def login(request): """ Login view """ if request.method == 'POST': form = AuthenticationForm(data=request.POST) if form.is_valid(): user = authenticate(email=request.POST['email'], password=request.POST['password']) if user is not None: if settings.DEBUG: print("User is not Empty!") if user.is_active: django_login(request, user) return redirect('/') else: form = AuthenticationForm() return render_to_response('registration/login.html', { 'form': form, }, context_instance=RequestContext(request))
def sms_login(request, *args, **kwargs): # Check session variables to find information carried forward. access_field = settings.USERNAME_FIELD # This is the key field name. Probably username or email if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key)) # print(request.POST) print(args) print(kwargs) next = "" # Passing next parameter through to form if request.GET: if 'next' in request.GET: next = request.GET['next'] next = request.get_full_path().split('next=')[1] if settings.DEBUG: print("We got a next value of:", next) print("full path = ", request.get_full_path()) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST[access_field]) # form = SMSCodeForm(request.POST) # form.username = request.POST['username'] request.session[access_field] = request.POST[access_field] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): print("Authenticating...") access_key = form.cleaned_data[access_field] # .lower() password = form.cleaned_data['password'] # .lower() sms_code = form.cleaned_data['sms_code'] if not validate_sms(access_key=access_key, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', {'form': AuthenticationForm(), 'next': next}, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available try: user = authenticate(username=access_key, password=password) except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError, ldap3.LDAPSocketOpenError): print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:",ldap3.LDAPSocketOpenError) messages.error(request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', {'next': next}, RequestContext(request)) ####### if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc session_device(request, "True", Session="auth_master") # DONE: Now Send a message on login if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message if next != "": if settings.DEBUG: print("About to redirect to:", next ) print("QUERY_DICT:", dict(request.POST.items())) print("but what about kwargs", kwargs) return HttpResponseRedirect(next) else: return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") args = {'next': next} return HttpResponseRedirect(reverse('sms_code', args)) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm(), 'next': next}, RequestContext(request)) else: print("Error with the POST form", ) return render_to_response('accounts/login.html', {'form': form, 'next': next}, RequestContext(request)) else: if access_field in request.session: access_key = request.session[access_field] else: access_key = "" if settings.DEBUG: print("in sms_login. Setting up Form [", access_key, "]") form = AuthenticationForm(initial={access_field: access_key}) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', {'form': form, 'next': next}, RequestContext(request))
def sms_code(request): # Check session variables to find information carried forward. access_field = settings.USERNAME_FIELD # This is the key field name. Probably username or email if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" status = "NONE" if settings.DEBUG: print("in accounts.views.sms.sms_code") next = "" # We need to carry the next parameter through if request.GET: next = request.GET['next'] if settings.DEBUG: print("next parameter is:", next) print("Other parameters = ", dict(request.GET.items())) if request.method == 'POST': if request.POST.__contains__(access_field): access_key = request.POST[access_field].lower() print("POST ", access_field, "on entry:[%s]" % (access_key)) else: if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field].lower() else: access_key = "" if settings.DEBUG: #print("request.POST:%s" % request.POST) print("%s:%s" % (access_field, access_key)) form = SMSCodeForm(request.POST) if form.is_valid(): if not validate_user(request, form.cleaned_data[access_field].lower()): request.session[access_field] = "" # We had a problem # Message error was set in validate_user function status = access_field + " not Recognized" return HttpResponseRedirect(reverse('accounts:sms_code')) else: if settings.DEBUG: print("Valid form with a valid ", access_field) # True if email found in LDAP try: print("Access_Field:", access_field) print("form:AccessField:", form.cleaned_data[access_field].lower()) u = User.objects.get(**{ access_field: form.cleaned_data[access_field] }) #.lower() if settings.DEBUG: print("returned u:", u) # u = User.objects.get(username=form.cleaned_data['username']) mfa_required = u.mfa email = u.email if settings.DEBUG: print("Require MFA Login:%s" % mfa_required) if u.is_active: # posting a session variable for login page request.session[access_field] = access_key if mfa_required: trigger = ValidSMSCode.objects.create(user=u) if str(trigger.send_outcome).lower() != "fail": messages.success( request, "A text message was sent to your mobile phone." ) status = "Text Message Sent" else: messages.error( request, "There was a problem sending your pin code. Please try again." ) status = "Send Error" args = {} if next != "": args['next'] = next if settings.DEBUG: print("redirecting to sms_code with args:", args) return HttpResponseRedirect( reverse('accounts:sms_code', args)) else: messages.success( request, "Your account is active. Continue Login.") status = "Account Active" else: request.session[access_field] = "" messages.error( request, mark_safe( "Your account is inactive. If you recently registered to use BlueButton" "\nplease check your email for an activation link." )) status = "Inactive Account" return HttpResponseRedirect( reverse('accounts:sms_code')) except (User.DoesNotExist): # User is in LDAP but not in User Table #u = make_local_user(request, # email=form.cleaned_data['email'].lower()) # DONE: Point to Registration Page # DONE: Redirect user to educate, acknowledge, validate step messages.error( request, mark_safe( "You are registered on MyMedicare.gov. " "\nBut not registered for BlueButton." " \nPlease complete the <a href='/registration/register/'>BlueButton Registration</a>" )) request.session[access_field] = "" args = {} args[access_field] = form.cleaned_data[access_field].lower( ) return HttpResponseRedirect("/accounts/learn/0/", access_key) # messages.error(request, "You are not recognized.") # status = "User UnRecognized" #return HttpResponseRedirect( # reverse('accounts:sms_code')) # except(UserProfile.DoesNotExist): # messages.error(request, "You do not have a user profile.") # return HttpResponseRedirect(reverse('sms_code')) if settings.DEBUG: print("dropping out of valid form") print("Status:", status) print("%s: %s" % (access_field, access_key)) # Change the form and move to login form = AuthenticationForm(initial={access_field: access_key}) args = {} args['form'] = form if next == "": args['next'] = "" else: args['next'] = next if settings.DEBUG: print("calling accounts:login with args:", args) call_with = '/accounts/login?next=%s' % next if settings.DEBUG: print("about to call:", call_with) return HttpResponseRedirect(call_with) #return render_to_response('accounts/login.html', # RequestContext(request, {'form': form, # 'next': next})) else: if settings.DEBUG: print("invalid form") # need to make form.username a variable form.username = access_key return render_to_response( 'accounts/smscode.html', RequestContext(request, { 'form': form, 'next': next })) else: if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" if settings.DEBUG: print("setting up the POST in sms_code [", access_key, "]") print("Passing next parameter to form:", next) form = SMSCodeForm(initial={access_field: access_key}) # need to make form.username a variable if settings.USERNAME_FIELD == "email": form.email = access_key else: form.username = access_key if settings.DEBUG: print("form ", access_field, form) print("In the sms_code.get") if settings.DEBUG: print("form:", form) print("Dropping to render_to_response in sms_code with next=", next) return render_to_response('accounts/smscode.html', { 'form': form, 'next': next }, RequestContext(request))
def sms_login(request, *args, **kwargs): # Check session variables to find information carried forward. access_field = settings.USERNAME_FIELD # This is the key field name. Probably username or email if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key)) # print(request.POST) print(args) print(kwargs) next = "" # Passing next parameter through to form if request.GET: if 'next' in request.GET: next = request.GET['next'] next = request.get_full_path().split('next=')[1] if settings.DEBUG: print("We got a next value of:", next) print("full path = ", request.get_full_path()) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST[access_field]) # form = SMSCodeForm(request.POST) # form.username = request.POST['username'] request.session[access_field] = request.POST[access_field] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): print("Authenticating...") access_key = form.cleaned_data[access_field] # .lower() password = form.cleaned_data['password'] # .lower() sms_code = form.cleaned_data['sms_code'] if not validate_sms(access_key=access_key, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', { 'form': AuthenticationForm(), 'next': next }, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available try: user = authenticate(username=access_key, password=password) except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError, ldap3.LDAPSocketOpenError): print("We got an LDAP Error - Bind:", dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:", ldap3.LDAPSocketOpenError) messages.error( request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', {'next': next}, RequestContext(request)) ####### if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc session_device(request, "True", Session="auth_master") # DONE: Now Send a message on login