def index(request): """Main entry page into EvaP providing all the login options available. The username/password login is thought to be used for internal users, e.g. by connecting to a LDAP directory. The login key mechanism is meant to be used to include external participants, e.g. visiting students or visiting contributors. """ # parse the form data into the respective form submit_type = request.POST.get("submit_type", "no_submit") new_key_form = NewKeyForm(request.POST if submit_type == "new_key" else None) login_username_form = LoginUsernameForm(request, request.POST if submit_type == "login_username" else None) # process form data if request.method == 'POST': if new_key_form.is_valid(): # user wants a new login key profile = new_key_form.get_user() profile.ensure_valid_login_key() profile.save() EmailTemplate.send_login_url_to_user(new_key_form.get_user()) messages.success(request, _("We sent you an email with a one-time login URL. Please check your inbox.")) return redirect('evaluation:index') elif login_username_form.is_valid(): # user would like to login with username and password and passed password test auth.login(request, login_username_form.get_user()) # clean up our test cookie if request.session.test_cookie_worked(): request.session.delete_test_cookie() # if not logged in by now, render form if not request.user.is_authenticated: # set test cookie to verify whether they work in the next step request.session.set_test_cookie() template_data = dict(new_key_form=new_key_form, login_username_form=login_username_form) return render(request, "index.html", template_data) else: user, __ = UserProfile.objects.get_or_create(username=request.user.username) # check for redirect variable redirect_to = request.GET.get("next", None) if redirect_to is not None: return redirect(redirect_to) # redirect user to appropriate start page if request.user.is_reviewer: return redirect('staff:semester_view', Semester.active_semester().id) if request.user.is_manager: return redirect('staff:index') elif request.user.is_grade_publisher: return redirect('grades:semester_view', Semester.active_semester().id) elif user.is_student: return redirect('student:index') elif user.is_contributor_or_delegate: return redirect('contributor:index') else: return redirect('results:index')
def index(request): """Main entry page into EvaP providing all the login options available. The username/password login is thought to be used for internal users, e.g. by connecting to a LDAP directory. The login key mechanism is meant to be used to include external participants, e.g. visiting students or visiting contributors. """ # parse the form data into the respective form submit_type = request.POST.get("submit_type", "no_submit") new_key_form = NewKeyForm(request.POST if submit_type == "new_key" else None) login_username_form = LoginUsernameForm(request, request.POST if submit_type == "login_username" else None) # process form data if request.method == 'POST': if new_key_form.is_valid(): # user wants a new login key profile = new_key_form.get_user() profile.ensure_valid_login_key() profile.save() EmailTemplate.send_login_url_to_user(new_key_form.get_user()) messages.success(request, _("We sent you an email with a one-time login URL. Please check your inbox.")) return redirect('evaluation:index') elif login_username_form.is_valid(): # user would like to login with username and password and passed password test auth.login(request, login_username_form.get_user()) # clean up our test cookie if request.session.test_cookie_worked(): request.session.delete_test_cookie() # if not logged in by now, render form if not request.user.is_authenticated: # set test cookie to verify whether they work in the next step request.session.set_test_cookie() template_data = dict(new_key_form=new_key_form, login_username_form=login_username_form) return render(request, "index.html", template_data) else: user, __ = UserProfile.objects.get_or_create(username=request.user.username) # check for redirect variable redirect_to = request.GET.get("next", None) if redirect_to is not None: return redirect(redirect_to) # redirect user to appropriate start page if request.user.is_reviewer: return redirect('staff:semester_view', Semester.active_semester().id) if request.user.is_staff: return redirect('staff:index') elif request.user.is_grade_publisher: return redirect('grades:semester_view', Semester.active_semester().id) elif user.is_student: return redirect('student:index') elif user.is_contributor_or_delegate: return redirect('contributor:index') else: return redirect('results:index')
def login_key_authentication(request, key): user = auth.authenticate(request, key=key) if user and not user.is_active: messages.error(request, _("Inactive users are not allowed to login.")) return redirect('evaluation:index') # If we already have an authenticated user don't try to login a new user. Show an error message if another user # tries to login with a URL in this situation. if request.user.is_authenticated: if user != request.user: messages.error(request, _("Another user is currently logged in. Please logout first and then use the login URL again.")) return redirect('evaluation:index') if user and user.login_key_valid_until >= date.today(): # User is valid. Set request.user and persist user in the session by logging the user in. request.user = user auth.login(request, user) messages.success(request, _("Logged in as %s.") % user.full_name) # Invalidate the login key, but keep it stored so we can later identify the user that is trying to login and send a new link user.login_key_valid_until = date.today() - timedelta(1) user.save() elif user: # A user exists, but the login key is not valid anymore. Send the user a new one. user.ensure_valid_login_key() EmailTemplate.send_login_url_to_user(user) messages.warning(request, _("The login URL is not valid anymore. We sent you a new one to your email address.")) else: messages.warning(request, _("Invalid login URL. Please request a new one below.")) return redirect('evaluation:index')
