def login_login(request): redirect_to = request.REQUEST.get('redirect_to', '/') redirect_to = clean.redirect_to(redirect_to) if request.POST: try: login = request.POST.get('log', None) password = request.POST.get('pwd', None) rememberme = request.POST.get('rememberme', None) # TODO validate current_user = user.lookup_user_by_login(login, password) if current_user: if redirect_to == '/': redirect_to = current_user.url('/overview') # Attempt to do some cleanup on the user if necessary api.user_cleanup(api.ROOT, current_user.nick) # if we aren't hosted or aren't ssl just set the cookie and go home if (not settings.HOSTED_DOMAIN_ENABLED or not settings.SSL_LOGIN_ENABLED): response = http.HttpResponseRedirect(redirect_to) response = user.set_user_cookie(response, current_user, rememberme) return response # otherwise, we're going to have to redirect to set the cookie on # the proper domain sso_token = util.generate_uuid() cache.set('sso/%s' % sso_token, (current_user.nick, rememberme), timeout=10) sso_url = 'http://%s/login/noreally' % (settings.DOMAIN) sso_url = util.qsa(sso_url, { 'redirect_to': redirect_to, 'sso_token': sso_token }) return http.HttpResponseRedirect(sso_url) else: raise exception.ValidationError("Invalid username or password") except: exception.handle_exception(request) if request.user: if redirect_to == '/': redirect_to = request.user.url('/overview') return http.HttpResponseRedirect(redirect_to) c = template.RequestContext(request, locals()) t = loader.get_template('login/templates/login.html') return http.HttpResponse(t.render(c))
def login_login(request): redirect_to = request.REQUEST.get('redirect_to', '/') redirect_to = clean.redirect_to(redirect_to) if request.POST: try: login = request.POST.get('log', None) password = request.POST.get('pwd', None) rememberme = request.POST.get('rememberme', None) # TODO validate current_user = user.lookup_user_by_login(login, password) if current_user: if redirect_to == '/': redirect_to = current_user.url('/overview') # Attempt to do some cleanup on the user if necessary api.user_cleanup(api.ROOT, current_user.nick) # if we aren't hosted or aren't ssl just set the cookie and go home if (not settings.HOSTED_DOMAIN_ENABLED or not settings.SSL_LOGIN_ENABLED): response = http.HttpResponseRedirect(redirect_to) response = user.set_user_cookie(response, current_user, rememberme) return response # otherwise, we're going to have to redirect to set the cookie on # the proper domain sso_token = util.generate_uuid() cache.set('sso/%s' % sso_token, (current_user.nick, rememberme), timeout=10) sso_url = 'http://%s/login/noreally' % (settings.DOMAIN) sso_url = util.qsa( sso_url, {'redirect_to': redirect_to, 'sso_token': sso_token}) return http.HttpResponseRedirect(sso_url) else: raise exception.ValidationError("Invalid username or password") except: exception.handle_exception(request) view =user.get_user_from_cookie_or_legacy_auth(request) area="login" if view: if redirect_to == '/': redirect_to = request.user.url('/overview') return http.HttpResponseRedirect(redirect_to) c = template.RequestContext(request, locals()) t = loader.get_template('login/templates/login.html') return http.HttpResponse(t.render(c))
def join_join(request): if request.user.is_authenticated(): raise exception.AlreadyLoggedInException() redirect_to = request.REQUEST.get('redirect_to', '/') # get the submitted vars nick = request.REQUEST.get('nick', ''); first_name = request.REQUEST.get('first_name', ''); last_name = request.REQUEST.get('last_name', ''); email = request.REQUEST.get('email', ''); password = request.REQUEST.get('password', ''); confirm = request.REQUEST.get('confirm', ''); hide = request.REQUEST.get('hide', ''); if request.POST: try: # TODO validate params = util.query_dict_to_keywords(request.POST) if hide: params['privacy'] = 2 validate.email(email) if not mail.is_allowed_to_send_email_to(email): raise exception.ValidationError("Cannot send email to that address") # TODO start transaction if api.actor_lookup_email(api.ROOT, email): raise exception.ValidationError( 'That email address is already associated with a member.') actor_ref = api.user_create(api.ROOT, **params) actor_ref.access_level = "delete" api.post(actor_ref, nick=actor_ref.nick, message='Joined %s!' % (settings.SITE_NAME), icon='jaiku-new-user') # send off email confirmation api.activation_request_email(actor_ref, actor_ref.nick, email) # TODO end transaction welcome_url = util.qsa('/welcome', {'redirect_to': redirect_to}) # NOTE: does not provide a flash message response = http.HttpResponseRedirect(welcome_url) current_user = user.lookup_user_by_login(actor_ref.nick, password) user.set_user_cookie(response, request, current_user) return response except: exception.handle_exception(request) # for legal section legal_component = component.include('legal', 'dummy_legal') legal_html = legal_component.embed_join() # for sidebar sidebar_green_top = True area = "join" c = template.RequestContext(request, locals()) t = loader.get_template('join.html') return http.HttpResponse(t.render(c))