if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message if next != "": if settings.DEBUG: print("About to redirect to:", next) print("QUERY_DICT:", dict(request.POST.items())) print("but what about kwargs", kwargs) return HttpResponseRedirect(next) else: return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") args = {'next': next} return HttpResponseRedirect(reverse('sms_code', args)) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', { 'form': AuthenticationForm(), 'next': next }, RequestContext(request)) else: print("Error with the POST form", ) return render_to_response('accounts/login.html', { 'form': form, 'next': next }, RequestContext(request)) else: if access_field in request.session: access_key = request.session[access_field] else: access_key = "" if settings.DEBUG: print("in sms_login. Setting up Form [", access_key, "]") form = AuthenticationForm(initial={access_field: access_key}) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', { 'form': form, 'next': next }, RequestContext(request))
def sms_login(request, *args, **kwargs): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: print(request.GET) print("SMS_LOGIN.GET:email:[%s]" % (email)) print(request.POST) print(args) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST['email']) #form = SMSCodeForm(request.POST) #form.email = request.POST['email'] request.session['email'] = request.POST['email'] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): #print "Authenticate" email = form.cleaned_data['email'] password = form.cleaned_data['password'] sms_code = form.cleaned_data['sms_code'] if not validate_sms(username=email, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) user = authenticate(username=email, password=password) if user is not None: if user.is_active: django_login(request, user) return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('sms_code')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) else: return render_to_response('accounts/login.html', {'form': form}, RequestContext(request)) else: if 'email' in request.session: email = request.session['email'] else: email = "" if settings.DEBUG: print("in sms_login. Setting up Form [", email, "]") form = AuthenticationForm(initial={ 'email': email, }) if settings.DEBUG: print(form) return render_to_response('accounts/login.html', {'form': form}, RequestContext(request))
def login_optional(request): """ One screen Login with SMS :param request: :return: Prompt for: email, password. Offer "Send Pin Code" and "Login" Submit buttons Test email and password. Check for MFA setting. If MFA is enabled and Login button used with no Pin Code then fail validation If User and Password are correct and no MFA then allow login If User and Password and MFA and Pin Code then allow Login Else fail validation """ args = {} if settings.DEBUG: print("in accounts.views.sms.login_optional") if request.POST: form = AuthenticationSMSForm(request.POST) if settings.DEBUG: print("test login before is_valid()") print(request.POST['login']) print("pin needed? [%s]" % request.POST['send_pin']) if form.is_valid(): if settings.DEBUG: print("in the post section with form instance") print(form) print("Email:", form.cleaned_data['email']) # Do the evaluation logic here if request.POST['login'].lower() == 'send pin code': if settings.DEBUG: print("Sending PIN") try: u = User.objects.get(email=request.POST['email']) except User.DoesNotExist: messages.error(request, "Something went wrong.") form = AuthenticationSMSForm(request.POST) form.email = request.POST['email'] return render_to_response( 'accounts/login_sms.html', RequestContext( request, {'form': form}, )) else: email = form.cleaned_data['email'] password = form.cleaned_data['password'] sms_code = form.cleaned_data['sms_code'] if not validate_sms(username=email, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login_sms.html', {'form': AuthenticationForm()}, RequestContext(request)) user = authenticate(username=email, password=password) if user is not None: if user.is_active: django_login(request, user) return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('login_sms')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login_sms.html', {'form': AuthenticationForm()}, RequestContext(request)) else: # FORM IS NOT VALID if settings.DEBUG: print("Form is invalid") args['form'] = form return render(request, 'accounts/login_sms.html', args) else: # Not a POST form = AuthenticationSMSForm() return render_to_response('accounts/login_sms.html', context_instance=RequestContext( request, {'form': form}))
