def login(request):
"""
Login view
"""
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if form.is_valid():
user = authenticate(email=request.POST['email'],
password=request.POST['password'])
if user is not None:
if settings.DEBUG:
print("User is not Empty!")
if user.is_active:
django_login(request, user)
return redirect('/')
else:
form = AuthenticationForm()
return render_to_response('registration/login.html', {
'form': form,
}, context_instance=RequestContext(request))
def login(request):
"""
Login view
"""
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if form.is_valid():
user = authenticate(email=request.POST['email'],
password=request.POST['password'])
if user is not None:
if settings.DEBUG:
print("User is not Empty!")
if user.is_active:
django_login(request, user)
return redirect('/')
else:
form = AuthenticationForm()
return render_to_response('registration/login.html', {
'form': form,
}, context_instance=RequestContext(request))
def sms_login(request, *args, **kwargs):
# Check session variables to find information carried forward.
access_field = settings.USERNAME_FIELD
# This is the key field name. Probably username or email
if access_field in request.session:
if request.session[access_field] != "":
access_key = request.session[access_field]
else:
access_key = ""
else:
access_key = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key))
# print(request.POST)
print(args)
print(kwargs)
next = ""
# Passing next parameter through to form
if request.GET:
if 'next' in request.GET:
next = request.GET['next']
next = request.get_full_path().split('next=')[1]
if settings.DEBUG:
print("We got a next value of:", next)
print("full path = ", request.get_full_path())
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST[access_field])
# form = SMSCodeForm(request.POST)
# form.username = request.POST['username']
request.session[access_field] = request.POST[access_field]
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
print("Authenticating...")
access_key = form.cleaned_data[access_field] # .lower()
password = form.cleaned_data['password'] # .lower()
sms_code = form.cleaned_data['sms_code']
if not validate_sms(access_key=access_key, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm(),
'next': next},
RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
try:
user = authenticate(username=access_key, password=password)
except (ldap3.LDAPBindError,
ldap3.LDAPSASLPrepError,
ldap3.LDAPSocketOpenError):
print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:",ldap3.LDAPSocketOpenError)
messages.error(request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html', {'next': next},
RequestContext(request))
#######
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
session_device(request,
"True",
Session="auth_master")
# DONE: Now Send a message on login
if user.notify_activity in "ET":
send_activity_message(request,
user)
# Otherwise don't send a message
if next != "":
if settings.DEBUG:
print("About to redirect to:", next )
print("QUERY_DICT:", dict(request.POST.items()))
print("but what about kwargs", kwargs)
return HttpResponseRedirect(next)
else:
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
args = {'next': next}
return HttpResponseRedirect(reverse('sms_code', args))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm(),
'next': next},
RequestContext(request))
else:
print("Error with the POST form", )
return render_to_response('accounts/login.html',
{'form': form,
'next': next},
RequestContext(request))
else:
if access_field in request.session:
access_key = request.session[access_field]
else:
access_key = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", access_key, "]")
form = AuthenticationForm(initial={access_field: access_key})
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {'form': form,
'next': next},
RequestContext(request))
def sms_code(request):
# Check session variables to find information carried forward.
access_field = settings.USERNAME_FIELD
# This is the key field name. Probably username or email
if access_field in request.session:
if request.session[access_field] != "":
access_key = request.session[access_field]
else:
access_key = ""
else:
access_key = ""
status = "NONE"
if settings.DEBUG:
print("in accounts.views.sms.sms_code")
next = ""
# We need to carry the next parameter through
if request.GET:
next = request.GET['next']
if settings.DEBUG:
print("next parameter is:", next)
print("Other parameters = ", dict(request.GET.items()))
if request.method == 'POST':
if request.POST.__contains__(access_field):
access_key = request.POST[access_field].lower()
print("POST ", access_field, "on entry:[%s]" % (access_key))
else:
if access_field in request.session:
if request.session[access_field] != "":
access_key = request.session[access_field].lower()
else:
access_key = ""
if settings.DEBUG:
#print("request.POST:%s" % request.POST)
print("%s:%s" % (access_field, access_key))
form = SMSCodeForm(request.POST)
if form.is_valid():
if not validate_user(request,
form.cleaned_data[access_field].lower()):
request.session[access_field] = ""
# We had a problem
# Message error was set in validate_user function
status = access_field + " not Recognized"
return HttpResponseRedirect(reverse('accounts:sms_code'))
else:
if settings.DEBUG:
print("Valid form with a valid ", access_field)
# True if email found in LDAP
try:
print("Access_Field:", access_field)
print("form:AccessField:",
form.cleaned_data[access_field].lower())
u = User.objects.get(**{
access_field:
form.cleaned_data[access_field]
}) #.lower()
if settings.DEBUG:
print("returned u:", u)
# u = User.objects.get(username=form.cleaned_data['username'])
mfa_required = u.mfa
email = u.email
if settings.DEBUG:
print("Require MFA Login:%s" % mfa_required)
if u.is_active:
# posting a session variable for login page
request.session[access_field] = access_key
if mfa_required:
trigger = ValidSMSCode.objects.create(user=u)
if str(trigger.send_outcome).lower() != "fail":
messages.success(
request,
"A text message was sent to your mobile phone."
