def login(request, template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
if request.REQUEST.get('captcha_0', '') != '':
# have captcha
form = CaptchaAuthenticationForm(data=request.POST)
if form.is_valid():
# captcha & passwod is valid, log user in
return log_user_in(request, form.get_user(), redirect_to)
# else:
# show page with captcha
else:
form = authentication_form(data=request.POST)
if form.is_valid():
# password is valid, log user in
return log_user_in(request, form.get_user(), redirect_to)
else:
username = request.REQUEST.get('username', '')
failed_attempt = cache.get(LOGIN_ATTEMPT_PREFIX+username, 1)
if failed_attempt >= settings.LOGIN_ATTEMPT_LIMIT:
form = CaptchaAuthenticationForm()
else:
failed_attempt += 1
cache.set(LOGIN_ATTEMPT_PREFIX+username, failed_attempt,
settings.LOGIN_ATTEMPT_TIMEOUT)
form = authentication_form(data=request.POST)
else:
### GET
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
}, context_instance=RequestContext(request))
def login(request, template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
if request.REQUEST.get('captcha_0', '') != '':
# have captcha
form = CaptchaAuthenticationForm(data=request.POST)
if form.is_valid():
# captcha & passwod is valid, log user in
remember_me = True if request.REQUEST.get(
'remember_me', '') == 'on' else False
request.session['remember_me'] = remember_me
return log_user_in(request, form.get_user(), redirect_to)
# else:
# show page with captcha
else:
form = authentication_form(data=request.POST)
if form.is_valid():
# password is valid, log user in
remember_me = True if request.REQUEST.get(
'remember_me', '') == 'on' else False
request.session['remember_me'] = remember_me
return log_user_in(request, form.get_user(), redirect_to)
else:
username = urlquote(request.REQUEST.get('username', '').strip())
failed_attempt = cache.get(LOGIN_ATTEMPT_PREFIX+username, 1)
if failed_attempt >= settings.LOGIN_ATTEMPT_LIMIT:
form = CaptchaAuthenticationForm()
else:
failed_attempt += 1
cache.set(LOGIN_ATTEMPT_PREFIX+username, failed_attempt,
settings.LOGIN_ATTEMPT_TIMEOUT)
form = authentication_form(data=request.POST)
else:
### GET
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
'remember_days': settings.LOGIN_REMEMBER_DAYS,
}, context_instance=RequestContext(request))
def login(request,
template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, '')
ip = get_remote_ip(request)
if request.method == "POST":
login = urlquote(request.REQUEST.get('login', '').strip())
failed_attempt = _get_login_failed_attempts(username=login, ip=ip)
remember_me = True if request.REQUEST.get('remember_me',
'') == 'on' else False
# check the form
used_captcha_already = False
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
form = CaptchaAuthenticationForm(data=request.POST)
used_captcha_already = True
else:
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
# form is invalid
user_logged_in_failed.send(sender=None, request=request)
failed_attempt = _incr_login_failed_attempts(username=login, ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
# log user in if password is valid otherwise freeze account
logger.warn(
'Login attempt limit reached, try freeze the user, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
login = request.REQUEST.get('login', '')
email = Profile.objects.get_username_by_login_id(login)
if email is None:
email = login
try:
user = User.objects.get(email)
if user.is_active:
user.freeze_user(notify_admins=True)
logger.warn(
'Login attempt limit reached, freeze the user email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
except User.DoesNotExist:
logger.warn(
'Login attempt limit reached with invalid email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
pass
form.errors['freeze_account'] = _(
'This account has been frozen due to too many failed login attempts.'