def login_optional_sms(request): """ One screen Login with SMS :param request: :return: Prompt for: email, password. Offer "Send Pin Code" and "Login" Submit buttons Test email and password. Check for MFA setting. If MFA is enabled and Login button used with no Pin Code then fail validation If User and Password are correct and no MFA then allow login If User and Password and MFA and Pin Code then allow Login Else fail validation """ if settings.DEBUG: print("in accounts.views.sms.login_optional_sms") if request.method == 'POST': # handle the form input if settings.DEBUG: print("in the POST") form = AuthenticationSMSForm(request.POST) # check for Login Method: # 1. = Login # 2. = Send Pin Code if request.POST['login'].lower() == 'send pin code': if settings.DEBUG: print("Sending Code to %s" % (request.POST['email'])) try: u = User.objects.get(email=request.POST['email']) except User.DoesNotExist: messages.error(request, "Something went wrong.") form = AuthenticationSMSForm(request.POST) form.email = request.POST['email'] return render_to_response('accounts/login_sms.html', {'form': form}, RequestContext(request)) mfa_required = u.mfa email_address = u.email if u.is_active: form = AuthenticationSMSForm() form.email = email_address if mfa_required: ValidSMSCode.objects.create(user=u) messages.success( request, "A text message was sent to your mobile phone.") else: messages.success( request, "Your account is active. Continue Login.") return render_to_response('accounts/login_sms.html', RequestContext(request, {'form': form})) elif request.POST['login'].lower() == 'login': if settings.DEBUG: print("in login step") if form.is_valid: if settings.DEBUG: print("Valid form received") # print "Authenticate" email = form.cleaned_data.get['email'] password = form.cleaned_data.get['password'] sms_code = form.cleaned_data.get['sms_code'] if not validate_sms(username=email, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login_sms.html', {'form': AuthenticationSMSForm()}, RequestContext(request)) user = authenticate(username=email, password=password) if user is not None: if user.is_active: django_login(request, user) return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('sms_code')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) else: # form is not valid form.email = form.cleaned_data['email'] form.password = form.cleaned_data['password'] render_to_response('accounts/login_sms.html', context_instance=RequestContext( request, {'form': form}, )) else: # setup the form. We are entering with a GET to the page. if settings.DEBUG: print("setting up sms.login_optional_sms form") form = AuthenticationSMSForm return render_to_response('accounts/login_sms.html', context_instance=RequestContext( request, {'form': form}, ))
def sms_code(request): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" status = "NONE" if settings.DEBUG: print("in accounts.views.sms.sms_code") if request.method == 'POST': if request.POST.__contains__('email'): email = request.POST['email'] print("POST email on entry:[%s]" % (email)) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" if settings.DEBUG: print("request.POST:%s" % request.POST) print("email:%s" % email) form = SMSCodeForm(request.POST) if form.is_valid(): try: u = User.objects.get(email=form.cleaned_data['email']) mfa_required = u.mfa email = u.email if settings.DEBUG: print("Require MFA Login:%s" % mfa_required) if u.is_active: # posting a session variable for login page request.session['email'] = email if mfa_required: trigger = ValidSMSCode.objects.create(user=u) if str(trigger.send_outcome).lower() != "fail": messages.success( request, "A text message was sent to your mobile phone." ) status = "Text Message Sent" else: messages.error( request, "There was a problem sending your pin code. Please try again." ) status = "Send Error" return HttpResponseRedirect( reverse('accounts:sms_code')) else: messages.success( request, "Your account is active. Continue Login.") status = "Account Active" else: request.session['email'] = "" messages.error(request, "Your account is inactive.") status = "Inactive Account" return HttpResponseRedirect(reverse('accounts:sms_code')) except (User.DoesNotExist): request.session['email'] = "" messages.error(request, "You are not recognized.") status = "User UnRecognized" return HttpResponseRedirect(reverse('accounts:sms_code')) # except(UserProfile.DoesNotExist): # messages.error(request, "You do not have a user profile.") # return HttpResponseRedirect(reverse('sms_code')) if settings.DEBUG: print("dropping out of valid form") print("Status:", status) print("email: %s" % email) # Change the form and move to login form = AuthenticationForm(initial={'email': email}) args = {} args['form'] = form return HttpResponseRedirect(reverse('accounts:login'), args) else: if settings.DEBUG: print("invalid form") form.email = email return render_to_response('accounts/login.html', RequestContext(request, {'form': form})) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: print("setting up the POST in sms_code [", email, "]") form = SMSCodeForm(initial={ 'email': email, }) form.email = email if settings.DEBUG: print("form email", form.email) if settings.DEBUG: print(form) return render_to_response('accounts/smscode.html', {'form': form}, RequestContext(request))