)
status = "Text Message Sent"
else:
messages.error(
request,
"There was a problem sending your pin code. Please try again."
)
status = "Send Error"
args = {}
if next != "":
args['next'] = next
if settings.DEBUG:
print("redirecting to sms_code with args:",
args)
return HttpResponseRedirect(
reverse('accounts:sms_code', args))
else:
messages.success(
request,
"Your account is active. Continue Login.")
status = "Account Active"
else:
request.session[access_field] = ""
messages.error(
request,
mark_safe(
"Your account is inactive. If you recently registered to use BlueButton"
"\nplease check your email for an activation link."
))
status = "Inactive Account"
return HttpResponseRedirect(
reverse('accounts:sms_code'))
except (User.DoesNotExist):
# User is in LDAP but not in User Table
#u = make_local_user(request,
# email=form.cleaned_data['email'].lower())
# DONE: Point to Registration Page
# DONE: Redirect user to educate, acknowledge, validate step
messages.error(
request,
mark_safe(
"You are registered on MyMedicare.gov. "
"\nBut not registered for BlueButton."
" \nPlease complete the <a href='/registration/register/'>BlueButton Registration</a>"
))
request.session[access_field] = ""
args = {}
args[access_field] = form.cleaned_data[access_field].lower(
)
return HttpResponseRedirect("/accounts/learn/0/",
access_key)
# messages.error(request, "You are not recognized.")
# status = "User UnRecognized"
#return HttpResponseRedirect(
# reverse('accounts:sms_code'))
# except(UserProfile.DoesNotExist):
# messages.error(request, "You do not have a user profile.")
# return HttpResponseRedirect(reverse('sms_code'))
if settings.DEBUG:
print("dropping out of valid form")
print("Status:", status)
print("%s: %s" % (access_field, access_key))
# Change the form and move to login
form = AuthenticationForm(initial={access_field: access_key})
args = {}
args['form'] = form
if next == "":
args['next'] = ""
else:
args['next'] = next
if settings.DEBUG:
print("calling accounts:login with args:", args)
call_with = '/accounts/login?next=%s' % next
if settings.DEBUG:
print("about to call:", call_with)
return HttpResponseRedirect(call_with)
#return render_to_response('accounts/login.html',
# RequestContext(request, {'form': form,
# 'next': next}))
else:
if settings.DEBUG:
print("invalid form")
# need to make form.username a variable
form.username = access_key
return render_to_response(
'accounts/smscode.html',
RequestContext(request, {
'form': form,
'next': next
}))
else:
if access_field in request.session:
if request.session[access_field] != "":
access_key = request.session[access_field]
else:
access_key = ""
else:
access_key = ""
if settings.DEBUG:
print("setting up the POST in sms_code [", access_key, "]")
print("Passing next parameter to form:", next)
form = SMSCodeForm(initial={access_field: access_key})
# need to make form.username a variable
if settings.USERNAME_FIELD == "email":
form.email = access_key
else:
form.username = access_key
if settings.DEBUG:
print("form ", access_field, form)
print("In the sms_code.get")
if settings.DEBUG:
print("form:", form)
print("Dropping to render_to_response in sms_code with next=", next)
return render_to_response('accounts/smscode.html', {
'form': form,
'next': next
}, RequestContext(request))
def sms_login(request, *args, **kwargs):
# Check session variables to find information carried forward.
access_field = settings.USERNAME_FIELD
# This is the key field name. Probably username or email
if access_field in request.session:
if request.session[access_field] != "":
access_key = request.session[access_field]
else:
access_key = ""
else:
access_key = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key))
# print(request.POST)
print(args)
print(kwargs)
next = ""
# Passing next parameter through to form
if request.GET:
if 'next' in request.GET:
next = request.GET['next']
next = request.get_full_path().split('next=')[1]
if settings.DEBUG:
print("We got a next value of:", next)
print("full path = ", request.get_full_path())
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST[access_field])
# form = SMSCodeForm(request.POST)
# form.username = request.POST['username']
request.session[access_field] = request.POST[access_field]
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
print("Authenticating...")
