def login(self):
login_url = self.request.route_url("login")
referrer = self.request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = self.request.params.get('came_from', referrer)
message = ''
username = ''
password = ''
form = LoginView.Form(self.request.POST)
if self.request.method == 'POST' and form.validate():
username = form.username.data
password = hash_password(form.password.data)
if User.exist(username) and User.by_username(username).password == password:
headers = remember(self.request, username)
return HTTPFound(location=came_from, headers=headers)
message = "Failed login"
return dict(
message=message,
url=self.request.route_url('login'),
came_from=came_from,
form=form,
logged_in=authenticated_userid(self.request),
)
def groupfinder(username, request):
log.debug('username: %s' % (username))
if User.exist(username):
user = User.by_username(username)
return ['group:%s' % (group.group.name) for group in user.groups ]
