def signup(request):
if request.user.is_authenticated:
return HttpResponseRedirect('/post/')
if request.method == 'GET':
form = UserCreationForm()
return render(request, 'tilweb/signup.html', {'form': form})
if request.method == 'POST':
form = UserCreationForm(request.POST)
if form.is_valid():
# https://docs.djangoproject.com/en/1.11/topics/forms/modelforms/#the-save-method
form.save()
username = form.cleaned_data.get('username')
password = form.cleaned_data.get('password1')
user = authenticate(username=username, password=password)
login(request, user)
return HttpResponseRedirect('/post/')
else:
# If there were errors, we render the form with these
# errors
return render(request, 'tilweb/signup.html', {'form': form})
python类authenticate()的实例源码
def user_login(request):
"""
Logins user if he passed authentication.
"""
log_in_form = LogInForm(request.POST)
if log_in_form.is_valid():
user = authenticate(username=log_in_form.cleaned_data['username'],
password=log_in_form.cleaned_data['passw'])
if user:
login(request, user)
logger.info("User '{}' logged in.".format(user.username))
return redirect('index')
else:
return render(request, 'index.html', {'invalid_authentication': True})
# ----------------------------------------------------------------------------------------------------------------------
def form_valid(self, form):
self.profile = form.save()
self.request.session['user_cart'] = self.request.session.session_key
user = authenticate(
email=self.profile.email,
password=self.request.POST['password1']
)
messages.add_message(
self.request, messages.SUCCESS,
'You were successfully logged in.'
)
login(self.request, user)
return super(RegistrationFormView, self).form_valid(form)
def index(request):
if request.method == "POST":
user = authenticate(username=request.POST.get('email'), password=request.POST.get('password'))
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect(request.GET.get('next') or '/')
else:
response_data = {'message': "Your account has been disabled!"}
else:
response_data = {'message': 'The username and password are incorrect.'}
return render(request, 'login.html', response_data)
elif request.user.is_authenticated():
host_name, kernel = uname()[1:3]
return render(request, 'dashboard.html', {'host_name': host_name, 'kernel': kernel, 'ip_addr': HOST_IP_ADDR})
else:
return render(request, 'login.html')
def clean(self):
#Get login data
username=self.cleaned_data.get("username")
password=self.cleaned_data.get("password")
#Checking authentication
if username and password:
user=authenticate(username=username, password=password)
"""
The following bunch of if, else if statements will return errors if the following
cases are met
-- Login is not valid
-- Login is currently not active
-- If the user does not have groups associated with them
"""
if ((not user) or (not user.check_password(password))):
raise forms.ValidationError("The login details are incorrect")
elif (not user.is_active):
raise forms.ValidationError("Please contact your system administrator. Your account has been disabled")
elif (user_groups.objects.filter(username_id=user.id, is_deleted='FALSE').count() == 0):
raise forms.ValidationError("Please contact your system administrator. Your account has no group access")
return super(login_form, self).clean()
def post(self, request): # noqa
username = request.data.get('username')
password = request.data.get('password')
device_id = request.data.get('device_id') or ''
if not username or not password:
return Response(
{'error': 'Missing username or password'},
status=status.HTTP_400_BAD_REQUEST
)
user = authenticate(
username=username.lower(), password=password
)
if not user:
raise InvalidEmailOrPasswordAPIException()
auth_token, _ = AuthToken.objects.get_or_create(
user=user, device_id=device_id
)
return Response({'token': auth_token.key})
def form_valid(self, form):
user = form.save(commit=False);
user.set_password(form.cleaned_data['password']);
user.username = form.cleaned_data['username'].lower();
user.email = form.cleaned_data['email'].lower();
user.is_active = True;
user.save();
fbuserprofile = FieldBookUser();
fbuserprofile.user = user;
# saving the fieldbook key and password
fbuserprofile.fieldbook_api_key = form.cleaned_data['username'].lower();
fbuserprofile.fieldbook_api_secret = form.cleaned_data['password'];
fbuserprofile.fieldbook_book= form.cleaned_data['fieldbook_book'];
fbuserprofile.save();
# execute login
user_logged = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password']);
login(self.request, user_logged);
return HttpResponseRedirect(self.get_success_url())
def clean(self):