)
else:
# use a new form with Captcha
logger.warn(
'Login attempt limit reached, show Captcha, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
if not used_captcha_already:
form = CaptchaAuthenticationForm()
else:
### GET
failed_attempt = _get_login_failed_attempts(ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form()
else:
logger.warn(
'Login attempt limit reached, show Captcha, ip: %s, attempts: %d'
% (ip, failed_attempt))
form = CaptchaAuthenticationForm()
else:
form = authentication_form()
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
multi_tenancy = getattr(settings, 'MULTI_TENANCY', False)
if config.ENABLE_SIGNUP:
if multi_tenancy:
org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False)
if org_account_only:
signup_url = reverse('org_register')
else:
signup_url = reverse('choose_register')
else:
signup_url = reverse('registration_register')
else:
signup_url = ''
enable_shib_login = getattr(settings, 'ENABLE_SHIB_LOGIN', False)
enable_krb5_login = getattr(settings, 'ENABLE_KRB5_LOGIN', False)
enable_adfs_login = getattr(settings, 'ENABLE_ADFS_LOGIN', False)
login_bg_image_path = LOGIN_BG_IMAGE_PATH
# get path that background image of login page
custom_login_bg_image_file = os.path.join(MEDIA_ROOT,
CUSTOM_LOGIN_BG_IMAGE_PATH)
if os.path.exists(custom_login_bg_image_file):
login_bg_image_path = CUSTOM_LOGIN_BG_IMAGE_PATH
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
'remember_days': config.LOGIN_REMEMBER_DAYS,
'signup_url': signup_url,
'enable_shib_login': enable_shib_login,
'enable_krb5_login': enable_krb5_login,
'enable_adfs_login': enable_adfs_login,
'login_bg_image_path': login_bg_image_path,
},
context_instance=RequestContext(request))
def login(request, template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, '')
ip = get_remote_ip(request)
failed_attempt = _get_login_failed_attempts(ip=ip)
if request.method == "POST":
username = urlquote(request.REQUEST.get('username', '').strip())
remember_me = True if request.REQUEST.get('remember_me',
'') == 'on' else False
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
# log user in if password is valid otherwise freeze account
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
else:
# freeze user account anyway
login = request.REQUEST.get('login', '')
email = Profile.objects.get_username_by_login_id(login)
if email is None:
email = login
try:
user = User.objects.get(email)
if user.is_active:
user.freeze_user(notify_admins=True)
except User.DoesNotExist:
pass
form.errors['freeze_account'] = _('This account has been frozen due to too many failed login attempts.')
else:
# log user in if password is valid otherwise show captcha
form = CaptchaAuthenticationForm(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
else:
# show page with captcha and increase failed login attempts
_incr_login_faied_attempts(username=username, ip=ip)
else:
# login failed attempts < limit
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
else:
# increase failed attempts
login = urlquote(request.REQUEST.get('login', '').strip())
failed_attempt = _incr_login_faied_attempts(username=login,
ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
logger.warn('Login attempt limit reached, email/username: %s, ip: %s, attemps: %d' %
(login, ip, failed_attempt))
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
form = CaptchaAuthenticationForm()
else:
form = authentication_form(data=request.POST)
else:
### GET
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
logger.warn('Login attempt limit reached, ip: %s, attempts: %d' %
(ip, failed_attempt))
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
form = CaptchaAuthenticationForm()
else:
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
multi_tenancy = getattr(settings, 'MULTI_TENANCY', False)
if config.ENABLE_SIGNUP:
if multi_tenancy:
org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False)
if org_account_only:
signup_url = reverse('org_register')
else:
signup_url = reverse('choose_register')
else:
signup_url = reverse('registration_register')
else:
signup_url = ''
enable_shib_login = getattr(settings, 'ENABLE_SHIB_LOGIN', False)
enable_krb5_login = getattr(settings, 'ENABLE_KRB5_LOGIN', False)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
'remember_days': config.LOGIN_REMEMBER_DAYS,
'signup_url': signup_url,
'enable_shib_login': enable_shib_login,
'enable_krb5_login': enable_krb5_login,
}, context_instance=RequestContext(request))
def login(
request,
template_name="registration/login.html",
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm,
):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, "")
ip = get_remote_ip(request)
if request.method == "POST":
login = urlquote(request.REQUEST.get("login", "").strip())
failed_attempt = _get_login_failed_attempts(username=login, ip=ip)
remember_me = True if request.REQUEST.get("remember_me", "") == "on" else False
# check the form
used_captcha_already = False
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
form = CaptchaAuthenticationForm(data=request.POST)
used_captcha_already = True
else:
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(), redirect_to, remember_me)
# form is invalid
failed_attempt = _incr_login_failed_attempts(username=login, ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
# log user in if password is valid otherwise freeze account
logger.warn(
"Login attempt limit reached, try freeze the user, email/username: %s, ip: %s, attemps: %d"
% (login, ip, failed_attempt)
)
login = request.REQUEST.get("login", "")
email = Profile.objects.get_username_by_login_id(login)
if email is None:
email = login
try:
user = User.objects.get(email)
if user.is_active:
user.freeze_user(notify_admins=True)
logger.warn(
"Login attempt limit reached, freeze the user email/username: %s, ip: %s, attemps: %d"
% (login, ip, failed_attempt)
)
except User.DoesNotExist:
logger.warn(
"Login attempt limit reached with invalid email/username: %s, ip: %s, attemps: %d"
% (login, ip, failed_attempt)
)
pass
form.errors["freeze_account"] = _("This account has been frozen due to too many failed login attempts.")
