def login_view(request):
next = request.params.get('next') or request.route_url('home')
context = {}
if request.method == "POST":
username = request.POST.get('username', '')
password = request.POST.get('password', '')
context.update(username=username)
user = User.get(username=username)
if user is not None:
if user.check_password(password):
if user.is_active is True:
headers = remember(request, user.id)
return HTTPFound(location=next, headers=headers)
else:
context.update(inactive_user=True)
else:
context.update(invalid_password=True)
else:
context.update(invalid_username=True)
context.update({
'next': next,
})
return context
def get_authenticated_user(request):
'''
This function is used to attach user object to current request
'''
userid = unauthenticated_userid(request)
if userid is not None:
# this should return None if the user doesn't exist
# in the database
return User.get_by_id(userid)
def get_principal_indentifiers(user_id, request):
user = User.get_by_id(user_id)
if user is None or not user.is_active:
return
principals = []
if user.is_superuser:
principals.append(SUPERUSER_PRINCIPAL)
return principals
def get_principal_indentifiers(user_id, request):
user = User.get_by_id(user_id)
if user is None or not user.is_active:
return
principals = []
if user.is_superuser:
principals.append(SUPERUSER_PRINCIPAL)
return principals