# clean()???? ??? ???? dict? ???
# cleaned_data = super().clean()
# username, password? ??? ????? ??
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
# username, password? ??? ??? authenticate
user = authenticate(
username=username,
password=password
)
# ??? ??? ??, Form? cleaned_data? 'user'
# ?? ??? User??? ??
if user is not None:
self.cleaned_data['user'] = user
# ??? ??? ??, is_valid()? ???? ????
# ValidationError? ????
else:
raise forms.ValidationError(
'Login credentials not valid'
)
return self.cleaned_data
def user_login(request):
"""
Authenticates user and returns the token which uses to access to the API.
"""
user = authenticate(username=request.data.get('username'),
password=request.data.get('password'))
if user:
user_token = TheUser.objects.get(id_user=user).auth_token
login(request, user)
logger.info("User '{}' logged in.".format(user.username))
return Response({'status': 200,
'detail': 'successful',
'data': {'token': user_token}})
return Response({'status': 404,
'detail': 'not authenticated',
'data': {'token': None}})
# ----------------------------------------------------------------------------------------------------------------------
def login(request):
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if form.is_valid():
code = LoginCode.objects.filter(**{
'user__email': request.POST.get('username')
})[0]
code.next = reverse('webtzite_register')
code.save()
code.send_login_code(
secure=request.is_secure(),
host=request.get_host(),
)
return render(request, 'registration/sent_mail.html')
jpy_user = os.environ.get('JPY_USER')
if jpy_user:
from django.contrib.auth import authenticate
code = authenticate(code=None, username=jpy_user+'@users.noreply.github.com')
user = authenticate(code=code.code, username=code.user.username)
auth_login(request, user)
return redirect(reverse('webtzite_register'))
return django_login(request, authentication_form=AuthenticationForm)
def form_valid(self, form):
cart = get_cart(self.request, create=True)
user = authenticate(email=self.request.POST['email'], password=self.request.POST['password'])
if user is not None and user.is_active:
self.request.session['user_cart'] = self.request.session.session_key
login(self.request, user)
if cart is not None:
cart.user = Profile.objects.get(id=user.id)
cart.save()
messages.add_message(self.request, messages.SUCCESS, 'You were successfully logged in.')
return super(AuthenticationForm, self).form_valid(form)
else:
response = super(AuthenticationForm, self).form_invalid(form)
messages.add_message(self.request, messages.WARNING, 'Wrong email or password. Please try again')
return response
# Logout View
def post(self, request):
form_busca = formBusca()
form = self.form_class(request.POST)
if form.is_valid():
user = form.save(commit=False)
nome = form.cleaned_data['nome']
username = form.cleaned_data['username']
email = form.cleaned_data['email']
celular = form.cleaned_data['celular']
descricao = form.cleaned_data['descricao']
password = form.cleaned_data['password']
user.set_password(password)
user.save()
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return redirect('../')
return render(request, self.template_name, {'form': form, 'formBusca':form_busca, 'localidade':"Localidade "})
def post(self, request):
form_busca = formBusca()
form = self.form_class(request.POST)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return redirect('../')
else:
print("Sua conta foi desabilitada!")
else:
print("Seu nome de usuario e/ou senha estao incorretos.")
return render(request, self.template_name, {'form': form, 'formBusca':form_busca, 'localidade':"Localidade "})
def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponseRedirect:
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is None:
messages.error(request, _('No user account matches the entered credentials.'))
return redirect('common:login')
if not user.is_active:
messages.error(request, _('User account is deactivated.'))
