def logoutview(request): if request.method == 'POST': logout(request) form = AuthenticationForm() return redirect(settings.LOGIN_URL)
def accounts(request): return render_template(request, "registration/accounts.html", None, { "createForm": UserCreationForm(), "loginForm": AuthenticationForm() })
def tracker_response(request, db=None, template='tracker/index.html', dict={}, status=200): starttime = datetime.datetime.now() database = checkdb(db) usernames = request.user.has_perm( 'tracker.view_usernames') and 'nonames' not in request.GET emails = request.user.has_perm( 'tracker.view_emails') and 'noemails' not in request.GET showtime = request.user.has_perm('tracker.show_rendertime') canfull = request.user.has_perm('tracker.view_full_list') bidtracker = request.user.has_perms([ u'tracker.change_challenge', u'tracker.delete_challenge', u'tracker.change_choiceoption', u'tracker.delete_choice', u'tracker.delete_challengebid', u'tracker.add_choiceoption', u'tracker.change_choicebid', u'tracker.add_challengebid', u'tracker.add_choice', u'tracker.add_choicebid', u'tracker.delete_choiceoption', u'tracker.delete_choicebid', u'tracker.add_challenge', u'tracker.change_choice', u'tracker.change_challengebid' ]) context = RequestContext(request) language = translation.get_language_from_request(request) translation.activate(language) request.LANGUAGE_CODE = translation.get_language() profile = None if request.user.is_authenticated(): try: profile = request.user.get_profile() except ObjectDoesNotExist: profile = UserProfile() profile.user = request.user profile.save() if profile: template = profile.prepend + template authform = AuthenticationForm(request.POST) dict.update({ 'static_url': settings.STATIC_URL, 'db': db, 'dbtitle': settings.DATABASES[database]['COMMENT'], 'usernames': usernames, 'emails': emails, 'canfull': canfull, 'bidtracker': bidtracker, 'djangoversion': dv(), 'pythonversion': pv(), 'user': request.user, 'profile': profile, 'next': request.REQUEST.get('next', request.path), 'showtime': showtime, 'starttime': starttime, 'authform': authform }) try: if request.user.username[:10] == 'openiduser': dict.setdefault('usernameform', UsernameForm()) return render(request, 'tracker/username.html', dictionary=dict) return render(request, template, dictionary=dict, status=status) except Exception, e: if request.user.is_staff and not settings.DEBUG: return HttpResponse(unicode(type(e)) + '\n\n' + unicode(e), mimetype='text/plain', status=500) raise
def login_request(request): form = AuthenticationForm() return render(request=request, template_name="main/login.html", context={"form": form})
def get(self, request): if not request.user.is_anonymous: return redirect('blog:index') form = AuthenticationForm() return render(request, 'account/login.html', {'form': form})
def test_username_field_autocapitalize_none(self): form = AuthenticationForm() self.assertEqual( form.fields['username'].widget.attrs.get('autocapitalize'), 'none')
def accounts(request): return render_to_response("registration/accounts.html", { "createForm": UserCreationForm(), "loginForm": AuthenticationForm() }, RequestContext(request))
def iniciar_sesion(request): """ Verifica las credenciales e inicia sesión el usuario :param request: :return: """ next = "" SAC_URL = settings.SAC_URL LDAP_ACTIVE = settings.LDAP_ACTIVE if request.GET: next = request.GET['next'] if request.method == 'POST': formulario = AuthenticationForm(request.POST) if formulario.is_valid: nombre_usuario = request.POST['username'] if str(nombre_usuario).find('@unl.edu.ec') < 0: nombre_usuario = nombre_usuario + '@unl.edu.ec' usuario = Usuario.objects.filter( correo_electronico_institucional=nombre_usuario).first() clave = request.POST['password'] acceso = None if usuario: if usuario.activo: if settings.LDAP_ACTIVE and usuario: if conexion_ldap.autenticar_siaaf( nombre_usuario, clave): usuario.ldap = True acceso = authenticate( correo_electronico_institucional=nombre_usuario, password=clave) else: messages.warning( request, "Las datos proporcionados no coinciden con el servidor de autenticación" ) else: acceso = authenticate( correo_electronico_institucional=nombre_usuario, password=clave) if acceso: login(request, acceso) if acceso.force_password: return HttpResponseRedirect( reverse('autenticacion:cambiar_contrasena')) elif next == "": return HttpResponseRedirect(reverse('index')) else: return HttpResponseRedirect(next) else: messages.warning( request, "Datos de acceso incorrectos. Usuario o contraseña incorrecta... " ) else: messages.warning( request, "Datos de acceso incorrectos. Usuario no está activo..." ) else: messages.warning( request, "Datos de acceso incorrectos. Usuario no existe... ") else: formulario = AuthenticationForm() return render(request, 'autenticacion/iniciar_sesion.html', locals())