access_key = form.cleaned_data[access_field] # .lower()
password = form.cleaned_data['password'] # .lower()
sms_code = form.cleaned_data['sms_code']
if not validate_sms(access_key=access_key, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html', {
'form': AuthenticationForm(),
'next': next
}, RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
try:
user = authenticate(username=access_key, password=password)
except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError,
ldap3.LDAPSocketOpenError):
print("We got an LDAP Error - Bind:", dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:", ldap3.LDAPSocketOpenError)
messages.error(
request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html',
{'next': next},
RequestContext(request))
#######
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
session_device(request, "True", Session="auth_master")
# DONE: Now Send a message on login
if user.notify_activity in "ET":
send_activity_message(request, user)
# Otherwise don't send a message
if next != "":
if settings.DEBUG:
print("About to redirect to:", next)
print("QUERY_DICT:", dict(request.POST.items()))
print("but what about kwargs", kwargs)
return HttpResponseRedirect(next)
else:
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
args = {'next': next}
return HttpResponseRedirect(reverse('sms_code', args))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html', {
'form': AuthenticationForm(),
'next': next
}, RequestContext(request))
else:
print("Error with the POST form", )
return render_to_response('accounts/login.html', {
'form': form,
'next': next
}, RequestContext(request))
else:
if access_field in request.session:
access_key = request.session[access_field]
else:
access_key = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", access_key, "]")
form = AuthenticationForm(initial={access_field: access_key})
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {
'form': form,
'next': next
}, RequestContext(request))
def sms_login(request, *args, **kwargs):
if 'email' in request.session:
if request.session['email'] != "":
email = request.session['email']
else:
email = ""
else:
email = ""
if settings.DEBUG:
print(request.GET)
print("SMS_LOGIN.GET:email:[%s]" % (email))
print(request.POST)
print(args)
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST['email'])
#form = SMSCodeForm(request.POST)
#form.email = request.POST['email']
request.session['email'] = request.POST['email']
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
#print "Authenticate"
email = form.cleaned_data['email']
password = form.cleaned_data['password']
sms_code = form.cleaned_data['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
else:
if 'email' in request.session:
email = request.session['email']
else:
email = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", email, "]")
form = AuthenticationForm(initial={
'email': email,
})
if settings.DEBUG:
print(form)
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
def login_optional(request):
"""
One screen Login with SMS
:param request:
:return:
Prompt for: email, password.
Offer "Send Pin Code" and "Login" Submit buttons
Test email and password. Check for MFA setting.
If MFA is enabled and Login button used with no Pin Code then fail validation
If User and Password are correct and no MFA then allow login
If User and Password and MFA and Pin Code then allow Login
Else fail validation
"""
args = {}
if settings.DEBUG:
print("in accounts.views.sms.login_optional")
if request.POST:
form = AuthenticationSMSForm(request.POST)
if settings.DEBUG:
print("test login before is_valid()")
print(request.POST['login'])
print("pin needed? [%s]" % request.POST['send_pin'])
if form.is_valid():
if settings.DEBUG:
print("in the post section with form instance")
print(form)
print("Email:", form.cleaned_data['email'])
# Do the evaluation logic here
if request.POST['login'].lower() == 'send pin code':
if settings.DEBUG:
print("Sending PIN")
try:
u = User.objects.get(email=request.POST['email'])
except User.DoesNotExist:
messages.error(request, "Something went wrong.")
form = AuthenticationSMSForm(request.POST)
form.email = request.POST['email']
return render_to_response(
'accounts/login_sms.html',
RequestContext(
request,
{'form': form},
))
else:
email = form.cleaned_data['email']
password = form.cleaned_data['password']
sms_code = form.cleaned_data['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationForm()},
RequestContext(request))
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('login_sms'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationForm()},
RequestContext(request))
else: # FORM IS NOT VALID
if settings.DEBUG:
print("Form is invalid")
args['form'] = form
return render(request, 'accounts/login_sms.html', args)
else: # Not a POST
form = AuthenticationSMSForm()
return render_to_response('accounts/login_sms.html',
context_instance=RequestContext(
request, {'form': form}))
def login_optional_sms(request):
"""
One screen Login with SMS
:param request:
:return:
Prompt for: email, password.
Offer "Send Pin Code" and "Login" Submit buttons
Test email and password. Check for MFA setting.