def sms_login(request, *args, **kwargs): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:email:[%s]" % (email)) # print(request.POST) print(args) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST['email']) # form = SMSCodeForm(request.POST) # form.email = request.POST['email'] request.session['email'] = request.POST['email'] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): # print("Authenticate") email = form.cleaned_data['email'].lower() password = form.cleaned_data['password'].lower() sms_code = form.cleaned_data['sms_code'] if not validate_sms(username=email, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available try: user = authenticate(username=email, password=password) except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError, ldap3.LDAPSocketOpenError): print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:",ldap3.LDAPSocketOpenError) messages.error(request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', RequestContext(request)) ####### if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc session_device(request, "True", Session="auth_master") # DONE: Now Send a message on login if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('sms_code')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) else: return render_to_response('accounts/login.html', {'form': form}, RequestContext(request)) else: if 'email' in request.session: email = request.session['email'] else: email = "" if settings.DEBUG: print("in sms_login. Setting up Form [", email, "]") form = AuthenticationForm(initial={'email': email, }) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', {'form': form}, RequestContext(request))
def sms_login(request, *args, **kwargs): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: print(request.GET) print("SMS_LOGIN.GET:email:[%s]" % (email)) print(request.POST) print(args) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST['email']) #form = SMSCodeForm(request.POST) #form.email = request.POST['email'] request.session['email'] = request.POST['email'] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): #print "Authenticate" email = form.cleaned_data['email'] password = form.cleaned_data['password'] sms_code = form.cleaned_data['sms_code'] if not validate_sms(username=email, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) user=authenticate(username=email, password=password) if user is not None: if user.is_active: django_login(request, user) return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('sms_code')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) else: return render_to_response('accounts/login.html', {'form': form}, RequestContext(request)) else: if 'email' in request.session: email = request.session['email'] else: email = "" if settings.DEBUG: print("in sms_login. Setting up Form [", email, "]") form = AuthenticationForm(initial={'email': email, }) if settings.DEBUG: print(form) return render_to_response('accounts/login.html', {'form': form}, RequestContext(request))
def sms_login(request, *args, **kwargs): # Step 2 of the login process. if settings.USERNAME_FIELD in request.session: if request.session[settings.USERNAME_FIELD] != "": key_field = request.session[settings.USERNAME_FIELD] else: key_field = "" else: key_field = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:%s:[%s]" % (settings.USERNAME_FIELD, key_field)) # print(request.POST) print("args:", args) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST[settings.USERNAME_FIELD]) # form = SMSCodeForm(request.POST) # form.email = request.POST['email'] request.session[settings.USERNAME_FIELD] = request.POST[settings.USERNAME_FIELD] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): print("Authenticating...") key_field = form.cleaned_data[settings.USERNAME_FIELD].lower() password = form.cleaned_data['password'].lower() sms_code = form.cleaned_data['sms_code'] if settings.DEBUG: print("working with ", key_field) if not validate_sms(username=key_field, smscode=sms_code): messages.error(request, "Invalid Access Code.") if settings.DEBUG: print("Going to sms_login loop back") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available check = User.objects.get(user=key_field) if settings.DEBUG: print("checking with ", key_field, "/", check) try: # user = authenticate(user=key_field, password=password) user = authenticate(email=check.email, password=password) if settings.DEBUG: print("Authenticated User:"******"We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:",ldap3.LDAPSocketOpenError) messages.error(request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', RequestContext(request)) ####### if settings.DEBUG: print("authentication with", user) if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc # session_device(request, # "True", # Session="auth_master") # DONE: Now Send a message on login request.session['auth_master']= "True" if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('sms_code')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) else: return render_to_response('accounts/login.html', {'form': form}, RequestContext(request)) else: if settings.USERNAME_FIELD in request.session: key_field = request.session[settings.USERNAME_FIELD] else: key_field = "" if settings.DEBUG: print("in sms_login. Setting up Form [", settings.USERNAME_FIELD, "]") form = AuthenticationForm(initial={settings.USERNAME_FIELD: key_field, }) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', {'form': form}, RequestContext(request))