def can_login(self, user: IUser) -> bool: """Verify if user is allowed do login. :param user: User object. :return: Boolean """ return user.can_login()
def authenticate_user(self, user: IUser, login_source:str, location: str=None): """Make the current session logged in session for this particular user.""" request = self.request settings = request.registry.settings require_activation = asbool(settings.get('horus.require_activation', True)) allow_inactive_login = asbool(settings.get('horus.allow_inactive_login', False)) if (not allow_inactive_login) and require_activation and (not user.is_activated()): raise AuthenticationFailure('Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.') if not user.can_login(): raise AuthenticationFailure('This user account cannot log in at the moment.') user_registry = get_user_registry(request) token = user_registry.get_session_token(user) headers = remember(request, token) # assert headers, "Authentication backend did not give us any session headers" if not location: location = get_config_route(request, 'horus.login_redirect') self.greet_user(user) self.update_login_data(user) e = events.Login(request, user) request.registry.notify(e) return HTTPFound(location=location, headers=headers)
def authenticate_user(self, user: IUser, login_source: str, location: str = None) -> Response: """Make the current session logged in session for this particular user. How to authenticate user using the login service (assuming you have done password match or related yourself): .. code-block:: python from websauna.system.user.utils import get_login_service def my_view(request): # load user model instance from database # user = ... login_service = get_login_service(request) response = login_service.authenticate_user(user, "my-login-source") :raise AuthenticationFailure: If login cannot proceed due to disabled user account, etc. :return: HTTPResponse what should happen as post-login action """ request = self.request settings = request.registry.settings require_activation = asbool( settings.get('websauna.require_activation', True)) allow_inactive_login = asbool( settings.get('websauna.allow_inactive_login', False)) if (not allow_inactive_login) and require_activation and ( not user.is_activated()): raise AuthenticationFailure( 'Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.' ) if not user.can_login(): raise AuthenticationFailure( 'This user account cannot log in at the moment.') user_registry = get_user_registry(request) token = user_registry.get_session_token(user) headers = remember(request, token) # assert headers, "Authentication backend did not give us any session headers" if not location: location = get_config_route(request, 'websauna.login_redirect') self.greet_user(user) self.update_login_data(user) e = events.Login(request, user) request.registry.notify(e) return HTTPFound(location=location, headers=headers)
def authenticate_user(self, user: IUser, login_source: str, location: str=None) -> Response: """Make the current session logged in session for this particular user. How to authenticate user using the login service (assuming you have done password match or related yourself): .. code-block:: python from websauna.system.user.utils import get_login_service def my_view(request): # load user model instance from database # user = ... login_service = get_login_service(request) response = login_service.authenticate_user(user, "my-login-source") :raise AuthenticationFailure: If login cannot proceed due to disabled user account, etc. :return: HTTPResponse what should happen as post-login action """ request = self.request settings = request.registry.settings require_activation = asbool(settings.get('websauna.require_activation', True)) allow_inactive_login = asbool(settings.get('websauna.allow_inactive_login', False)) if (not allow_inactive_login) and require_activation and (not user.is_activated()): raise AuthenticationFailure('Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.') if not user.can_login(): raise AuthenticationFailure('This user account cannot log in at the moment.') user_registry = get_user_registry(request) token = user_registry.get_session_token(user) headers = remember(request, token) # assert headers, "Authentication backend did not give us any session headers" if not location: location = get_config_route(request, 'websauna.login_redirect') self.greet_user(user) self.update_login_data(user) e = events.Login(request, user) request.registry.notify(e) return HTTPFound(location=location, headers=headers)
def authenticate_user(self, user: IUser, login_source: str, location: str = None): """Make the current session logged in session for this particular user.""" request = self.request settings = request.registry.settings require_activation = asbool( settings.get('horus.require_activation', True)) allow_inactive_login = asbool( settings.get('horus.allow_inactive_login', False)) if (not allow_inactive_login) and require_activation and ( not user.is_activated()): raise AuthenticationFailure( 'Your account is not active, please check your e-mail. If your account activation email as expired please request a password reset.' ) if not user.can_login(): raise AuthenticationFailure( 'This user account cannot log in at the moment.') user_registry = get_user_registry(request) token = user_registry.get_session_token(user) headers = remember(request, token) # assert headers, "Authentication backend did not give us any session headers" if not location: location = get_config_route(request, 'horus.login_redirect') self.greet_user(user) self.update_login_data(user) e = events.Login(request, user) request.registry.notify(e) return HTTPFound(location=location, headers=headers)