def login(self): from uliweb.contrib.auth import login form = functions.get_form('auth.LoginForm')() if request.user: next = request.GET.get('next','/admin') if next: return redirect(next) if request.method == 'GET': form.next.data = request.GET.get('next', request.referrer or '/') return {'form':form, 'msg':''} if request.method == 'POST': flag = form.validate(request.params) if flag: f, d = functions.authenticate(username=form.username.data, password=form.password.data) if f: request.session.remember = form.rememberme.data login(form.username.data) next = urllib.unquote(request.POST.get('next', '/admin')) return redirect(next) else: form.errors.update(d) msg = form.errors.get('_', '') or _('Login failed!') return {'msg':str(msg)}
def login(): from uliweb.contrib.auth import login text = "" username = request.params.get("username", "") form = LoginForm() if request.user: next = request.GET.get('next') if next: return redirect(next) if request.method == 'GET': form.next.data = request.GET.get('next', request.referrer or add_prefix('/')) return {'form':form, 'msg':'', 'username': username} if request.method == 'POST': login_failed_history = functions.get_model("login_failed_history") login_failed_user = login_failed_history.get(login_failed_history.c.username == username) if login_failed_user and login_failed_user.failed_times >= settings.VERIFICATIONCODE.FAILED_TIMES: form = CheckLoginForm() flag = form.validate(request.params) try: if flag: if not login_failed_user: login_failed_user = login_failed_history(username = username, failed_times = 0, verification_code = text) login_failed_user.save() f, d = functions.authenticate(username = form.username.data, password = form.password.data) if f: request.session.remember = form.rememberme.data login(form.username.data) login_failed_user.update(failed_times = 0).save() next = urllib.unquote(request.POST.get('next', add_prefix('/'))) return redirect(next) form.errors.update(d) current_failed_times = login_failed_user.failed_times current_failed_times = current_failed_times + 1 if current_failed_times >= settings.VERIFICATIONCODE.FAILED_TIMES: text = gene_code(username) if not isinstance(form, CheckLoginForm): form = CheckLoginForm() login_failed_user.update(failed_times = current_failed_times, verification_code = text).save() else: if login_failed_user and login_failed_user.failed_times >= settings.VERIFICATIONCODE.FAILED_TIMES: text = gene_code(username) login_failed_user.update(verification_code = text).save() except Exception, e: logger.error("count user: [%s] login failed times error" % (username)) logger.error("-- error message: %s" % (e)) msg = form.errors.get('_', '') or _('Login failed!') return {'form':form, 'msg':str(msg), 'username': username}
def api_login(self): username = request.values.get("username") password = request.values.get("password") rememberme = request.values.get("rememberme") if rememberme: rememberme = (rememberme.lower() == "true") or (rememberme == "1") if username and password: f, d = functions.authenticate( username=username, password=password, auth_type=settings.AUTH.APIUSER_AUTH_DEFAULT_TYPE ) if f: from uliweb.utils.date import now user = d user.last_login = now() user.save() request.user = user session = functions.get_session() session[settings.AUTH_APIUSER.SESSION_KEY_USER] = user.id session[settings.AUTH_APIUSER.SESSION_KEY_IP] = request.environ["REMOTE_ADDR"] if session.deleted: session.delete() else: if rememberme: timeout = settings.SESSION.remember_me_timeout session.set_expiry(timeout) else: timeout = settings.SESSION.timeout flag = session.save() return json( { "success": True, "msg": "log in successfully", "token_name": settings.AUTH_APIUSER.TOKEN_NAME, "token": session.key, "timeout": timeout, } ) return json({"success": False, "msg": "fail to log in"})
def api_login(self): username = request.values.get("username") password = request.values.get("password") rememberme = request.values.get("rememberme") if rememberme: rememberme = (rememberme.lower() == "true") or (rememberme == '1') if username and password: f, d = functions.authenticate( username=username, password=password, auth_type=settings.AUTH.APIUSER_AUTH_DEFAULT_TYPE) if f: from uliweb.utils.date import now user = d user.last_login = now() user.save() request.user = user session = functions.get_session() session[settings.AUTH_APIUSER.SESSION_KEY_USER] = user.id session[settings.AUTH_APIUSER. SESSION_KEY_IP] = request.environ['REMOTE_ADDR'] if session.deleted: session.delete() else: if rememberme: timeout = settings.SESSION.remember_me_timeout session.set_expiry(timeout) else: timeout = settings.SESSION.timeout flag = session.save() return json({ "success": True, "msg": "log in successfully", "token_name": settings.AUTH_APIUSER.TOKEN_NAME, "token": session.key, "timeout": timeout, }) return json({"success": False, "msg": "fail to log in"})