def get(self, request, *args, **kwargs): #what does a get do here? s = SessionStore() s['last_login'] = DateTools.getNowAsString() s['userid'] = 1 #this should be set to the user id returned from authentication s.save() response = s.session_key + " | Last_login: " + s['last_login'] return HttpResponse(response)
def post(self, request, *args, **kwargs):
# contType = "content_type='application/json'"
# Make sure we're dealing with AJAX request
if not request.is_ajax():
return HttpJsonReponseBadRequest('Expected an XMLHttpRequest')
# Parse data from JSON
try:
data = json.loads(request.body.decode("utf-8"))
except:
logger.warning(GeneralTools.getExceptionInfo(sys.exc_info()))
return ApiTools.HttpJsonReponseBadRequest(GeneralTools.getExceptionInfo(sys.exc_info()))
logger.warning(data)
# return ApiTools.HttpJsonReponse('500', request.body);
username = data.get('user','')
if(username == ''):
return ApiTools.HttpJsonReponseMissingParameter('A username must be supplied')
#how are we passing password? I know not flattext but I wonder how we handle logging in here.
password = data.get('password','')
if(password == ''):
return ApiTools.HttpJsonReponseMissingParameter('A password must be supplied')
user = authenticate(username=username, password=password)
# If username/password combo is invalid it returns 'None'
if user is not None:
if user.is_active:
#do we want to redirect to another page here or just return a session and have the UI handle it?
login(request, user)
s = SessionStore()
s['last_login'] = DateTools.getNowAsString()
s['userid'] = user.username
s.save()
return ApiTools.HttpJsonReponse('Login successful!')
else:
# Will we ever have inactive users?
return ApiTools.HttpJsonReponseUnauthorized('Inactive user')
else:
return ApiTools.HttpJsonReponseUnauthorized('Invalid username or password')