return redirect('common:login')
login(request, user)
url = urllib.parse.unquote(request.GET.get('next', ''))
if url and is_safe_url(url, request.get_host()):
return redirect(url)
return redirect('/')
def verify(request):
assert 'login_signature' in request.POST, "No signature supplied"
kwargs = {
'username': request.POST.get('login_username'),
'signature': request.POST.get('login_signature'),
'csrf_token': str(request.POST.get('csrfmiddlewaretoken'))
}
user = authenticate(request=request, **kwargs)
if user is None:
raise Exception("Failed to log in")
# return HttpResponseRedirect('/login')
else:
login(request, user)
return HttpResponseRedirect("/")
def login(request):
if request.session.get('username') is not None:
return HttpResponseRedirect('/',{"user":request.user})
else:
username = request.POST.get('username')
password = request.POST.get('password')
user = auth.authenticate(username=username,password=password)
if user and user.is_active:
auth.login(request,user)
request.session['username'] = username
return HttpResponseRedirect('/user/center/',{"user":request.user})
else:
if request.method == "POST":
return render(request,'login.html',{"login_error_info":"???????????????"},)
else:
return render(request,'login.html')
def login(self, **credentials):
"""
Sets the Factory to appear as if it has successfully logged into a site.
Returns True if login is possible; False if the provided credentials
are incorrect, or the user is inactive, or if the sessions framework is
not available.
"""
from django.contrib.auth import authenticate
user = authenticate(**credentials)
if (user and user.is_active and
apps.is_installed('django.contrib.sessions')):
self._login(user)
return True
else:
return False
def post(self, request):
form1=self.form_class1(request.POST)
form2 = self.form_class2(request.POST)
if form1.is_valid() and form2.is_valid():
user = form1.save(commit=False)
coder = form2.save(commit=False)
username = form1.cleaned_data['username']
password = form1.cleaned_data['password']
email = form1.clean_email()
user.set_password(password)
user.save()
coder.user = user
coder.save()
user = authenticate(username = username,password = password)
if user is not None:
if user.is_active:
login(request, user)
return redirect('/')
return render(request, self.template_name, {'form1': form1, 'form2': form2})
def validate(self, attrs):
username = attrs.get('username')
password = attrs.get('password')
if username and password:
user = authenticate(username=username, password=password)
if user:
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
else:
msg = _('Unable to log in with provided credentials.')
raise serializers.ValidationError(msg)
else:
msg = _('Must include "username" and "password".')
raise serializers.ValidationError(msg)
attrs['user'] = user
return attrs
def create_password(request, token):
if request.user.is_authenticated:
return redirect('order:details', token=token)
order = get_object_or_404(Order, token=token)
email = order.user_email
form_data = request.POST.copy()
if form_data:
form_data.update({'email': email})
register_form = PasswordForm(form_data or None)
if User.objects.filter(email=email).exists():
login_form = LoginForm(initial={'login': email})
else:
login_form = None
if register_form.is_valid():
register_form.save()
password = register_form.cleaned_data.get('password')
user = auth.authenticate(request=request, email=email,
password=password)
auth.login(request, user)
attach_order_to_user(order, user)
return redirect('order:details', token=token)
ctx = {'form': register_form, 'email': email, 'order': order,
'login_form': login_form}
return TemplateResponse(request, 'order/create_password.html', ctx)
def user_login(request):
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
cd = form.cleaned_data
user = authenticate(username=cd['username'], password=cd['password'])
if user is not None:
if user.is_active:
login(request, user)
return success('Authenticated successfully', '/ui')
else:
return error('Disabled account')
else:
return error('Wrong username or password')
else:
return error(str(form.errors))
else:
form = LoginForm()
return render(request, 'accounts/login.html', {'form': form})
def change_password(request):
if request.method == 'POST':
form = PasswordChangeForm(request.POST)
if form.is_valid():
username = request.user.username
cd = form.cleaned_data
user = authenticate(username=username, password=cd['old_password'])
if user is not None and user.is_active:
new_password = cd['new_password_1']
user.set_password(new_password)
user.save()
update_session_auth_hash(request, username)
return success('Your password had been updated.', 'accounts:login')
else:
return error('Password doesn\'t match.')
else:
return error('Your form is illegal.')
else:
return error('Please confirm your approaching method.')
