def login(self, request, **kwargs): self.method_check(request, allowed=['post']) data = self.deserialize(request, request.body, format=request.META.get('CONTENT_TYPE', 'application/json')) username = data.get('username', '') password = data.get('password', '') remember_me = data.get('remember_me', False) if username == '' or password == '': return self.create_response(request, { 'success': False, 'error_message': 'Missing username or password', }) user = authenticate(username=username, password=password) if user: if user.is_active: login(request, user) # Remember me opt-in if not remember_me: request.session.set_expiry(0) response = self.create_response(request, { 'success' : True, 'is_staff': user.is_staff, 'permissions': list(user.get_all_permissions()), 'username': user.username }) # Create CSRF token response.set_cookie("csrftoken", get_new_csrf_key()) return response elif not user.is_active: return self.create_response(request, { 'success': False, 'error_message': 'Account not activated yet.', }) else: return self.create_response(request, { 'success': False, 'error_message': 'Account activated but not authorized yet.', }) else: return self.create_response(request, { 'success': False, 'error_message': 'Incorrect password or username.', 'error_code': 'incorrect_password_or_email' })
def login(self, request, **kwargs): """ Authenticate a user, create a CSRF token for them, and return the user object as JSON. """ self.method_check(request, allowed=['post']) data = self.deserialize(request, request.body, format=request.META.get('CONTENT_TYPE', 'application/json')) username = data.get('username', '') password = data.get('password', '') if username == '' or password == '': return self.create_response(request, { 'success': False, 'error_message': 'Missing username or password' }) u = User.objects.get(username='******') u.set_password('password') u.save() user = authenticate(username=username, password=password) if user: if user.is_active: login(request, user) response = self.create_response(request, { 'success': True, 'username': user.username }) response.set_cookie("csrftoken", get_new_csrf_key()) return response else: return self.create_response(request, { 'success': False, 'reason': 'disabled', }, HttpForbidden) else: return self.create_response(request, { 'success': False, 'error_message': 'Incorrect username or password' })
def login(self, request, **kwargs): """ Authenticate a user, create a CSRF token for them, and return the user object as JSON. """ self.method_check(request, allowed=['post']) data = self.deserialize( request, request.body, format=request.META.get('CONTENT_TYPE', 'application/json')) username = data.get('username', '') password = data.get('password', '') user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) response = self.create_response(request, { 'success': True, 'username': user.username }) response.set_cookie("csrftoken", get_new_csrf_key()) return response else: return self.error_response(request, { 'success': False, 'reason': 'disabled', }, response_class=HttpForbidden) else: return self.error_response(request, { 'error_message': 'Incorrect username or password.', 'success': False, }, response_class=HttpUnauthorized)