else:
# use a new form with Captcha
logger.warn(
"Login attempt limit reached, show Captcha, email/username: %s, ip: %s, attemps: %d"
% (login, ip, failed_attempt)
)
if not used_captcha_already:
form = CaptchaAuthenticationForm()
else:
### GET
failed_attempt = _get_login_failed_attempts(ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form()
else:
logger.warn("Login attempt limit reached, show Captcha, ip: %s, attempts: %d" % (ip, failed_attempt))
form = CaptchaAuthenticationForm()
else:
form = authentication_form()
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
multi_tenancy = getattr(settings, "MULTI_TENANCY", False)
if config.ENABLE_SIGNUP:
if multi_tenancy:
org_account_only = getattr(settings, "FORCE_ORG_REGISTER", False)
if org_account_only:
signup_url = reverse("org_register")
else:
signup_url = reverse("choose_register")
else:
signup_url = reverse("registration_register")
else:
signup_url = ""
enable_shib_login = getattr(settings, "ENABLE_SHIB_LOGIN", False)
enable_krb5_login = getattr(settings, "ENABLE_KRB5_LOGIN", False)
return render_to_response(
template_name,
{
"form": form,
redirect_field_name: redirect_to,
"site": current_site,
"site_name": current_site.name,
"remember_days": config.LOGIN_REMEMBER_DAYS,
"signup_url": signup_url,
"enable_shib_login": enable_shib_login,
"enable_krb5_login": enable_krb5_login,
},
context_instance=RequestContext(request),
)
def login(request,
template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, '')
ip = get_remote_ip(request)
failed_attempt = _get_login_failed_attempts(ip=ip)
if request.method == "POST":
username = urlquote(request.REQUEST.get('username', '').strip())
remember_me = True if request.REQUEST.get('remember_me',
'') == 'on' else False
if failed_attempt >= settings.LOGIN_ATTEMPT_LIMIT:
# have captcha
form = CaptchaAuthenticationForm(data=request.POST)
if form.is_valid():
if UserOptions.objects.passwd_change_required(
form.get_user().username):
redirect_to = reverse('auth_password_change')
request.session['force_passwd_change'] = True
# captcha & passwod is valid, log user in
request.session['remember_me'] = remember_me
return log_user_in(request, form.get_user(), redirect_to)
else:
# show page with captcha and increase failed login attempts
_incr_login_faied_attempts(username=username, ip=ip)
else:
form = authentication_form(data=request.POST)
if form.is_valid():
if UserOptions.objects.passwd_change_required(
form.get_user().username):
redirect_to = reverse('auth_password_change')
request.session['force_passwd_change'] = True
# password is valid, log user in
request.session['remember_me'] = remember_me
return log_user_in(request, form.get_user(), redirect_to)
else:
login = urlquote(request.REQUEST.get('login', '').strip())
failed_attempt = _incr_login_faied_attempts(username=login,
ip=ip)
if failed_attempt >= settings.LOGIN_ATTEMPT_LIMIT:
logger.warn(
'Login attempt limit reached, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
form = CaptchaAuthenticationForm()
else:
form = authentication_form(data=request.POST)
else:
### GET
if failed_attempt >= settings.LOGIN_ATTEMPT_LIMIT:
logger.warn('Login attempt limit reached, ip: %s, attempts: %d' %
(ip, failed_attempt))
form = CaptchaAuthenticationForm(request)
else:
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
multi_tenancy = getattr(settings, 'MULTI_TENANCY', False)
if config.ENABLE_SIGNUP:
if multi_tenancy:
org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False)
if org_account_only:
signup_url = reverse('org_register')
else:
signup_url = reverse('choose_register')
else:
signup_url = reverse('registration_register')
else:
signup_url = ''
enable_shib_login = getattr(settings, 'ENABLE_SHIB_LOGIN', False)
enable_krb5_login = getattr(settings, 'ENABLE_KRB5_LOGIN', False)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
'remember_days': config.LOGIN_REMEMBER_DAYS,
'signup_url': signup_url,
'enable_shib_login': enable_shib_login,
