def login_chosen_user(request):
if 'authenticated_users' not in request.session:
return redirect('user:login.login')
if 'user' not in request.POST:
del request.session['authenticated_users']
return redirect('user:login.login')
# Verify that the user authenticated for this user
if not int(request.POST['user']) in request.session['authenticated_users']:
del request.session['authenticated_users']
return redirect('user:login.login')
# All is swell, log the user in
user = User.get_users(include_pending=True).get(id=request.POST['user'], is_inactive=False)
user = authenticate(user=user)
log_user_in(request, user)
del request.session['authenticated_users']
if request.site.is_central():
return redirect(request.GET.get('next', reverse('user:home')))
else:
if 'sso_checked' in request.session:
del request.session['sso_checked']
return redirect(sso_login_url(
request.site,
request.user,
request.GET.get('next', reverse('user:home')),
))
def login_chosen_user(request):
if 'authenticated_users' not in request.session:
return redirect('user:login.login')
if 'user' not in request.POST:
del request.session['authenticated_users']
return redirect('user:login.login')
# Verify that the user authenticated for this user
if not int(request.POST['user']) in request.session['authenticated_users']:
del request.session['authenticated_users']
return redirect('user:login.login')
# All is swell, log the user in
user = User.get_users(include_pending=True).get(id=request.POST['user'], is_inactive=False)
user = authenticate(user=user)
log_user_in(request, user)
del request.session['authenticated_users']
if request.session.get('OAuth-authorization'):
try:
o = urlparse(request.GET.get('next', None))
client_id = [a[1] for a in parse_qsl(o.query) if a[0] == 'client_id'][0]
user.last_login_oauth_date = datetime.now()
user.save()
log, created = UserOauthActiveLog.objects.get_or_create(
user=user,
oauth_client_id=client_id,
defaults={
'first_date': user.last_login_oauth_date,
'last_date': user.last_login_oauth_date
})
if not created:
log.last_date = user.last_login_oauth_date
log.save()
except:
pass
else:
user.last_login_site_date = datetime.now()
user.save()
if request.site.is_central():
return redirect(request.GET.get('next', reverse('user:home')))
else:
if 'sso_checked' in request.session:
del request.session['sso_checked']
return redirect(sso_login_url(
request.site,
request.user,
request.GET.get('next', reverse('user:home')),
))
def login(request):
if 'authenticated_users' in request.session:
del request.session['authenticated_users']
context = {
'user_password_length': settings.USER_PASSWORD_LENGTH,
'memberid_lookups_limit': settings.MEMBERID_LOOKUPS_LIMIT,
'countries': FocusCountry.get_sorted(),
}
if request.method == 'GET':
# If the user is already authenticated, send them straight forwards
if request.user.is_authenticated():
return redirect(request.GET.get('next', reverse('user:home')))
# If logging in on a non-central site, first send the user to the
# central site to try automatic login. Except if 'sso_checked' is set in
# session, in which case they've already tried and failed.
if not request.site.is_central() \
and 'sso_checked' not in request.session:
return_address = 'https://%s%s?next=%s' % (
request.site.domain,
reverse('user:login.single_signon_return'),
request.GET.get('next', reverse('user:home')),
)
return redirect('https://%s%s?next=%s' % (
Site.get_central().domain,
reverse('user:login.single_signon_check'),
urlquote(return_address),
))
if 'registreringsnokkel' in request.GET:
try:
user = User.get_users(include_pending=True).get(
pending_registration_key=request.GET['registreringsnokkel']
)
context['prefilled_user'] = user
except User.DoesNotExist:
pass
if 'next' in request.GET:
context['next'] = urlquote(request.GET['next'])
if request.session.get('OAuth-authorization'):
context['stripped_layout'] = True
return render(request, 'common/user/login/login.html', context)
elif request.method == 'POST':
matches, message = attempt_login(request)
if len(matches) == 1:
if request.session.get('OAuth-authorization'):
try:
o = urlparse(request.GET.get('next', None))
client_id = [a[1] for a in parse_qsl(o.query) if a[0] == 'client_id'][0]
request.user.last_login_oauth_date = datetime.now()
request.user.save()
log, created = UserOauthActiveLog.objects.get_or_create(
user=request.user,
oauth_client_id=client_id,
defaults={
'first_date': request.user.last_login_oauth_date,
'last_date': request.user.last_login_oauth_date
})
if not created:
log.last_date = request.user.last_login_oauth_date
log.save()
except:
pass
else:
request.user.last_login_site_date = datetime.now()
request.user.save()
if request.site.is_central():
return redirect(request.GET.get('next', reverse('user:home')))
else:
if 'sso_checked' in request.session:
del request.session['sso_checked']
return redirect(sso_login_url(
request.site,
request.user,
request.GET.get('next', reverse('user:home')),
))
elif len(matches) > 1:
# Multiple matches, offer a choice between all matches
request.session['authenticated_users'] = [u.id for u in matches]
if 'next' in request.GET:
return redirect(
"%s?next=%s" % (
reverse('user:login.choose_authenticated_user'),
urlquote(request.GET['next']),
)
)
else:
return redirect('user:login.choose_authenticated_user')
else:
messages.error(request, message)
if 'next' in request.GET:
context['next'] = urlquote(request.GET['next'])
context['email'] = request.POST['email']
if request.session.get('OAuth-authorization'):
context['stripped_layout'] = True
return render(request, 'common/user/login/login.html', context)
else:
return redirect('user:login.login')
