def login_chosen_user(request): if 'authenticated_users' not in request.session: return redirect('user:login.login') if 'user' not in request.POST: del request.session['authenticated_users'] return redirect('user:login.login') # Verify that the user authenticated for this user if not int(request.POST['user']) in request.session['authenticated_users']: del request.session['authenticated_users'] return redirect('user:login.login') # All is swell, log the user in user = User.get_users(include_pending=True).get(id=request.POST['user'], is_inactive=False) user = authenticate(user=user) log_user_in(request, user) del request.session['authenticated_users'] if request.site.is_central(): return redirect(request.GET.get('next', reverse('user:home'))) else: if 'sso_checked' in request.session: del request.session['sso_checked'] return redirect(sso_login_url( request.site, request.user, request.GET.get('next', reverse('user:home')), ))
def login_chosen_user(request): if 'authenticated_users' not in request.session: return redirect('user:login.login') if 'user' not in request.POST: del request.session['authenticated_users'] return redirect('user:login.login') # Verify that the user authenticated for this user if not int(request.POST['user']) in request.session['authenticated_users']: del request.session['authenticated_users'] return redirect('user:login.login') # All is swell, log the user in user = User.get_users(include_pending=True).get(id=request.POST['user'], is_inactive=False) user = authenticate(user=user) log_user_in(request, user) del request.session['authenticated_users'] if request.session.get('OAuth-authorization'): try: o = urlparse(request.GET.get('next', None)) client_id = [a[1] for a in parse_qsl(o.query) if a[0] == 'client_id'][0] user.last_login_oauth_date = datetime.now() user.save() log, created = UserOauthActiveLog.objects.get_or_create( user=user, oauth_client_id=client_id, defaults={ 'first_date': user.last_login_oauth_date, 'last_date': user.last_login_oauth_date }) if not created: log.last_date = user.last_login_oauth_date log.save() except: pass else: user.last_login_site_date = datetime.now() user.save() if request.site.is_central(): return redirect(request.GET.get('next', reverse('user:home'))) else: if 'sso_checked' in request.session: del request.session['sso_checked'] return redirect(sso_login_url( request.site, request.user, request.GET.get('next', reverse('user:home')), ))
def login(request): if 'authenticated_users' in request.session: del request.session['authenticated_users'] context = { 'user_password_length': settings.USER_PASSWORD_LENGTH, 'memberid_lookups_limit': settings.MEMBERID_LOOKUPS_LIMIT, 'countries': FocusCountry.get_sorted(), } if request.method == 'GET': # If the user is already authenticated, send them straight forwards if request.user.is_authenticated(): return redirect(request.GET.get('next', reverse('user:home'))) # If logging in on a non-central site, first send the user to the # central site to try automatic login. Except if 'sso_checked' is set in # session, in which case they've already tried and failed. if not request.site.is_central() \ and 'sso_checked' not in request.session: return_address = 'https://%s%s?next=%s' % ( request.site.domain, reverse('user:login.single_signon_return'), request.GET.get('next', reverse('user:home')), ) return redirect('https://%s%s?next=%s' % ( Site.get_central().domain, reverse('user:login.single_signon_check'), urlquote(return_address), )) if 'registreringsnokkel' in request.GET: try: user = User.get_users(include_pending=True).get( pending_registration_key=request.GET['registreringsnokkel'] ) context['prefilled_user'] = user except User.DoesNotExist: pass if 'next' in request.GET: context['next'] = urlquote(request.GET['next']) if request.session.get('OAuth-authorization'): context['stripped_layout'] = True return render(request, 'common/user/login/login.html', context) elif request.method == 'POST': matches, message = attempt_login(request) if len(matches) == 1: if request.session.get('OAuth-authorization'): try: o = urlparse(request.GET.get('next', None)) client_id = [a[1] for a in parse_qsl(o.query) if a[0] == 'client_id'][0] request.user.last_login_oauth_date = datetime.now() request.user.save() log, created = UserOauthActiveLog.objects.get_or_create( user=request.user, oauth_client_id=client_id, defaults={ 'first_date': request.user.last_login_oauth_date, 'last_date': request.user.last_login_oauth_date }) if not created: log.last_date = request.user.last_login_oauth_date log.save() except: pass else: request.user.last_login_site_date = datetime.now() request.user.save() if request.site.is_central(): return redirect(request.GET.get('next', reverse('user:home'))) else: if 'sso_checked' in request.session: del request.session['sso_checked'] return redirect(sso_login_url( request.site, request.user, request.GET.get('next', reverse('user:home')), )) elif len(matches) > 1: # Multiple matches, offer a choice between all matches request.session['authenticated_users'] = [u.id for u in matches] if 'next' in request.GET: return redirect( "%s?next=%s" % ( reverse('user:login.choose_authenticated_user'), urlquote(request.GET['next']), ) ) else: return redirect('user:login.choose_authenticated_user') else: messages.error(request, message) if 'next' in request.GET: context['next'] = urlquote(request.GET['next']) context['email'] = request.POST['email'] if request.session.get('OAuth-authorization'): context['stripped_layout'] = True return render(request, 'common/user/login/login.html', context) else: return redirect('user:login.login')