def login_optional(request):
"""
One screen Login with SMS
:param request:
:return:
Prompt for: email, password.
Offer "Send Pin Code" and "Login" Submit buttons
Test email and password. Check for MFA setting.
If MFA is enabled and Login button used with no Pin Code then fail validation
If User and Password are correct and no MFA then allow login
If User and Password and MFA and Pin Code then allow Login
Else fail validation
"""
args = {}
if settings.DEBUG:
print("in accounts.views.sms.login_optional")
if request.POST:
form = AuthenticationSMSForm(request.POST)
if settings.DEBUG:
print("test login before is_valid()")
print(request.POST['login'])
print("pin needed? [%s]" % request.POST['send_pin'])
if form.is_valid():
if settings.DEBUG:
print("in the post section with form instance")
print(form)
print("Email:", form.cleaned_data['email'])
# Do the evaluation logic here
if request.POST['login'].lower() == 'send pin code':
if settings.DEBUG:
print("Sending PIN")
try:
u = User.objects.get(email=request.POST['email'])
except User.DoesNotExist:
messages.error(request, "Something went wrong.")
form = AuthenticationSMSForm(request.POST)
form.email = request.POST['email']
return render_to_response(
'accounts/login_sms.html',
RequestContext(
request,
{'form': form},
))
else:
email = form.cleaned_data['email']
password = form.cleaned_data['password']
sms_code = form.cleaned_data['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationForm()},
RequestContext(request))
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('login_sms'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationForm()},
RequestContext(request))
else: # FORM IS NOT VALID
if settings.DEBUG:
print("Form is invalid")
args['form'] = form
return render(request, 'accounts/login_sms.html', args)
else: # Not a POST
form = AuthenticationSMSForm()
return render_to_response('accounts/login_sms.html',
context_instance=RequestContext(
request, {'form': form}))
def login_optional(request):
"""
One screen Login with SMS
:param request:
:return:
Prompt for: email, password.
Offer "Send Pin Code" and "Login" Submit buttons
Test email and password. Check for MFA setting.
If MFA is enabled and Login button used with no Pin Code then fail validation
If User and Password are correct and no MFA then allow login
If User and Password and MFA and Pin Code then allow Login
Else fail validation
"""
args = {}
if settings.DEBUG:
print("in accounts.views.sms.login_optional")
if request.POST:
form = AuthenticationSMSForm(request.POST)
if settings.DEBUG:
print("test login before is_valid()")
print(request.POST['login'])
print("pin needed? [%s]" % request.POST['send_pin'])
if form.is_valid():
if settings.DEBUG:
print("in the post section with form instance")
print(form)
print("Email:", form.cleaned_data['email'])
# Do the evaluation logic here
if request.POST['login'].lower() == 'send pin code':
if settings.DEBUG:
print("Sending PIN")
try:
u = User.objects.get(email = request.POST['email'])
except User.DoesNotExist:
messages.error(request, "Something went wrong.")
form = AuthenticationSMSForm(request.POST)
form.email = request.POST['email']
return render_to_response('accounts/login_sms.html',
RequestContext(request,{'form': form},))
else:
email = form.cleaned_data['email']
password = form.cleaned_data['password']
sms_code = form.cleaned_data['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationForm()},
RequestContext(request))
user=authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('login_sms'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationForm()},
RequestContext(request))
else: # FORM IS NOT VALID
if settings.DEBUG:
print("Form is invalid")
args['form'] = form
return render(request, 'accounts/login_sms.html', args )
else: # Not a POST
form = AuthenticationSMSForm()
return render_to_response('accounts/login_sms.html',
context_instance=RequestContext(request,
{'form': form}))
def login_optional_sms(request):
"""
One screen Login with SMS
:param request:
:return:
Prompt for: email, password.
Offer "Send Pin Code" and "Login" Submit buttons
Test email and password. Check for MFA setting.