def auth(request):
try:
username = request.POST['username']
password = request.POST['password']
except (KeyError):
# Be very upset and just throw the fool back
return index(request)
else:
# Attempt authentication
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
return redirect('/login')
else:
# Login failed
return render(request, 'login/index.html', {
'version' : settings.VERSION,
'authfail' : True,
})
def clean(self):
username = self.cleaned_data.get("username")
password = self.cleaned_data.get("password")
if not username or not password:
return self.cleaned_data
user = authenticate(username=username,
password=password)
if user:
self.user = user
else:
raise ValidationError("Yanlis kullanici adi veya sifre!")
return self.cleaned_data
def process_request(self, request):
if request.method == 'POST' and \
request.POST.get('lti_message_type') == 'basic-lti-launch-request':
logger.debug('received a basic-lti-launch-request - '
'authenticating the user')
# authenticate and log the user in
user = auth.authenticate(request=request)
if user is not None:
# User is valid.
# Set request.user and
# persist user in the session by logging the user in.
logger.debug('user was successfully authenticated; '
'now log them in')
request.user = user
auth.login(request, user)
return HttpResponseRedirect(request.get_full_path())
def login_auth(request):
username = request.POST.get('username')
password = request.POST.get('password')
goto_page = request.POST.get('next')
logger.debug('try to login, username: '+username+', password: '+password+', goto_page: '+str(goto_page))
# TODO: ??????‘???’?????????
if not username or not password:
return login(request, {'errors': '?????????'})
# ????????
newUser=auth.authenticate(username=username,password=password)
if newUser is not None:
if not is_manager(newUser):
return login(request, {'errors': '???????'})
auth.login(request, newUser)
if goto_page:
return redirect(goto_page)
else:
return redirect('staff:index')
return login(request, {'errors': '????????'})
def post(self, request):
var = ('username', 'password',)
vard = {}
for k in var:
v = request.POST.get(k, '')
if not v:
return JsonResponse({'error': k + ' is empty'})
vard[k] = v
user = auth.authenticate(
username=vard['username'], password=vard['password'])
if user is None:
return JsonResponse({'error': 'username or password incorrect'})
if not is_lecturer(user):
return JsonResponse({'error': 'you are not authorized'})
auth.login(request, user)
return redirect('lecturer:index')
def test_get_token_key(self):
client = Client()
request_url = "/api/v1/token-auth"
username = "parent1"
password = "123123"
user = authenticate(username=username, password=password)
self.assertNotEqual(user, None)
parent_user = User.objects.get(username=username)
self.assertEqual(parent_user.is_active, 1)
response = client.post(request_url, {"username": username,
"password": password})
self.assertEqual(response.status_code, 200)
client2 = Client()
response2 = client2.post(request_url, {"username": username,
"password": password})
self.assertEqual(response.content, response2.content)
def new_student() -> User:
# ????
username = random_string()[:30]
salt = random_string()[:5]
password = "malalaoshi"
user = User(username=username)
user.email = ""
user.password = make_password(password, salt)
user.save()
student_group = Group.objects.get(name="??")
user.groups.add(student_group)
# ??????
profile = Profile(user=user)
profile.save()
student = Student(user=user)
student.save()
# ????
user.save()
profile.save()
student.save()
ret_user = authenticate(username=username, password=password)
return ret_user
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
message = ERROR_MESSAGE
if username and password:
self.user_cache = authenticate(
username=username, password=password)
if self.user_cache is None:
if u'@' in username:
User = get_user_model()
# Mistakenly entered e-mail address instead of username? Look it up.
try:
user = User.objects.get(email=username)
except (User.DoesNotExist, User.MultipleObjectsReturned):
# Nothing to do here, moving along.
pass
else:
if user.check_password(password):
message = _("Your e-mail address is not your username."
" Try '%s' instead.") % user.username
raise forms.ValidationError(message)
elif not self.user_cache.is_active or not self.user_cache.is_staff:
raise forms.ValidationError(message)
return self.cleaned_data
