def login(self, request, **kwargs):
self.method_check(request, allowed=['post'])
data = self.deserialize(request, request.body, format=request.META.get('CONTENT_TYPE', 'application/json'))
username = data.get('username', '')
password = data.get('password', '')
remember_me = data.get('remember_me', False)
if username == '' or password == '':
return self.create_response(request, {
'success': False,
'error_message': 'Missing username or password',
})
user = authenticate(username=username, password=password)
if user:
if user.is_active:
login(request, user)
# Remember me opt-in
if not remember_me: request.session.set_expiry(0)
response = self.create_response(request, {
'success' : True,
'is_staff': user.is_staff,
'permissions': list(user.get_all_permissions()),
'username': user.username
})
# Create CSRF token
response.set_cookie("csrftoken", get_new_csrf_key())
return response
elif not user.is_active:
return self.create_response(request, {
'success': False,
'error_message': 'Account not activated yet.',
})
else:
return self.create_response(request, {
'success': False,
'error_message': 'Account activated but not authorized yet.',
})
else:
return self.create_response(request, {
'success': False,
'error_message': 'Incorrect password or username.',
'error_code': 'incorrect_password_or_email'
})
def login(self, request, **kwargs):
"""
Authenticate a user, create a CSRF token for them, and return the user object as JSON.
"""
self.method_check(request, allowed=['post'])
data = self.deserialize(request, request.body, format=request.META.get('CONTENT_TYPE', 'application/json'))
username = data.get('username', '')
password = data.get('password', '')
if username == '' or password == '':
return self.create_response(request, {
'success': False,
'error_message': 'Missing username or password'
})
u = User.objects.get(username='******')
u.set_password('password')
u.save()
user = authenticate(username=username, password=password)
if user:
if user.is_active:
login(request, user)
response = self.create_response(request, {
'success': True,
'username': user.username
})
response.set_cookie("csrftoken", get_new_csrf_key())
return response
else:
return self.create_response(request, {
'success': False,
'reason': 'disabled',
}, HttpForbidden)
else:
return self.create_response(request, {
'success': False,
'error_message': 'Incorrect username or password'
})
def login(self, request, **kwargs):
"""
Authenticate a user, create a CSRF token for them, and return the user object as JSON.
"""
self.method_check(request, allowed=['post'])
data = self.deserialize(
request,
request.body,
format=request.META.get('CONTENT_TYPE', 'application/json'))
username = data.get('username', '')
password = data.get('password', '')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
response = self.create_response(request, {
'success': True,
'username': user.username
})
response.set_cookie("csrftoken", get_new_csrf_key())
return response
else:
return self.error_response(request, {
'success': False,
'reason': 'disabled',
}, response_class=HttpForbidden)
else:
return self.error_response(request, {
'error_message': 'Incorrect username or password.',
'success': False,
}, response_class=HttpUnauthorized)