def basic_login(url=''): form = AuthenticationForm() return {'form': form, 'url': url}
def user_login(request): return render(request,'accounts/login.html',{'form':AuthenticationForm()})
def include_login_form(request): form = AuthenticationForm() return {'login_form': form}
def openid(request, op_name=None): client = None request.session[ "next"] = request.GET["next"] if "next" in request.GET.keys() else "/" try: dyn = settings.OIDC_ALLOW_DYNAMIC_OP or False except: dyn = True try: template_name = settings.OIDC_LOGIN_TEMPLATE except AttributeError: template_name = 'djangooidc/login.html' # Internal login? if request.method == 'POST' and "internal_login" in request.POST: ilform = AuthenticationForm(request.POST) return auth_login_view(request) else: ilform = AuthenticationForm() # Try to find an OP client either from the form or from the op_name URL # argument if request.method == 'GET' and op_name is not None: try: client = CLIENTS[op_name] except KeyError as e: logger.info(str(e)) raise Http404("OIDC client not found") request.session["op"] = op_name if request.method == 'POST' and dyn: form = DynamicProvider(request.POST) if form.is_valid(): try: client = CLIENTS.dynamic_client(form.cleaned_data["hint"]) request.session["op"] = client.provider_info["issuer"] except Exception as e: logger.exception("could not create OOID client") return view_error_handler(request, {"error": e}) else: form = DynamicProvider() # If we were able to determine the OP client, just redirect to it with an # authentication request if client: try: acrvalue = None if 'acr_value' in settings.OIDC_PROVIDERS[op_name][ 'client_registration']: acrvalue = settings.OIDC_PROVIDERS[op_name][ 'client_registration']['acr_value'] return client.create_authn_request(request.session, acr_value=acrvalue) except Exception as e: return view_error_handler(request, {"error": e}) # Otherwise just render the list+form. return render_to_response( template_name, { "op_list": [i for i in settings.OIDC_PROVIDERS.keys() if i], 'dynamic': dyn, 'form': form, 'ilform': ilform, "next": request.session["next"] })
def get(self, request, *args, **kwargs): if request.user.is_authenticated(): return redirect(settings.LOGIN_REDIRECT_URL) form = AuthenticationForm() ctx = {"form": form} return render(request, "motor/login.html", ctx)
def get(self, request): if request.user.is_authenticated: return redirect('home_page') form = AuthenticationForm() return render(request, self.template, {'form': form})
def get(self, request): form = AuthenticationForm() return render(request, "login.html", {"form": form})
def login_form(request): return { "login_form": AuthenticationForm(request.POST), }
def post(self, request): # получив запрос на авторизацию form = AuthenticationForm(request, data=request.POST) # забираем IP адрес из запроса ip = get_client_ip(request) # получаем или создаём новую запись об IP, с которого вводится пароль, на предмет блокировки obj, created = TemporaryBanIp.objects.get_or_create( defaults={ 'ip_address': ip, 'time_unblock': timezone.now() }, ip_address=ip ) # если IP заблокирован и время разблокировки не настало if obj.status is True and obj.time_unblock > timezone.now(): context = create_context_username_csrf(request) if obj.attempts == 3 or obj.attempts == 6: # то открываем страницу с сообщением о блокировки на 15 минут при 3 и 6 неудачных попытках входа return render_to_response('accounts/block_15_minutes.html', context=context) elif obj.attempts == 9: # или открываем страницу о блокировке на 24 часа, при 9 неудачных попытках входа return render_to_response('accounts/block_24_hours.html', context=context) elif obj.status is True and obj.time_unblock < timezone.now(): # если IP заблокирован, но время разблокировки настало, то разблокируем IP obj.status = False obj.save() # проверяем правильность формы, что есть такой пользователь # и он ввёл правильный пароль # если пользователь ввёл верные данные, то авторизуем его и удаляем запись о блокировке IP if form.is_valid(): # в случае успеха авторизуем пользователя auth.login(request, form.get_user()) #obj.attempts=0 #obj.save() obj.delete() # получаем предыдущий url next = urlparse(get_next_url(request)).path # и если пользователь из числа персонала и заходил через url /admin/login/ # то перенаправляем пользователя в админ панель if next == '/admin/login/' and request.user.is_staff: return redirect('/admin/') # иначе делаем редирект на предыдущую страницу, # в случае с /accounts/login/ произойдёт ещё один редирект на главную страницу # в случае любого другого url, пользователь вернётся на данный url return redirect(next) else: # иначе считаем попытки и устанавливаем время разблокировки и статус блокировки obj.attempts += 1 if obj.attempts == 3 or obj.attempts == 6: obj.time_unblock = timezone.now() + timezone.timedelta(minutes=15) obj.status = True elif obj.attempts == 9: obj.time_unblock = timezone.now() + timezone.timedelta(1) obj.status = True elif obj.attempts > 9: obj.attempts = 1 obj.save() # если данные не верны, то пользователь окажется на странице авторизации # и увидит сообщение об ошибке context = create_context_username_csrf(request) context['login_form'] = form return render_to_response('accounts/login.html', context=context)
