def webauth_login(request):
"""
This view needs to be set up in the Apache config as a Webauth target. See
the Stanford Webauth pages for how to do this. If this isn't done, you'll
see a KeyError exception on the first line of code in this view.
It looks up the Webauth user in the WebauthUser model and logs in the
associated user if one is found. If no user is found, then a non-binnie
Oxford SSO person has attempted to get in and we tell them they aren't
welcome.
"""
if not 'AUTH_TYPE' in request.META:
return HttpResponseRedirect(reverse('webauth_failure'))
if request.META['AUTH_TYPE'] == 'WebAuth':
webauth_username = request.META['REMOTE_USER']
try:
profile = Profile.objects.get(webauth_username = webauth_username)
user = profile.user
update_user_from_ldap(user)
except Profile.DoesNotExist:
user = create_user_from_username(webauth_user)
profile = user.get_profile()
r = authenticate(webauth_user=profile)
dologin(request, profile.user)
next_url = request.GET.get('redirect_url', reverse("core_index"))
return HttpResponseRedirect(next_url)
def login(request):
context = {
'username':'',
'message':None
}
if request.method == "POST":
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
dologin(request, user)
if request.POST.get('redirect_url', None):
return HttpResponseRedirect(request.POST['redirect_url'])
else:
return HttpResponseRedirect(reverse("core_index"))
else:
message = "Sorry, your account has been disabled. Please check your e-mail for a password reset e-mail or contact a co-ordinator."
else:
message = "Sorry, your username and password were invalid."
context['username'], context['message'] = username, message
context['redirect_url'] = request.POST.get('redirect_url', '')
else:
context['redirect_url'] = request.GET.get('redirect_url', '')
return mobile_render(request, context, "auth/login")
def login(request):
if request.method == 'POST':
form = LoginForm(request.POST)
next_ref = request.POST.get('next_ref', '/')
print(request.POST.get('username'), request.POST.get('password'))
user = authenticate(request,
username=request.POST.get('username'),
password=request.POST.get('password'))
print(user)
if form.is_valid():
if user:
dologin(request, user=user)
return HttpResponseRedirect(next_ref)
else:
form.bad_login()
return render(request, 'qa/login.html', {'form': form})
else:
return render(request, 'qa/login.html', {'form': form})
else:
next_ref = request.GET.get('next_ref', '/')
form = LoginForm()
return render(request, 'qa/login.html', {
'form': form,
'next_ref': next_ref
})
def signup(request):
if request.method == 'POST':
form = SignUpForm(request.POST)
if form.is_valid():
user = form.save()
dologin(request, user)
return HttpResponseRedirect(reverse('home'))
else:
return render(request, 'qa/signup.html', {'form': form})
else:
form = SignUpForm()
return render(request, 'qa/signup.html', {'form': form})
def login(request):
if request.method == "POST":
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
dologin(request, user)
return HttpResponseRedirect('/')
else:
form = LoginForm()
return render(request, 'login.html', {'form': form,
'user': request.user,
'session': request.session, })
def signup(request):
if request.method == 'POST':
print(request.POST)
form = SignUpForm(request.POST)
if form.is_valid():
user = form.save()
dologin(request, user)
return HttpResponseRedirect(reverse('index'))
else:
return render(request, 'sms_interface/signup.html', {'signup_form': form,
'action_url': reverse('signup'),
})
else:
form = SignUpForm()
return render(request, 'sms_interface/signup.html', {'signup_form': form,
'action_url': reverse('signup'),
})
def loginView(request):
"""
View function to process login
"""
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
dologin(request, user)
if isOperator(user): # login as an operator
return redirect('/operator/map')
elif isAdmin(user): # login as an admin
return redirect('/admin/map')
return HttpResponse('ok')
else:
# Return a 'disabled account' error message
return HttpResponse("Disabled account")
else:
# Return an 'invalid login' error message.
return HttpResponse("Invalid login")
