def logout( request, next_page=None, template_name="registration/logged_out.html", redirect_field_name=REDIRECT_FIELD_NAME ): "Logs out the user and displays 'You are logged out' message." from seahub.auth import logout logout(request) if redirect_field_name in request.REQUEST: next_page = request.REQUEST[redirect_field_name] # Security check -- don't allow redirection to a different host. if not is_safe_url(url=next_page, host=request.get_host()): next_page = request.path if next_page is None: redirect_to = request.REQUEST.get(redirect_field_name, "") if redirect_to: return HttpResponseRedirect(redirect_to) else: return render_to_response( template_name, {"title": _("Logged out")}, context_instance=RequestContext(request) ) else: # Redirect to this page until the session has been cleared. return HttpResponseRedirect(next_page or request.path)
def logout(request, next_page=None, template_name='registration/logged_out.html', redirect_field_name=REDIRECT_FIELD_NAME): "Logs out the user and displays 'You are logged out' message." from seahub.auth import logout logout(request) if redirect_field_name in request.REQUEST: next_page = request.REQUEST[redirect_field_name] # Security check -- don't allow redirection to a different host. if not is_safe_url(url=next_page, host=request.get_host()): next_page = request.path if next_page is None: redirect_to = request.REQUEST.get(redirect_field_name, '') if redirect_to: return HttpResponseRedirect(redirect_to) else: return render_to_response(template_name, {'title': _('Logged out')}, context_instance=RequestContext(request)) else: # Redirect to this page until the session has been cleared. return HttpResponseRedirect(next_page or request.path)
def log_user_in(request, user, redirect_to): # Ensure the user-originating redirection url is safe. if not is_safe_url(url=redirect_to, host=request.get_host()): redirect_to = settings.LOGIN_REDIRECT_URL # Okay, security checks complete. Log the user in. auth_login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() _clear_login_failed_attempts(request) return HttpResponseRedirect(redirect_to)