def login_user(request): if request.user.id is not None: messages.error(request, str(request.user.id)) return redirect( reverse('index:mod', kwargs={'user_id': request.user.id})) else: if request.method == "POST": form = AuthenticationForm(request, data=request.POST) username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: #user is valid content manager try: content_manager = Content_Manager.objects.get( username=username) if content_manager.is_confirmed: pass else: content_manager.is_confirmed = True content_manager.save() messages.warning(request, "Status updated") except Exception as e: if user.is_superuser: pass else: messages.warning(request, str(e)) login(request, user) messages.success(request, f"You are now logged in as {username}") return redirect( reverse('index:mod', kwargs={'user_id': request.user.id})) else: try: content_manager = Content_Manager.objects.get( username=username) try: valid_id = Identification_Number.objects.get( employee_id=content_manager.employee_id) try: content_manager.is_confirmed = True content_manager.save() messages.warning(request, "Status updated") new_user = User() new_user.first_name = content_manager.first_name new_user.last_name = content_manager.last_name new_user.username = content_manager.username new_user.email = content_manager.email new_user.set_password(content_manager.password) new_user.save() login(request, new_user) messages.success( request, f"You are now logged in as {new_user.username}" ) return redirect( reverse('index:mod', kwargs={'user_id': request.user.id})) # user is now a valid content manager except Exception as e: messages.error(request, str(e)) except: if content_manager.is_confirmed: #user is confirmed but not yet registered #id wasnt added after user registration #user not yet registered try: new_id = Identification_Number() new_id.employee_id = content_manager.employee_id new_id.save() except Exception as e: messages.error(request, str(e)) try: new_user = User() new_user.first_name = content_manager.first_name new_user.last_name = content_manager.last_name new_user.username = content_manager.username new_user.email = content_manager.email new_user.set_password(content_manager.password) new_user.save() login(request, new_user) messages.success( request, f"You are now logged in as {new_user.username}" ) return redirect( reverse( 'index:mod', kwargs={'user_id': request.user.id})) #user is now a valid content manager except Exception as e: messages.error(request, str(e)) else: messages.warning( request, "Im sorry, your request is still under validation process." ) except Exception as e: messages.error(request, "Invalid username or password") messages.error(request, str(e)) form = AuthenticationForm() return render(request, "index/login.html", {"form": form})
def get(self, request): return render(request, "news/login.html", {"form": AuthenticationForm()})
def test_authenticate_forms_no_data(self): n_form = AuthenticationForm(data={}) self.assertFalse(n_form.is_valid()) self.assertEquals(len(n_form.errors), 2)
def get(self,request): if request.user.is_authenticated == True: return HttpResponseRedirect('/') form = AuthenticationForm() return render(request, 'login.html',locals())
def login(request): form = AuthenticationForm() return render(request, 'users/login.html', {'form': form})
def get(self, request): form = AuthenticationForm() return render(request, "login/page-login.html", {'form': form})
def get(self, request): if request.user.is_authenticated: return redirect('to_do_app:app') form = AuthenticationForm() return render(request, 'login.html', {"form": form})
def ingresar(request): if request.method == 'POST': formulario = AuthenticationForm(request.POST) if request.session['cont'] > 3: formulario2 = fcapcha(request.POST) if formulario2.is_valid(): pass else: datos = {'formulario': formulario, 'formulario2': formulario2} return render_to_response( "usuario/ingresar.html", datos, context_instance=RequestContext(request)) if formulario.is_valid: #usuario=request.POST['username'] #clave=request.POST['password'] Nick = request.POST["username"] password = request.POST["password"] #acceso=authenticate(username=usuario,password=clave) acceso = authenticate(username=Nick, password=password) if acceso is not None: if acceso.is_active: login(request, acceso) p = SessionStore() p["name"] = Nick p["estado"] = "conectado" p.save() request.session["idkey"] = p.session_key