def can_login(self, user: IUser) -> bool:
"""Verify if user is allowed do login.
:param user: User object.
:return: Boolean
"""
return user.can_login()
def authenticate_user(self, user: IUser, login_source:str, location: str=None):
"""Make the current session logged in session for this particular user."""
request = self.request
settings = request.registry.settings
require_activation = asbool(settings.get('horus.require_activation', True))
allow_inactive_login = asbool(settings.get('horus.allow_inactive_login', False))
if (not allow_inactive_login) and require_activation and (not user.is_activated()):
raise AuthenticationFailure('Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.')
if not user.can_login():
raise AuthenticationFailure('This user account cannot log in at the moment.')
user_registry = get_user_registry(request)
token = user_registry.get_session_token(user)
headers = remember(request, token)
# assert headers, "Authentication backend did not give us any session headers"
if not location:
location = get_config_route(request, 'horus.login_redirect')
self.greet_user(user)
self.update_login_data(user)
e = events.Login(request, user)
request.registry.notify(e)
return HTTPFound(location=location, headers=headers)
def authenticate_user(self,
user: IUser,
login_source: str,
location: str = None) -> Response:
"""Make the current session logged in session for this particular user.
How to authenticate user using the login service (assuming you have done password match or related yourself):
.. code-block:: python
from websauna.system.user.utils import get_login_service
def my_view(request):
# load user model instance from database
# user = ...
login_service = get_login_service(request)
response = login_service.authenticate_user(user, "my-login-source")
:raise AuthenticationFailure: If login cannot proceed due to disabled user account, etc.
:return: HTTPResponse what should happen as post-login action
"""
request = self.request
settings = request.registry.settings
require_activation = asbool(
settings.get('websauna.require_activation', True))
allow_inactive_login = asbool(
settings.get('websauna.allow_inactive_login', False))
if (not allow_inactive_login) and require_activation and (
not user.is_activated()):
raise AuthenticationFailure(
'Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.'
)
if not user.can_login():
raise AuthenticationFailure(
'This user account cannot log in at the moment.')
user_registry = get_user_registry(request)
token = user_registry.get_session_token(user)
headers = remember(request, token)
# assert headers, "Authentication backend did not give us any session headers"
if not location:
location = get_config_route(request, 'websauna.login_redirect')
self.greet_user(user)
self.update_login_data(user)
e = events.Login(request, user)
request.registry.notify(e)
return HTTPFound(location=location, headers=headers)
def authenticate_user(self, user: IUser, login_source: str, location: str=None) -> Response:
"""Make the current session logged in session for this particular user.
How to authenticate user using the login service (assuming you have done password match or related yourself):
.. code-block:: python
from websauna.system.user.utils import get_login_service
def my_view(request):
# load user model instance from database
# user = ...
login_service = get_login_service(request)
response = login_service.authenticate_user(user, "my-login-source")
:raise AuthenticationFailure: If login cannot proceed due to disabled user account, etc.
:return: HTTPResponse what should happen as post-login action
"""
request = self.request
settings = request.registry.settings
require_activation = asbool(settings.get('websauna.require_activation', True))
allow_inactive_login = asbool(settings.get('websauna.allow_inactive_login', False))
if (not allow_inactive_login) and require_activation and (not user.is_activated()):
raise AuthenticationFailure('Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.')
if not user.can_login():
raise AuthenticationFailure('This user account cannot log in at the moment.')
user_registry = get_user_registry(request)
token = user_registry.get_session_token(user)
headers = remember(request, token)
# assert headers, "Authentication backend did not give us any session headers"
if not location:
location = get_config_route(request, 'websauna.login_redirect')
self.greet_user(user)
self.update_login_data(user)
e = events.Login(request, user)
request.registry.notify(e)
return HTTPFound(location=location, headers=headers)
def authenticate_user(self,
user: IUser,
login_source: str,
location: str = None):
"""Make the current session logged in session for this particular user."""
request = self.request
settings = request.registry.settings
require_activation = asbool(
settings.get('horus.require_activation', True))
allow_inactive_login = asbool(
settings.get('horus.allow_inactive_login', False))
if (not allow_inactive_login) and require_activation and (
not user.is_activated()):
raise AuthenticationFailure(
'Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.'
)
if not user.can_login():
raise AuthenticationFailure(
'This user account cannot log in at the moment.')
user_registry = get_user_registry(request)
token = user_registry.get_session_token(user)
headers = remember(request, token)
# assert headers, "Authentication backend did not give us any session headers"
if not location:
location = get_config_route(request, 'horus.login_redirect')
self.greet_user(user)
self.update_login_data(user)
e = events.Login(request, user)
request.registry.notify(e)
return HTTPFound(location=location, headers=headers)