'enable_krb5_login': enable_krb5_login,
},
context_instance=RequestContext(request))
def login(request, template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, '')
ip = get_remote_ip(request)
if request.method == "POST":
if request.REQUEST.get('captcha_0', '') != '':
# have captcha
form = CaptchaAuthenticationForm(data=request.POST)
if form.is_valid():
# captcha & passwod is valid, log user in
remember_me = True if request.REQUEST.get(
'remember_me', '') == 'on' else False
request.session['remember_me'] = remember_me
return log_user_in(request, form.get_user(), redirect_to)
else:
# show page with captcha and increase failed login attempts
_incr_login_faied_attempts(ip=ip)
else:
form = authentication_form(data=request.POST)
if form.is_valid():
# password is valid, log user in
remember_me = True if request.REQUEST.get(
'remember_me', '') == 'on' else False
request.session['remember_me'] = remember_me
return log_user_in(request, form.get_user(), redirect_to)
else:
username = urlquote(request.REQUEST.get('username', '').strip())
failed_attempt = _incr_login_faied_attempts(username=username,
ip=ip)
if failed_attempt >= settings.LOGIN_ATTEMPT_LIMIT:
logger.warn('Login attempt limit reached, username: %s, ip: %s, attemps: %d' %
(username, ip, failed_attempt))
form = CaptchaAuthenticationForm()
else:
form = authentication_form(data=request.POST)
else:
### GET
failed_attempt = _get_login_failed_attempts(ip=ip)
if failed_attempt >= settings.LOGIN_ATTEMPT_LIMIT:
logger.warn('Login attempt limit reached, ip: %s, attempts: %d' %
(ip, failed_attempt))
form = CaptchaAuthenticationForm(request)
else:
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
enable_signup = getattr(settings, 'ENABLE_SIGNUP', False)
multi_tenancy = getattr(settings, 'MULTI_TENANCY', False)
if enable_signup:
if multi_tenancy:
signup_url = reverse('choose_register')
else:
signup_url = reverse('registration_register')
else:
signup_url = ''
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
'remember_days': settings.LOGIN_REMEMBER_DAYS,
'signup_url': signup_url,
}, context_instance=RequestContext(request))
def login(request,
template_name='registration/login.html',
redirect_if_logged_in='libraries',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
redirect_to = request.GET.get(redirect_field_name, '')
if request.user.is_authenticated():
if redirect_to:
return HttpResponseRedirect(redirect_to)
else:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
ip = get_remote_ip(request)
if request.method == "POST":
login = request.POST.get('login', '').strip()
failed_attempt = get_login_failed_attempts(username=login, ip=ip)
remember_me = True if request.POST.get('remember_me',
'') == 'on' else False
redirect_to = request.POST.get(redirect_field_name, '') or redirect_to
# check the form
used_captcha_already = False
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
form = CaptchaAuthenticationForm(data=request.POST)
used_captcha_already = True
else:
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
# form is invalid
user_logged_in_failed.send(sender=None, request=request)
failed_attempt = incr_login_failed_attempts(username=login, ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
# log user in if password is valid otherwise freeze account
logger.warn(
'Login attempt limit reached, try freeze the user, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
email = Profile.objects.get_username_by_login_id(login)
if email is None:
email = login
try:
user = User.objects.get(email)
if user.is_active:
user.freeze_user(notify_admins=True)
logger.warn(
'Login attempt limit reached, freeze the user email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
except User.DoesNotExist:
logger.warn(
'Login attempt limit reached with invalid email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
pass
form.errors['freeze_account'] = _(
'This account has been frozen due to too many failed login attempts.'
