def loginuser(request): """ Renders the user login page(main page).""" # ensure that the request is valid, otherwise raise assert isinstance(request, HttpRequest) # if we go to the main page, we need to ensure # we log out the user for security reasons. logout(request) # override the form object with our custom one authbackend = UserAuthBackend() authForm = RegisterUserAuthenticationForm() # the user has submitted the form. if request.method == 'POST': email = request.POST['email'] # verify if user is valid user = authbackend.get_user(email) userSalt = authbackend.get_user_salt(email) if userSalt != '': return render( request, 'app/loginverify.html', context_instance = RequestContext(request, { # pass all required variables to the login verify form 'title':'Enter your Password.', 'form': authForm, # for the copyright note in the footer 'year': date.today().year, 'salt' : userSalt, 'email' : email }) ) return render( request, 'app/loginuser.html', context_instance = RequestContext(request, { 'title':'Welcome To CryptoStorage. Please Log In', # override the value of form 'form': authForm, # for the copyright note in the footer 'year': date.today().year }) )
def authenticate(self,request): """ check validation of user authentication """ # fetch data from the post email = request.POST['email'] generated_hash = request.POST['hash'] data_returned = {'user': None, 'error':''} # our custom authentication authbackend = UserAuthBackend() user = authbackend.get_user(email) if user is not None: if authbackend.confirm_login_allowed(user): if authbackend.authenticate_hash(email=email,generatedHash=generated_hash): # authenticated successfully. data_returned['user'] = user else: data_returned['error'] = 'The user and password do not match' else: data_returned['error'] = 'The user is locked for security reasons. ' \ 'Please contact customer service.' else: data_returned['error'] = 'The user and password do not match' return data_returned