def index(request): """Main entry page into EvaP providing all the login options available. The OpenID login is thought to be used for internal users. The login key mechanism is meant to be used to include external participants, e.g. visiting students or visiting contributors. A login with email and password is available if OpenID is deactivated. """ # parse the form data into the respective form submit_type = request.POST.get("submit_type", "no_submit") new_key_form = NewKeyForm(request.POST if submit_type == "new_key" else None) login_email_form = LoginEmailForm( request, request.POST if submit_type == "login_email" else None) # process form data if request.method == 'POST': if new_key_form.is_valid(): # user wants a new login key profile = new_key_form.get_user() profile.ensure_valid_login_key() profile.save() EmailTemplate.send_login_url_to_user(new_key_form.get_user()) messages.success( request, _("We sent you an email with a one-time login URL. Please check your inbox." )) return redirect('evaluation:index') if login_email_form.is_valid(): # user would like to login with email and password and passed password test auth.login(request, login_email_form.get_user()) # clean up our test cookie if request.session.test_cookie_worked(): request.session.delete_test_cookie() return redirect('evaluation:index') # if not logged in by now, render form if not request.user.is_authenticated: # set test cookie to verify whether they work in the next step request.session.set_test_cookie() template_data = dict( new_key_form=new_key_form, login_email_form=login_email_form, openid_active=settings.ACTIVATE_OPEN_ID_LOGIN, ) return render(request, "index.html", template_data) # the cached navbar might contain CSRF tokens that are invalid after a new login delete_navbar_cache_for_users([request.user]) # check for redirect variable redirect_to = request.GET.get("next", None) if redirect_to is not None: return redirect(redirect_to) return redirect_user_to_start_page(request.user)
def process_request(self, request): # AuthenticationMiddleware is required so that request.user exists. if not hasattr(request, 'user'): raise ImproperlyConfigured( "The Django remote user auth middleware requires the" " authentication middleware to be installed. Edit your" " MIDDLEWARE_CLASSES setting to insert" " 'django.contrib.auth.middleware.AuthenticationMiddleware'" " before the RequestAuthMiddleware class.") try: key = int(request.GET[self.field_name]) except (KeyError, ValueError): # If specified variable doesn't exist or does not convert to an int # then return (leaving request.user set to AnonymousUser by the # AuthenticationMiddleware). return # We are seeing this user for the first time in this session, attempt to authenticate the user. user = auth.authenticate(request, key=key) if user and not user.is_active: messages.error(request, _("Inactive users are not allowed to login.")) return # If we already have an authenticated user don't try to login a new user. Show an error message if another user # tries to login with a URL in this situation. if request.user.is_authenticated: if user != request.user: messages.error( request, _("Another user is currently logged in. Please logout first and then use the login URL again." )) return if user and user.login_key_valid_until >= date.today(): # User is valid. Set request.user and persist user in the session by logging the user in. request.user = user auth.login(request, user) messages.success(request, _("Logged in as %s.") % user.full_name) # Invalidate the login key, but keep it stored so we can later identify the user that is trying to login and send a new link user.login_key_valid_until = date.today() - timedelta(1) user.save() elif user: # A user exists, but the login key is not valid anymore. Send the user a new one. user.ensure_valid_login_key() EmailTemplate.send_login_url_to_user(user) messages.warning( request, _("The login URL is not valid anymore. We sent you a new one to your email address." )) else: messages.warning( request, _("Invalid login URL. Please request a new one below."))
def process_request(self, request): # AuthenticationMiddleware is required so that request.user exists. if not hasattr(request, 'user'): raise ImproperlyConfigured( "The Django remote user auth middleware requires the" " authentication middleware to be installed. Edit your" " MIDDLEWARE_CLASSES setting to insert" " 'django.contrib.auth.middleware.AuthenticationMiddleware'" " before the RequestAuthMiddleware class.") try: key = int(request.GET[self.field_name]) except (KeyError, ValueError): # If specified variable doesn't exist or does not convert to an int # then return (leaving request.user set to AnonymousUser by the # AuthenticationMiddleware). return # We are seeing this user for the first time in this session, attempt to authenticate the user. user = auth.authenticate(request, key=key) if user and not user.is_active: messages.error(request, _("Inactive users are not allowed to login.")) return # If we already have an authenticated user don't try to login a new user. Show an error message if another user # tries to login with a URL in this situation. if request.user.is_authenticated: if user != request.user: messages.error(request, _("Another user is currently logged in. Please logout first and then use the login URL again.")) return if user and user.login_key_valid_until >= date.today(): # User is valid. Set request.user and persist user in the session by logging the user in. request.user = user auth.login(request, user) messages.success(request, _("Logged in as %s.") % user.full_name) # Invalidate the login key, but keep it stored so we can later identify the user that is trying to login and send a new link user.login_key_valid_until = date.today() - timedelta(1) user.save() elif user: # A user exists, but the login key is not valid anymore. Send the user a new one. user.ensure_valid_login_key() EmailTemplate.send_login_url_to_user(user) messages.warning(request, _("The login URL is not valid anymore. We sent you a new one to your email address.")) else: messages.warning(request, _("Invalid login URL. Please request a new one below."))