)
else:
# use a new form with Captcha
logger.warn(
'Login attempt limit reached, show Captcha, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
if not used_captcha_already:
form = CaptchaAuthenticationForm()
else:
### GET
failed_attempt = get_login_failed_attempts(ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form()
else:
logger.warn(
'Login attempt limit reached, show Captcha, ip: %s, attempts: %d'
% (ip, failed_attempt))
form = CaptchaAuthenticationForm()
else:
form = authentication_form()
request.session.set_test_cookie()
current_site = get_current_site(request)
multi_tenancy = getattr(settings, 'MULTI_TENANCY', False)
if config.ENABLE_SIGNUP:
if multi_tenancy:
org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False)
if org_account_only:
signup_url = reverse('org_register')
else:
signup_url = reverse('choose_register')
else:
signup_url = reverse('registration_register')
else:
signup_url = ''
enable_sso = getattr(settings, 'ENABLE_SHIB_LOGIN', False) or \
getattr(settings, 'ENABLE_KRB5_LOGIN', False) or \
getattr(settings, 'ENABLE_ADFS_LOGIN', False) or \
getattr(settings, 'ENABLE_OAUTH', False) or \
getattr(settings, 'ENABLE_CAS', False) or \
getattr(settings, 'ENABLE_REMOTE_USER_AUTHENTICATION', False) or \
getattr(settings, 'ENABLE_WORK_WEIXIN', False)
login_bg_image_path = get_login_bg_image_path()
return render(
request, template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': get_site_name(),
'remember_days': config.LOGIN_REMEMBER_DAYS,
'signup_url': signup_url,
'enable_sso': enable_sso,
'login_bg_image_path': login_bg_image_path,
})
def login(request,
template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.REQUEST.get(redirect_field_name, '')
ip = get_remote_ip(request)
failed_attempt = _get_login_failed_attempts(ip=ip)
if request.method == "POST":
username = urlquote(request.REQUEST.get('username', '').strip())
remember_me = True if request.REQUEST.get('remember_me',
'') == 'on' else False
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
# log user in if password is valid otherwise freeze account
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
else:
# freeze user account anyway
login = request.REQUEST.get('login', '')
email = Profile.objects.get_username_by_login_id(login)
if email is None:
email = login
try:
user = User.objects.get(email)
if user.is_active:
user.freeze_user(notify_admins=True)
except User.DoesNotExist:
pass
form.errors['freeze_account'] = _(
'This account has been frozen due to too many failed login attempts.'
)
else:
# log user in if password is valid otherwise show captcha
form = CaptchaAuthenticationForm(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
else:
# show page with captcha and increase failed login attempts
_incr_login_faied_attempts(username=username, ip=ip)
else:
# login failed attempts < limit
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
else:
# increase failed attempts
login = urlquote(request.REQUEST.get('login', '').strip())
failed_attempt = _incr_login_faied_attempts(username=login,
ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
logger.warn(
'Login attempt limit reached, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
form = CaptchaAuthenticationForm()
else:
form = authentication_form(data=request.POST)
else:
### GET
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
logger.warn('Login attempt limit reached, ip: %s, attempts: %d' %
(ip, failed_attempt))
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
form = CaptchaAuthenticationForm()
else:
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
multi_tenancy = getattr(settings, 'MULTI_TENANCY', False)
if config.ENABLE_SIGNUP:
if multi_tenancy:
org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False)
if org_account_only:
signup_url = reverse('org_register')
else:
signup_url = reverse('choose_register')
else:
signup_url = reverse('registration_register')
else:
signup_url = ''
enable_shib_login = getattr(settings, 'ENABLE_SHIB_LOGIN', False)
enable_krb5_login = getattr(settings, 'ENABLE_KRB5_LOGIN', False)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
'remember_days': config.LOGIN_REMEMBER_DAYS,
'signup_url': signup_url,
'enable_shib_login': enable_shib_login,
'enable_krb5_login': enable_krb5_login,
},
context_instance=RequestContext(request))