request.session["name"] = Nick #del request.session['cont'] return HttpResponseRedirect('/perfil') else: login(request, acceso) return HttpResponseRedirect('/active') else: request.session['cont'] = request.session['cont'] + 1 aux = request.session['cont'] estado = True mensaje = "Error en los datos " + str(aux) if aux > 3: formulario2 = fcapcha() datos = { 'formulario': formulario, 'formulario2': formulario2, 'estado': estado, 'mensaje': mensaje } else: datos = { 'formulario': formulario, 'estado': estado, 'mensaje': mensaje } return render_to_response( 'usuario/ingresar.html', datos, context_instance=RequestContext(request)) else: request.session['cont'] = 0 formulario = AuthenticationForm() return render_to_response('usuario/ingresar.html', {'formulario': formulario}, context_instance=RequestContext(request))
def home(request): if request.method == 'POST': #If a form is submitted if 'login' in request.POST: # What to do for the login form form = AuthenticationForm(request=request, data=request.POST) if form.is_valid(): #Log in user if credntials are valid. username = form.cleaned_data.get('username') password = form.cleaned_data.get('password') user = authenticate(username=username, password=password) if user is not None: login(request, user) messages.info(request, f"You are now logged in as {username}") if user.is_superuser: return redirect('manager/administrate/') return redirect('manager/') #Not sure else: #If credentials are invalid, send an error message messages.error(request, "Invalid username or password") elif 'pass' in request.POST: # What to do for the password reset form if request.method == 'POST': #Redundant but i dont want to remove and reformat changePassForm = ForgotPassForm(request.POST) if changePassForm.is_valid(): #Send email to change pass if email entered is valid email = changePassForm.cleaned_data['email'] for user in User.objects.all(): if user.email == email: newPass = generatePassword() u = User.objects.get(email=email) u.set_password(newPass) u.save() send_mail( 'You requested a one time password', 'Your new password is: ' + newPass + ', log in to https://04lpsalesweb01.crowdstrike.sys/ and change your password immediately', 'Corporate Sales Feedback <*****@*****.**>', [email], fail_silently=False, ) return redirect('homepage') messages.error(request, "Email does not exist. OTP not sent") return redirect('homepage') elif 'user' in request.POST: if request.method == 'POST': forgotUserForm = ForgotPassForm(request.POST) if forgotUserForm.is_valid(): email = forgotUserForm.cleaned_data['email'] for user in User.objects.all(): if user.email == email: send_mail( 'You requested your username', 'Your username is: ' + user.username + ', log in to https://04lpsalesweb01.crowdstrike.sys/', 'Corporate Sales Feedback <*****@*****.**>', [email], fail_silently=False, ) return redirect('homepage') messages.error(request, "Email does not exist. Try again") return redirect('homepage') forgotUserForm = ForgotPassForm() changePassForm = ForgotPassForm() form = AuthenticationForm() return render(request = request, template_name = "index.html", context={ "forgotUserForm":forgotUserForm, "changePassForm":changePassForm, "form":form } )
def preview(request, course_prefix, course_suffix): """ Much code borrowed from registration.views.register """ if request.common_page_data['is_course_admin']: return redirect( 'http://' + request.get_host() + reverse('courses.views.main', args=[course_prefix, course_suffix])) if request.common_page_data['is_course_member'] and not request.common_page_data['course'].preview_only_mode and \ date.today() >= request.common_page_data['course'].calendar_start : return redirect( 'http://' + request.get_host() + reverse('courses.views.main', args=[course_prefix, course_suffix])) if not backend.registration_allowed(request): return redirect(disallowed_url) form = form_class(initial={ 'course_prefix': course_prefix, 'course_suffix': course_suffix }) login_form = AuthenticationForm(request) context = RequestContext(request) template_name = 'previews/default.html' class_template = 'previews/' + request.common_page_data[ 'course'].handle + '.html' if os.path.isfile(settings.TEMPLATE_DIRS + '/' + class_template): template_name = class_template return render_to_response( template_name, { 'form': form, 'login_form': login_form, 'common_page_data': request.common_page_data, 'display_login': request.GET.__contains__('login') }, context_instance=context) else: try: common_page_data = get_common_page_data(request, course_prefix, course_suffix) page = AdditionalPage.objects.get( course=common_page_data['course'], slug="overview") return render_to_response( "previews/overview.html", { 'common_page_data': common_page_data, 'page': page, 'form': form, 'login_form': login_form, 'common_page_data': request.common_page_data, 'display_login': request.GET.__contains__('login'), }, context_instance=context) except Exception, e: print e return render_to_response( template_name, { 'form': form, 'login_form': login_form, 'common_page_data': request.common_page_data, 'display_login': request.GET.__contains__('login') }, context_instance=context)