If MFA is enabled and Login button used with no Pin Code then fail validation
If User and Password are correct and no MFA then allow login
If User and Password and MFA and Pin Code then allow Login
Else fail validation
"""
if settings.DEBUG:
print("in accounts.views.sms.login_optional_sms")
if request.method == 'POST':
# handle the form input
if settings.DEBUG:
print("in the POST")
form = AuthenticationSMSForm(request.POST)
# check for Login Method:
# 1. = Login
# 2. = Send Pin Code
if request.POST['login'].lower() == 'send pin code':
if settings.DEBUG:
print("Sending Code to %s" % (request.POST['email']))
try:
u = User.objects.get(email=request.POST['email'])
except User.DoesNotExist:
messages.error(request, "Something went wrong.")
form = AuthenticationSMSForm(request.POST)
form.email = request.POST['email']
return render_to_response('accounts/login_sms.html',
{'form': form},
RequestContext(request))
mfa_required = u.mfa
email_address = u.email
if u.is_active:
form = AuthenticationSMSForm()
form.email = email_address
if mfa_required:
ValidSMSCode.objects.create(user=u)
messages.success(
request,
"A text message was sent to your mobile phone.")
else:
messages.success(
request, "Your account is active. Continue Login.")
return render_to_response('accounts/login_sms.html',
RequestContext(request, {'form': form}))
elif request.POST['login'].lower() == 'login':
if settings.DEBUG:
print("in login step")
if form.is_valid:
if settings.DEBUG:
print("Valid form received")
# print "Authenticate"
email = form.cleaned_data.get['email']
password = form.cleaned_data.get['password']
sms_code = form.cleaned_data.get['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationSMSForm()},
RequestContext(request))
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
# form is not valid
form.email = form.cleaned_data['email']
form.password = form.cleaned_data['password']
render_to_response('accounts/login_sms.html',
context_instance=RequestContext(
request,
{'form': form},
))
else:
# setup the form. We are entering with a GET to the page.
if settings.DEBUG:
print("setting up sms.login_optional_sms form")
form = AuthenticationSMSForm
return render_to_response('accounts/login_sms.html',
context_instance=RequestContext(
request,
{'form': form},
))
def sms_code(request):
if 'email' in request.session:
if request.session['email'] != "":
email = request.session['email']
else:
email = ""
else:
email = ""
status = "NONE"
if settings.DEBUG:
print("in accounts.views.sms.sms_code")
if request.method == 'POST':
if request.POST.__contains__('email'):
email = request.POST['email']
print("POST email on entry:[%s]" % (email))
else:
if 'email' in request.session:
if request.session['email'] != "":
email = request.session['email']
else:
email = ""
if settings.DEBUG:
print("request.POST:%s" % request.POST)
print("email:%s" % email)
form = SMSCodeForm(request.POST)
if form.is_valid():
try:
u = User.objects.get(email=form.cleaned_data['email'])
mfa_required = u.mfa
email = u.email
if settings.DEBUG:
print("Require MFA Login:%s" % mfa_required)
if u.is_active:
# posting a session variable for login page
request.session['email'] = email
if mfa_required:
trigger = ValidSMSCode.objects.create(user=u)
if str(trigger.send_outcome).lower() != "fail":
messages.success(
request,
"A text message was sent to your mobile phone."
)
status = "Text Message Sent"
else:
messages.error(
request,
"There was a problem sending your pin code. Please try again."
)
status = "Send Error"
return HttpResponseRedirect(
reverse('accounts:sms_code'))
else:
messages.success(
request, "Your account is active. Continue Login.")
status = "Account Active"
else:
request.session['email'] = ""
messages.error(request, "Your account is inactive.")
status = "Inactive Account"
return HttpResponseRedirect(reverse('accounts:sms_code'))
except (User.DoesNotExist):
request.session['email'] = ""
messages.error(request, "You are not recognized.")
