Пример #1
0
def loginPost(handler, p_username, p_password, p_verification, p_redir):
	def die(msg):
		print ErrorBox("Login Failed", msg)
		print LoginBox(p_redir)
		done()

	def badCredentials():
		die("Invalid username/password/code combination")

	handler.title('Login')
	user = User.load(username = p_username)

	if not user:
		Event.login(handler, None, False, "Failed login for %s (bad username)" % p_username)
		badCredentials()

	if not checkPassword(user, p_password):
		Event.login(handler, None, False, "Failed login for %s (bad password)" % p_username)
		badCredentials()

	if user.hotpKey != '' and (p_verification == '' or p_verification not in code(user.hotpKey)):
		Event.login(handler, None, False, "Failed login for %s (bad code)" % p_username)
		badCredentials()

	if not user.hasPrivilege('User'):
		Event.login(handler, user, False, "Account disabled")
		die("Your account has been disabled")

	if user.resetkey:
		user.resetkey = None
		user.save()

	handler.session['user'] = user
	handler.session.remember('user')
	Event.login(handler, user, True)
	redirect(p_redir)