def login(request):
"""
Login view
"""
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if form.is_valid():
user = authenticate(email=request.POST['email'],
password=request.POST['password'])
if user is not None:
if user.is_active:
django_login(request, user)
return redirect('/')
else:
return redirect('/')
#: if form is invalid, would rather flash an error message on login page...
#message = request.session['message'] = 'Hello view2!'
#return render_to_response('accounts/login.html', {
#'form': form,
#'message': message,
#}, context_instance=RequestContext(request))
else:
form = AuthenticationForm()
return render_to_response('auth/login.html', {
'form': form,
},
context_instance=RequestContext(request))
def home():
project_form = ProjectForm()
auth_form = AuthenticationForm()
return render_template("home.html",
project_form=project_form,
auth_form=auth_form,
session=session)
def login(request,
template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME):
"Displays the login form and handles the login action."
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
form = AuthenticationForm(request=request, data=request.POST)
if form.is_valid():
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
#from django.contrib.auth import login
from auth import login
login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
form = AuthenticationForm(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
from django.template import loader
from bidding.views import my_render
t = loader.get_template(template_name)
c = RequestContext(
request, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
})
block_login = (t.render(c))
return HttpResponse(
my_render(
request, {
'form_login': block_login,
'page_title': 'Login',
'page_description': 'Login'
}, 'login'))
def submit_policy_authentication():
form = AuthenticationForm(csrf_enabled=False)
if form.validate_on_submit():
patient_id = form.identifier.data
redirected_url = '/patient/' + patient_id
return redirect(redirected_url)
return render_template('authentication.html',form=form)
def LoginUser(request):
if request.method=='POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
return render(request, 'login/main.html', {})
else:
return render(request, 'login/start.html', {})
else:
form = AuthenticationForm()
return render(request, 'login/login.html', {'form':form})
def signup():
form = AuthenticationForm()
if request.method == 'GET':
return render_template('signup.html', form=form)
user = User(username=request.form['username'],
password=request.form['password'])
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('dashboard'))
def index():
form = AuthenticationForm()
if request.method == 'GET':
return render_template('index.html', form=form)
username = request.form['username']
password = request.form['password']
registered_user = User.query.filter_by(username=username, password=password).first()
if registered_user is None:
flash('Username or Password is invalid', 'error')
return redirect(url_for('index'))
login_user(registered_user)
return redirect(url_for('dashboard'))
def authenticate(project_id=None):
"""Authentication form"""
form = AuthenticationForm()
if not form.id.data and request.args.get('project_id'):
form.id.data = request.args['project_id']
project_id = form.id.data
if project_id is None:
#User doesn't provide project identifier, return to authenticate form
msg = _("You need to enter a project identifier")
form.errors["id"] = [msg]
return render_template("authenticate.html", form=form)
else:
project = Project.query.get(project_id)
create_project = False # We don't want to create the project by default
if not project:
# But if the user try to connect to an unexisting project, we will
# propose him a link to the creation form.
if request.method == "POST":
form.validate()
else:
create_project = project_id
else:
# if credentials are already in session, redirect
if project_id in session and project.password == session[project_id]:
setattr(g, 'project', project)
return redirect(url_for(".list_bills"))
# else process the form
if request.method == "POST":
if form.validate():
if not form.password.data == project.password:
msg = _("This private code is not the right one")
form.errors['password'] = [msg]
else:
# maintain a list of visited projects
if "projects" not in session:
session["projects"] = []
# add the project on the top of the list
session["projects"].insert(0, (project_id, project.name))
session[project_id] = form.password.data
session.update()
setattr(g, 'project', project)
return redirect(url_for(".list_bills"))
return render_template("authenticate.html",
form=form,
create_project=create_project)
def accounts(request):
login_form = AuthenticationForm()
return {'login_form': login_form}
def authorize(request):
result = get_environment(request)
result.update(csrf(request))
# 验证是否为登录表单
# TODO 当系统有初始化、登录以外的入口时,此处需要改进(SunFulong@2014-1-7)
form = AuthenticationForm(request.POST)
# 非登录表单,返回登录画面
if not form.is_valid():
# 验证应用端身份
form, client = verify_client(request.REQUEST)
if issubclass(form.__class__, HttpResponse):
return form
result.update({'name': client.name})
request.session.set_expiry(0)
request.session.update(form.cleaned_data)
return render_to_response('oauth/authorize.html', result)
# 是登录表单,进行相关验证
else:
action = form.cleaned_data['action']
username = form.cleaned_data['username']
domain = form.cleaned_data['domain']
password = form.cleaned_data['password']
# 验证应用端身份
form, client = verify_client(request.REQUEST)
if issubclass(form.__class__, HttpResponse):
return form
result.update({'name': client.name})
response_type = form.cleaned_data['response_type']
client_id = form.cleaned_data['client_id']
redirect_uri = request.session['redirect_uri']
scope = request.session['scope']
state = request.session['state']
# 处理code请求
if response_type == 'code':
# 处理登录以外的请求
if not action.lower() == 'login'.lower():
return callback_client(redirect_uri + '?error=access_denied',
state)
# 验证表单合法性
if not username or not domain or not password:
result.update({'error': '请输入邮箱地址及密码'})
return render_to_response('oauth/authorize.html', result)
# 验证用户合法性
user = authenticate(email=username + '@' + domain,
password=password)
if not user:
result.update({'error': '邮箱地址或密码错误,请重新输入'})
return render_to_response('oauth/authorize.html', result)
# 生成code
code = AuthorizationCode(client=client,
user=user,
redirect_uri=redirect_uri,
expire_time=datetime.datetime.now() +
datetime.timedelta(minutes=10))
code.save()
return callback_client(
redirect_uri + '?code=' +
urlsafe_base64_encode(code.code.bytes), state)
else:
return callback_client(
redirect_uri + '?error=unsupported_response_type', state), None