status = "User UnRecognized"
return HttpResponseRedirect(reverse('accounts:sms_code'))
# except(UserProfile.DoesNotExist):
# messages.error(request, "You do not have a user profile.")
# return HttpResponseRedirect(reverse('sms_code'))
if settings.DEBUG:
print("dropping out of valid form")
print("Status:", status)
print("email: %s" % email)
# Change the form and move to login
form = AuthenticationForm(initial={'email': email})
args = {}
args['form'] = form
return HttpResponseRedirect(reverse('accounts:login'), args)
else:
if settings.DEBUG:
print("invalid form")
form.email = email
return render_to_response('accounts/login.html',
RequestContext(request, {'form': form}))
else:
if 'email' in request.session:
if request.session['email'] != "":
email = request.session['email']
else:
email = ""
else:
email = ""
if settings.DEBUG:
print("setting up the POST in sms_code [", email, "]")
form = SMSCodeForm(initial={
'email': email,
})
form.email = email
if settings.DEBUG:
print("form email", form.email)
if settings.DEBUG:
print(form)
return render_to_response('accounts/smscode.html', {'form': form},
RequestContext(request))
def sms_login(request, *args, **kwargs):
if 'email' in request.session:
if request.session['email'] != "":
email = request.session['email']
else:
email = ""
else:
email = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:email:[%s]" % (email))
# print(request.POST)
print(args)
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST['email'])
# form = SMSCodeForm(request.POST)
# form.email = request.POST['email']
request.session['email'] = request.POST['email']
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
# print("Authenticate")
email = form.cleaned_data['email'].lower()
password = form.cleaned_data['password'].lower()
sms_code = form.cleaned_data['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
try:
user = authenticate(username=email, password=password)
except (ldap3.LDAPBindError,
ldap3.LDAPSASLPrepError,
ldap3.LDAPSocketOpenError):
print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:",ldap3.LDAPSocketOpenError)
messages.error(request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html',
RequestContext(request))
#######
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
session_device(request,
"True",
Session="auth_master")
# DONE: Now Send a message on login
if user.notify_activity in "ET":
send_activity_message(request,
user)
# Otherwise don't send a message
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
return render_to_response('accounts/login.html',
{'form': form},
RequestContext(request))
else:
if 'email' in request.session:
email = request.session['email']
else:
email = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", email, "]")
form = AuthenticationForm(initial={'email': email, })
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
def sms_login(request, *args, **kwargs):
if 'email' in request.session:
if request.session['email'] != "":
email = request.session['email']
else:
email = ""
else:
email = ""
if settings.DEBUG:
print(request.GET)
print("SMS_LOGIN.GET:email:[%s]" % (email))
print(request.POST)
print(args)
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST['email'])
#form = SMSCodeForm(request.POST)
#form.email = request.POST['email']
request.session['email'] = request.POST['email']
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
#print "Authenticate"
email = form.cleaned_data['email']
password = form.cleaned_data['password']
sms_code = form.cleaned_data['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
user=authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
else:
if 'email' in request.session:
email = request.session['email']
else:
email = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", email, "]")
form = AuthenticationForm(initial={'email': email, })
if settings.DEBUG:
print(form)
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
def sms_login(request, *args, **kwargs):
# Step 2 of the login process.
if settings.USERNAME_FIELD in request.session:
if request.session[settings.USERNAME_FIELD] != "":
key_field = request.session[settings.USERNAME_FIELD]
else:
key_field = ""
else:
key_field = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:%s:[%s]" % (settings.USERNAME_FIELD, key_field))
# print(request.POST)
print("args:", args)
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST[settings.USERNAME_FIELD])
# form = SMSCodeForm(request.POST)
# form.email = request.POST['email']
request.session[settings.USERNAME_FIELD] = request.POST[settings.USERNAME_FIELD]
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
print("Authenticating...")
key_field = form.cleaned_data[settings.USERNAME_FIELD].lower()
password = form.cleaned_data['password'].lower()
sms_code = form.cleaned_data['sms_code']
if settings.DEBUG:
print("working with ", key_field)
if not validate_sms(username=key_field, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
if settings.DEBUG:
print("Going to sms_login loop back")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
check = User.objects.get(user=key_field)
if settings.DEBUG:
print("checking with ", key_field, "/", check)
try:
# user = authenticate(user=key_field, password=password)
user = authenticate(email=check.email, password=password)
if settings.DEBUG:
print("Authenticated User:"******"We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:",ldap3.LDAPSocketOpenError)
messages.error(request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html',
RequestContext(request))
#######
if settings.DEBUG:
print("authentication with", user)
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
# session_device(request,
# "True",
# Session="auth_master")
# DONE: Now Send a message on login
request.session['auth_master']= "True"
if user.notify_activity in "ET":
send_activity_message(request,
user)
# Otherwise don't send a message
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
return render_to_response('accounts/login.html',
{'form': form},
RequestContext(request))
else:
if settings.USERNAME_FIELD in request.session:
key_field = request.session[settings.USERNAME_FIELD]
else:
key_field = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", settings.USERNAME_FIELD, "]")
form = AuthenticationForm(initial={settings.USERNAME_FIELD: key_field, })
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
