参数有误"
if error:
return error
data = request.POST
form = AuthenticationForm(request, data=data)
if form.is_valid(): # 登录成功
user = form.get_user()
auth_token = UserTokenCache.add(request.META.get("REMOTE_ADDR"), user,
netloc) # 缓存用户账号
# 判断账号在当前站点是否已激活
if site not in user.sites.all():
request.session['auth_token'] = auth_token
return resp_activate(request, user, site)
resp = form_redirect(callback, auth_token=auth_token)
resp.set_cookie("auth_token",
auth_token) # NOTE: 这里的cookie是留到uams站点下的,并不是带给app site
history(request, user.username, '登录 %s' % site.name)
return resp
else:
# 检查是否是批量导入用户
user = Account.objects.filter(
username=request.POST.get("username", None)).first()
if user:
if not user.is_active:
error = '很抱歉,该账号已被锁定,请联系管理员'
else:
data._mutable = True
data['password'] = '******'
data._mutable = False
form = AuthenticationForm(request, data=data)
if form.is_valid(): # 验证成功,表明是批量导入的用户
error = "Your account is imported to UAMS newly, you need to reset your password."
else:
error = '用户名与密码不匹配'
else:
error = '用户名与密码不匹配'
# 跳转到登录界面
resp = form_redirect('/uams/login',
apikey=api_key,
callback=callback,
error=error)
resp.delete_cookie("auth_token")
return resp
def index(request):
form = AuthenticationForm()
context = {'form':form}
return render(request, 'users/login.html', context)
def dashboard(request):
request.session.set_test_cookie()
if request.user.is_authenticated():
act_view = {
'view_texts': get_int(request.GET, 'view_texts', 1),
'view_comments': get_int(request.GET, 'view_comments', 1),
'view_users': get_int(request.GET, 'view_users', 1),
}
paginate_by = get_int(request.GET, 'paginate', ACTIVITY_PAGINATION)
# texts with can_view_unapproved_comment perms
moderator_texts = get_texts_with_perm(request,
'can_view_unapproved_comment')
viewer_texts = get_texts_with_perm(request,
'can_view_approved_comment')
all_texts_ids = [t.id for t in moderator_texts
] + [t.id for t in viewer_texts]
span = get_among(request.GET, 'span', (
'day',
'month',
'week',
), 'week')
template_dict = {
'span':
span,
'last_texts':
get_texts_with_perm(
request,
'can_view_text').order_by('-modified')[:RECENT_TEXT_NB],
'last_comments':
Comment.objects.filter(text_version__text__in=all_texts_ids).
order_by('-created')[:RECENT_COMMENT_NB], # TODO: useful?
#'last_users' : User.objects.all().order_by('-date_joined')[:5],
}
template_dict.update(act_view)
#selected_activities = []
#[selected_activities.extend(Activity.VIEWABLE_ACTIVITIES[k]) for k in act_view.keys() if act_view[k]]
activities = get_viewable_activities(request, act_view)
if not has_perm(request, 'can_manage_workspace'):
template_dict['to_mod_profiles'] = []
else:
template_dict['to_mod_profiles'] = UserProfile.objects.filter(
user__is_active=False).filter(is_suspended=True).order_by(
'-user__date_joined')[:MODERATE_NB]
template_dict['to_mod_comments'] = Comment.objects.filter(
state='pending').filter(
text_version__text__in=moderator_texts).order_by(
'-modified')[:MODERATE_NB -
len(template_dict['to_mod_profiles'])]
activities = activities.order_by('-created')
return object_list(
request,
activities,
template_name='site/dashboard.html',
paginate_by=paginate_by,
extra_context=template_dict,
)
else:
if request.method == 'POST':
form = AuthenticationForm(request, request.POST)
if form.is_valid():
user = form.get_user()
user.backend = 'django.contrib.auth.backends.ModelBackend'
cm_login(request, user)
display_message(request, _(u"You're logged in!"))
return HttpResponseRedirect(reverse('index'))
else:
form = AuthenticationForm()
public_texts = get_texts_with_perm(
request, 'can_view_text').order_by('-modified')
template_dict = {
'form': form,
'public_texts': public_texts,
}
return render_to_response('site/non_authenticated_index.html',
template_dict,
context_instance=RequestContext(request))
def get(self, request):
return render(request, 'sign/login.html', {
'view_title': 'Login',
'login_form': AuthenticationForm()
})
def get(self, request, *args, **kwargs):
form = AuthenticationForm()
context = {
'form': form,
}
return render(request, self.template_name, context)
def index(request, template_name):
"""
Landing page for anonymous user
Sign in and Sign up functionality handled
"""
if request.user.is_authenticated():
try:
userprofile = UserProfile.objects.get(user=request.user)
except UserProfile.DoesNotExist:
return HttpResponseRedirect(reverse('registration_register'))
grades = Grade.objects.filter(
student=userprofile.user,
course__start_date__lte=datetime.now()).order_by('-date_added')
try:
course_id = MCQuestionAttempt.objects.filter(
student=request.user)[0].mcquestion.quiz.course.id
except IndexError:
course_id = None
return render_to_response('userprofile/profile.html',
context_instance=RequestContext(
request, {
'userprofile': userprofile,
'grades': grades,
'course': course_id
}))
else:
if request.POST:
form_type = request.POST['form']
if form_type == 'form1':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
try:
userprofile = UserProfile.objects.get(user=user)
except UserProfile.DoesNotExist:
return HttpResponseRedirect(
reverse('registration_register'))
grades = Grade.objects.filter(
student=userprofile.user,
course__start_date__lte=datetime.now()).order_by(
'-date_added')
return render_to_response(
'userprofile/profile.html',
context_instance=RequestContext(
request, {
'userprofile': userprofile,
'grades': grades
}))
else:
form = AuthenticationForm(None, request.POST)
return render_to_response('registration/login.html',
context_instance=RequestContext(
request, {'form': form}))
if form_type == 'form2':
form = UserForm(request.POST)
if form.is_valid():
user = User.objects.create_user(**form.cleaned_data)
new_user = authenticate(username=request.POST['username'],
password=request.POST['password'])
login(request, new_user)
return HttpResponseRedirect(reverse('registration_register'))
else:
form = UserForm()
return render_to_response(template_name,
context_instance=RequestContext(
request, {'form': form}))
return HttpResponseRedirect(reverse('registration_register'))
def global_nav_forms(request):
return {
'global_search_form': SearchForm(),
'global_login_form': AuthenticationForm(),
}