def get(self, request): form = AuthenticationForm() return render(request, self.template, {'form': form})
def home (request): signup_form = UserCreationForm() form = AuthenticationForm() return render(request, 'home.html', {'signup_form' : signup_form, 'form':form})
def view_event(request, event_id, event_slug, location_slug=None): # XXX should we double check the associated location here? currently the # assumption is that if an event is being viewed under a specific location # that that will be reflected in the URL path. try: event = Event.objects.get(id=event_id) except: logger.debug('event not found') return HttpResponseRedirect('/404') location = get_object_or_404(Location, slug=location_slug) # if the slug has changed, redirect the viewer to the correct url (one # where the url matches the current slug) if event.slug != event_slug: logger.debug('event slug has changed') # there's some tomfoolery here since we don't know for sure if the app # is being used in a project that specifies the location as part of the # url. probably a better way to do this... return HttpResponseRedirect( reverse('gather_view_event', args=(event.location.slug, event.id, event.slug))) # is the event in the past? today = timezone.now() logger.debug(event.end) if event.end < today: past = True else: past = False # set up for those without accounts to RSVP if request.user.is_authenticated(): current_user = request.user new_user_form = None login_form = None location_event_admin = EventAdminGroup.objects.get(location=location) if request.user in location_event_admin.users.all( ) or request.user in location.house_admins.all(): user_is_event_admin = True else: user_is_event_admin = False else: current_user = None new_user_form = UserProfileForm() login_form = AuthenticationForm() user_is_event_admin = False # this is counter-intuitive - private events are viewable to those who have # the link. so private events are indeed shown to anyone (once they are # approved). and we dont have a way of knowing what the previous status of # canceled events was (!), so we also let this go through but then suppress # the event details and a cancelation notice on the event page. if (event.status == 'live' and event.visibility == Event.PRIVATE ) or event.is_viewable(current_user) or event.status == 'canceled': if current_user and current_user in event.organizers.get_queryset(): user_is_organizer = True else: user_is_organizer = False num_attendees = len(event.attendees.all()) # only meaningful if event.limit > 0 spots_remaining = event.limit - num_attendees event_email = 'event%d@%s.%s' % (event.id, event.location.slug, settings.LIST_DOMAIN) domain = Site.objects.get_current().domain formatted_title = event.title.replace(" ", "+") formatted_dates = event.start.strftime( "%Y%m%dT%H%M00Z") + "/" + event.end.strftime( "%Y%m%dT%H%M00Z") # "20140127T224000Z/20140320T221500Z" detail_url = "https://" + domain + reverse( 'gather_view_event', args=(event.location.slug, event.id, event.slug)) formatted_location = event.where.replace(" ", "+") event_google_cal_link = '''https://www.google.com/calendar/render?action=TEMPLATE&text=%s&dates=%s&details=For+details%%3a+%s&location=%s&sf=true&output=xml''' % ( formatted_title, formatted_dates, detail_url, formatted_location) if user_is_event_admin or user_is_organizer: email_form = EventEmailTemplateForm(event, location) else: email_form = None return render( request, 'gather_event_view.html', { 'event': event, 'current_user': current_user, 'event_google_cal_link': event_google_cal_link, 'user_is_organizer': user_is_organizer, 'new_user_form': new_user_form, "event_email": event_email, "domain": domain, 'login_form': login_form, "spots_remaining": spots_remaining, 'user_is_event_admin': user_is_event_admin, 'email_form': email_form, "num_attendees": num_attendees, 'in_the_past': past, 'endorsements': event.endorsements.all(), 'location': location }) elif not current_user: # if the user is not logged in and this is not a public event, have them login and try again messages.add_message(request, messages.INFO, 'Please log in to view this event.') next_url = reverse('gather_view_event', args=(event.location.slug, event.id, event.slug)) return HttpResponseRedirect('/people/login/?next=%s' % next_url) else: # the user is logged in but the event is not viewable to them based on their status messages.add_message( request, messages.INFO, 'Oops! You do not have permission to view this event.') return HttpResponseRedirect('/locations/%s' % location.slug)