If MFA is enabled and Login button used with no Pin Code then fail validation
If User and Password are correct and no MFA then allow login
If User and Password and MFA and Pin Code then allow Login
Else fail validation
"""
if settings.DEBUG:
print("in accounts.views.sms.login_optional_sms")
if request.method == 'POST':
# handle the form input
if settings.DEBUG:
print("in the POST")
form = AuthenticationSMSForm(request.POST)
# check for Login Method:
# 1. = Login
# 2. = Send Pin Code
if request.POST['login'].lower() == 'send pin code':
if settings.DEBUG:
print("Sending Code to %s" % (request.POST['email']))
try:
u = User.objects.get(email=request.POST['email'])
except User.DoesNotExist:
messages.error(request, "Something went wrong.")
form = AuthenticationSMSForm(request.POST)
form.email = request.POST['email']
return render_to_response('accounts/login_sms.html',
{'form': form},
RequestContext(request))
mfa_required = u.mfa
email_address = u.email
if u.is_active:
form = AuthenticationSMSForm()
form.email = email_address
if mfa_required:
ValidSMSCode.objects.create(user=u)
messages.success(
request,
"A text message was sent to your mobile phone.")
else:
messages.success(
request, "Your account is active. Continue Login.")
return render_to_response('accounts/login_sms.html',
RequestContext(request, {'form': form}))
elif request.POST['login'].lower() == 'login':
if settings.DEBUG:
print("in login step")
if form.is_valid:
if settings.DEBUG:
print("Valid form received")
# print "Authenticate"
email = form.cleaned_data.get['email']
password = form.cleaned_data.get['password']
sms_code = form.cleaned_data.get['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationSMSForm()},
RequestContext(request))
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
# form is not valid
form.email = form.cleaned_data['email']
form.password = form.cleaned_data['password']
render_to_response('accounts/login_sms.html',
context_instance=RequestContext(
request,
{'form': form},
))
else:
# setup the form. We are entering with a GET to the page.
if settings.DEBUG:
print("setting up sms.login_optional_sms form")
form = AuthenticationSMSForm
return render_to_response('accounts/login_sms.html',
context_instance=RequestContext(
request,
{'form': form},
))
def login_optional_sms(request):
"""
One screen Login with SMS
:param request:
:return:
Prompt for: email, password.
Offer "Send Pin Code" and "Login" Submit buttons
Test email and password. Check for MFA setting.
If MFA is enabled and Login button used with no Pin Code then fail validation
If User and Password are correct and no MFA then allow login
If User and Password and MFA and Pin Code then allow Login
Else fail validation
"""
if settings.DEBUG:
print("in accounts.views.sms.login_optional_sms")
if request.method == 'POST':
# handle the form input
if settings.DEBUG:
print("in the POST")
form = AuthenticationSMSForm(request.POST)
# check for Login Method:
# 1. = Login
# 2. = Send Pin Code
if request.POST['login'].lower() == 'send pin code':
if settings.DEBUG:
print("Sending Code to %s" % (request.POST['email']))
try:
u = User.objects.get(email = request.POST['email'])
except User.DoesNotExist:
messages.error(request, "Something went wrong.")
form = AuthenticationSMSForm(request.POST)
form.email = request.POST['email']
return render_to_response('accounts/login_sms.html',
{'form': form},
RequestContext(request))
mfa_required = u.mfa
email_address = u.email
if u.is_active:
form = AuthenticationSMSForm()
form.email = email_address
if mfa_required:
ValidSMSCode.objects.create(user=u)
messages.success(request, "A text message was sent to your mobile phone.")
else:
messages.success(request, "Your account is active. Continue Login.")
return render_to_response('accounts/login_sms.html',
RequestContext(request,{'form': form} ))
elif request.POST['login'].lower() == 'login':
if settings.DEBUG:
print("in login step")
if form.is_valid:
if settings.DEBUG:
print("Valid form received")
# print "Authenticate"
email = form.cleaned_data.get['email']
password = form.cleaned_data.get['password']
sms_code = form.cleaned_data.get['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login_sms.html',
{'form': AuthenticationSMSForm()},
RequestContext(request))
user=authenticate(username=email, password=password)
if user is not None:
if user.is_active:
django_login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
# form is not valid
form.email = form.cleaned_data['email']
form.password = form.cleaned_data['password']
render_to_response('accounts/login_sms.html',
context_instance = RequestContext(request, {'form':form},))
else:
# setup the form. We are entering with a GET to the page.
if settings.DEBUG:
print("setting up sms.login_optional_sms form")
form = AuthenticationSMSForm
return render_to_response('accounts/login_sms.html',
context_instance = RequestContext(request, {'form':form},))