def login(self):
from uliweb.contrib.auth import login
form = functions.get_form('auth.LoginForm')()
if request.user:
next = request.GET.get('next','/admin')
if next:
return redirect(next)
if request.method == 'GET':
form.next.data = request.GET.get('next', request.referrer or '/')
return {'form':form, 'msg':''}
if request.method == 'POST':
flag = form.validate(request.params)
if flag:
f, d = functions.authenticate(username=form.username.data, password=form.password.data)
if f:
request.session.remember = form.rememberme.data
login(form.username.data)
next = urllib.unquote(request.POST.get('next', '/admin'))
return redirect(next)
else:
form.errors.update(d)
msg = form.errors.get('_', '') or _('Login failed!')
return {'msg':str(msg)}
def login():
from uliweb.contrib.auth import login
text = ""
username = request.params.get("username", "")
form = LoginForm()
if request.user:
next = request.GET.get('next')
if next:
return redirect(next)
if request.method == 'GET':
form.next.data = request.GET.get('next', request.referrer or add_prefix('/'))
return {'form':form, 'msg':'', 'username': username}
if request.method == 'POST':
login_failed_history = functions.get_model("login_failed_history")
login_failed_user = login_failed_history.get(login_failed_history.c.username == username)
if login_failed_user and login_failed_user.failed_times >= settings.VERIFICATIONCODE.FAILED_TIMES:
form = CheckLoginForm()
flag = form.validate(request.params)
try:
if flag:
if not login_failed_user:
login_failed_user = login_failed_history(username = username, failed_times = 0, verification_code = text)
login_failed_user.save()
f, d = functions.authenticate(username = form.username.data, password = form.password.data)
if f:
request.session.remember = form.rememberme.data
login(form.username.data)
login_failed_user.update(failed_times = 0).save()
next = urllib.unquote(request.POST.get('next', add_prefix('/')))
return redirect(next)
form.errors.update(d)
current_failed_times = login_failed_user.failed_times
current_failed_times = current_failed_times + 1
if current_failed_times >= settings.VERIFICATIONCODE.FAILED_TIMES:
text = gene_code(username)
if not isinstance(form, CheckLoginForm):
form = CheckLoginForm()
login_failed_user.update(failed_times = current_failed_times, verification_code = text).save()
else:
if login_failed_user and login_failed_user.failed_times >= settings.VERIFICATIONCODE.FAILED_TIMES:
text = gene_code(username)
login_failed_user.update(verification_code = text).save()
except Exception, e:
logger.error("count user: [%s] login failed times error" % (username))
logger.error("-- error message: %s" % (e))
msg = form.errors.get('_', '') or _('Login failed!')
return {'form':form, 'msg':str(msg), 'username': username}
def api_login(self):
username = request.values.get("username")
password = request.values.get("password")
rememberme = request.values.get("rememberme")
if rememberme:
rememberme = (rememberme.lower() == "true") or (rememberme == "1")
if username and password:
f, d = functions.authenticate(
username=username, password=password, auth_type=settings.AUTH.APIUSER_AUTH_DEFAULT_TYPE
)
if f:
from uliweb.utils.date import now
user = d
user.last_login = now()
user.save()
request.user = user
session = functions.get_session()
session[settings.AUTH_APIUSER.SESSION_KEY_USER] = user.id
session[settings.AUTH_APIUSER.SESSION_KEY_IP] = request.environ["REMOTE_ADDR"]
if session.deleted:
session.delete()
else:
if rememberme:
timeout = settings.SESSION.remember_me_timeout
session.set_expiry(timeout)
else:
timeout = settings.SESSION.timeout
flag = session.save()
return json(
{
"success": True,
"msg": "log in successfully",
"token_name": settings.AUTH_APIUSER.TOKEN_NAME,
"token": session.key,
"timeout": timeout,
}
)
return json({"success": False, "msg": "fail to log in"})
def api_login(self):
username = request.values.get("username")
password = request.values.get("password")
rememberme = request.values.get("rememberme")
if rememberme:
rememberme = (rememberme.lower() == "true") or (rememberme == '1')
if username and password:
f, d = functions.authenticate(
username=username,
password=password,
auth_type=settings.AUTH.APIUSER_AUTH_DEFAULT_TYPE)
if f:
from uliweb.utils.date import now
user = d
user.last_login = now()
user.save()
request.user = user
session = functions.get_session()
session[settings.AUTH_APIUSER.SESSION_KEY_USER] = user.id
session[settings.AUTH_APIUSER.
SESSION_KEY_IP] = request.environ['REMOTE_ADDR']
if session.deleted:
session.delete()
else:
if rememberme:
timeout = settings.SESSION.remember_me_timeout
session.set_expiry(timeout)
else:
timeout = settings.SESSION.timeout
flag = session.save()
return json({
"success": True,
"msg": "log in successfully",
"token_name": settings.AUTH_APIUSER.TOKEN_NAME,
"token": session.key,
"timeout": timeout,
})
return json({"success": False, "msg": "fail to log in"})
