def profile(request): """ Controller to handle login http post """ if request.method == 'POST': username = request.POST.get('username') password = request.POST.get('password') user = authenticate(username=username, password=password) if user: if user.is_active: logger.debug('user active, login() {0}, {1}'.format(request, user)) login(request, user) profileViewHelper = ProfileViewHelper(user) return profileViewHelper.direct_view(request) else: logger.error('User account disabled.') raise Http404("User account disabled.") else: logger.error('Invalid login details: {0}, {1}'.format(username, password)) raise Http404('Invalid login details: {0}, {1}'.format(username, password)) else: if request.user.is_active: profileViewHelper = ProfileViewHelper(request.user) return profileViewHelper.direct_view(request) else: raise Http404('Invalid user for profile')
def sign_in(request): logger.debug('enter sign_in() {0}'.format(request)) # If the request is a HTTP POST, try to pull out the relevant information. if request.method == 'POST': # Gather the username and password provided by the user. # This information is obtained from the login form. # We use request.POST.get('<variable>') as opposed to request.POST['<variable>'], # because the request.POST.get('<variable>') returns None, if the value does not exist, # while the request.POST['<variable>'] will raise key error exception username = request.POST.get('username') password = request.POST.get('password') # Use Django's machinery to attempt to see if the email/password # combination is valid - a User object is returned if it is. user = authenticate(username=username, password=password) # If we have a User object, the details are correct. # If None (Python's way of representing the absence of a value), no user # with matching credentials was found. if user: # Is the account active? It could have been disabled. if user.is_active: # If the account is valid and active, we can log the user in. # We'll send the user back to the homepage. logger.debug('user active, login() {0}, {1}'.format(request, user)) login(request, user) #return HttpResponseRedirect('/store/profile/') profileViewHelper = ProfileViewHelper(user) profileViewHelper.direct_view(request) else: # An inactive account was used - no logging in! return HttpResponse("Your account is disabled.") else: # Bad login details were provided. So we can't log the user in. print "Invalid login details: {0}, {1}".format(username, password) return HttpResponse("Invalid login details supplied: {0}, {1}".format(username, password)) # The request is not a HTTP POST, so display the login form. # This scenario would most likely be a HTTP GET. else: # for visitor, generate empty menu menu = MenuService.visitor_menu() requestContext = RequestContext(request, {'menu':menu, 'page_title': 'Login'} ) return render_to_response('login.html', requestContext)