def login_view(request, template_name="profile/login.html", redirect_field_name=REDIRECT_FIELD_NAME): context = {} redirect_to = request.REQUEST.get(redirect_field_name, "") if request.user.is_authenticated(): return HttpResponseRedirect("/") if request.method == "POST": form = LoginForm(data=request.POST) if form.is_valid(): # Light security check -- make sure redirect_to isn't garbage. if not redirect_to or "//" in redirect_to or " " in redirect_to: redirect_to = settings.LOGIN_REDIRECT_URL login(request, form.get_user()) if request.session.test_cookie_worked(): request.session.delete_test_cookie() return HttpResponseRedirect(redirect_to) else: form = LoginForm(request) request.session.set_test_cookie() if Site._meta.installed: current_site = Site.objects.get_current() else: current_site = RequestSite(request) return render_response( request, template_name, { "login_form": form, "register_form": RegisterForm(), redirect_field_name: redirect_to, "site": current_site, "site_name": current_site.name, }, )
def login_view(request, template_name='login.html', redirect_field_name=REDIRECT_FIELD_NAME): """ This version of login view allow the user to connect using his email and password. """ context = {} redirect_to = request.REQUEST.get(redirect_field_name, '') if request.user.is_authenticated(): return HttpResponseRedirect('/') if request.method == "POST": form = LoginForm(data=request.POST) if form.is_valid(): # Light security check -- make sure redirect_to isn't garbage. if not redirect_to or '//' in redirect_to or ' ' in redirect_to: redirect_to = settings.LOGIN_REDIRECT_URL login(request, form.get_user()) if request.session.test_cookie_worked(): request.session.delete_test_cookie() return HttpResponseRedirect(redirect_to) else: form = LoginForm(request) request.session.set_test_cookie() return render_response(request,template_name, { 'login_form': form, })