def login(self):
context = self.context
request = self.request
# identify
login = request.POST.get('login')
password = request.POST.get('password')
if self.login_locked_out(login):
redirect = request.resource_url(
request.root, 'login.html', query={
'reason': 'User locked out. Too many failed login attempts.'})
return HTTPFound(location=redirect)
notify(events.LoginAttempt(context, request, login, password))
if login is None or password is None:
return HTTPFound(location='%s/login.html' % request.application_url)
max_age = request.POST.get('max_age')
if max_age is not None:
max_age = int(max_age)
# authenticate
userid = None
reason = 'Bad username or password'
users = find_users(context)
for authenticate in (password_authenticator, impersonate_authenticator):
userid = authenticate(context, users, login, password)
if userid:
break
# if not successful, try again
if not userid:
notify(events.LoginFailed(context, request, login, password))
redirect = request.resource_url(
request.root, 'login.html', query={'reason': reason})
return HTTPFound(location=redirect)
tf = TwoFactor(context, request)
if tf.enabled:
code = request.POST.get('code')
if not code:
redirect = request.resource_url(
request.root, 'login.html',
query={'reason': 'No authentication code provided'})
notify(events.LoginFailed(context, request, login, password))
return HTTPFound(location=redirect)
if tf.validate(userid, code): # noqa
notify(events.LoginFailed(context, request, login, password))
redirect = request.resource_url(
request.root, 'login.html', query={'reason': 'Invalid authorization code'}) # noqa
return HTTPFound(location=redirect)
# else, remember
notify(events.LoginSuccess(context, request, login, password))
return remember_login(context, request, userid, max_age)
def login(self):
context = self.context
request = self.request
# identify
login = request.POST.get('login')
password = request.POST.get('password')
if self.login_locked_out(login):
redirect = request.resource_url(
request.root,
'login.html',
query={
'reason':
'User locked out. Too many failed login attempts.'
})
return HTTPFound(location=redirect)
notify(events.LoginAttempt(context, request, login, password))
if login is None or password is None:
return HTTPFound(location='%s/login.html' %
request.application_url)
max_age = request.POST.get('max_age')
if max_age is not None:
max_age = int(max_age)
# authenticate
userid = None
reason = 'Bad username or password'
users = find_users(context)
for authenticate in (password_authenticator,
impersonate_authenticator):
userid = authenticate(context, users, login, password)
if userid:
break
# if not successful, try again
if not userid:
notify(events.LoginFailed(context, request, login, password))
redirect = request.resource_url(request.root,
'login.html',
query={'reason': reason})
return HTTPFound(location=redirect)
tf = TwoFactor(context, request)
if tf.enabled:
code = request.POST.get('code')
if not code:
redirect = request.resource_url(
request.root,
'login.html',
query={'reason': 'No authentication code provided'})
notify(events.LoginFailed(context, request, login, password))
return HTTPFound(location=redirect)
if tf.validate(userid, code): # noqa
notify(events.LoginFailed(context, request, login, password))
redirect = request.resource_url(
request.root,
'login.html',
query={'reason': 'Invalid authorization code'}) # noqa
return HTTPFound(location=redirect)
# else, remember
notify(events.LoginSuccess(context, request, login, password))
return remember_login(context, request, userid, max_age)
