def post(self, request):
login_form = LoginForm(request.POST)
if login_form.is_valid():
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return render(request, 'index.html')
else:
return render(request, 'login.html', {'msg':'??????', 'login_form':login_form})
else:
return render(request, 'login.html', {'msg':'?????????', 'login_form':login_form})
else:
return render(request, 'login.html', {'msg':'???????????', 'login_form':login_form})
python类authenticate()的实例源码
def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponseRedirect:
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is None:
messages.error(request, _('No user account matches the entered credentials.'))
return redirect('backoffice:login')
if not user.is_active:
messages.error(request, _('User account is deactivated.'))
return redirect('backoffice:login')
if not is_backoffice_user(user):
messages.error(request, _('User does not have permission to access backoffice data.'))
return redirect('backoffice:login')
login(request, user)
url = request.GET.get('next')
if url and is_safe_url(url, request.get_host()):
return redirect(url)
return redirect('backoffice:main')
def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponseRedirect:
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is None:
messages.error(request, _('No user account matches the entered credentials.'))
return redirect('troubleshooter:login')
if not user.is_active:
messages.error(request, _('User account is deactivated.'))
return redirect('troubleshooter:login')
if not troubleshooter_user(user):
messages.error(request, _('User does not have permission to access troubleshooter data.'))
return redirect('troubleshooter:login')
login(request, user)
return redirect('troubleshooter:main')
def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponseRedirect:
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is not None:
if not user.is_active:
messages.error(request, _('User account is deactivated.'))
return redirect('desk:login')
session = user.get_current_session()
if session is None:
messages.error(request, _('You do not have an active session.'))
return redirect('desk:login')
if session.cashdesk != self.cashdesk:
messages.error(request, _('Your session is scheduled for a different cashdesk. Please go to '
'{desk}').format(desk=str(session.cashdesk)))
return redirect('desk:login')
login(request, user)
session.cashdesk.signal_next()
return redirect('desk:main')
else:
messages.error(request, _('No user account matches the entered credentials.'))
return redirect('desk:login')
def post(self, request):
form = self.form_class(request.POST)
if form.is_valid():
username, password = form.cleaned_data['username'], form.cleaned_data['password']
user = authenticate(username=username, password=password)
if user:
if user.is_active:
login(request, user)
return redirect("/")
else:
form.add_error("username", "Please confirm your password")
return render(request, "account/login.html", {"form": form})
else:
form.add_error("password", "Invalid username or password")
return render(request, "account/login.html", {"form": form})
else:
return render(request, "account/login.html", {"form": form})
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
message = ERROR_MESSAGE
if username and password:
self.user_cache = authenticate(
username=username, password=password)
if self.user_cache is None:
if u'@' in username:
User = get_user_model()
# Mistakenly entered e-mail address instead of username? Look it up.
try:
user = User.objects.get(email=username)
except (User.DoesNotExist, User.MultipleObjectsReturned):
# Nothing to do here, moving along.
pass
else:
if user.check_password(password):
message = _("Your e-mail address is not your username."
" Try '%s' instead.") % user.username
raise forms.ValidationError(message)
elif not self.user_cache.is_active or not self.user_cache.is_staff:
raise forms.ValidationError(message)
return self.cleaned_data
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
message = ERROR_MESSAGE
if username and password:
self.user_cache = authenticate(
username=username, password=password)
if self.user_cache is None:
if u'@' in username:
User = get_user_model()
# Mistakenly entered e-mail address instead of username? Look it up.
try:
user = User.objects.get(email=username)
except (User.DoesNotExist, User.MultipleObjectsReturned):
# Nothing to do here, moving along.
pass
else:
if user.check_password(password):
message = _("Your e-mail address is not your username."
" Try '%s' instead.") % user.username
raise forms.ValidationError(message)
elif not self.user_cache.is_active or not self.user_cache.is_staff:
raise forms.ValidationError(message)
return self.cleaned_data
def login(request):
username = auth.get_user(request).username
if (username):
return redirect('/')
else:
args = {}
args.update(csrf(request))
if request.POST:
username = request.POST.get('username','')
password = request.POST.get('password','')
user = auth.authenticate(username=username, password=password)
if user is not None:
if not request.POST.get('remember-me', ''):
request.session.set_expiry(0)
auth.login(request, user)
return redirect('/')
else:
args['login_error'] = format_html("<div class=\"main-error alert alert-error\">???????????? ??? ???????????? ??? ??????</div>")
return render_to_response('login.html', args)
else:
return render_to_response('login.html', args)
def register(request):
username = auth.get_user(request).username
if not (username):
args={}
args.update(csrf(request))
args['form']=UserCreationForm()
if request.POST:
newuser_form=UserCreationForm(request.POST)
if newuser_form.is_valid():
newuser_form.save()
newuser = auth.authenticate(username=newuser_form.cleaned_data['username'],password=newuser_form.cleaned_data['password2'])
auth.login(request, newuser)
return redirect('/')
else:
args['errors'] = format_html('<div class="main-error alert alert-error">?????? ??? ???????????</div>')
args['form'] = newuser_form
return render_to_response('register.html',args)
else:
return redirect('/')
def set_password(request, token):
profile = request.user.profile
if not check_password(token, profile.token):
return HttpResponseBadRequest()
if request.method == "POST":
form = SetPasswordForm(request.POST)
if form.is_valid():
password = form.cleaned_data["password"]
request.user.set_password(password)
request.user.save()
profile.token = ""
profile.save()
# Setting a password logs the user out, so here we
# log them back in.
u = authenticate(username=request.user.email, password=password)
auth_login(request, u)
messages.success(request, "Your password has been set!")
return redirect("hc-profile")
return render(request, "accounts/set_password.html", {})
def authentication_hook(self, request, user_id=None, username=None, email=None, extra_params=None):
extra = extra_params if extra_params else {}
# automatically generate password from user_id
password = self._generate_password(user_id, settings.PASSWORD_GENERATOR_NONCE)
# username and email might be empty, depending on how edX LTI module is configured:
# there are individual settings for that + if it's embedded into an iframe it never sends
# email and username in any case
# so, since we want to track user for both iframe and non-iframe LTI blocks, username is completely ignored
uname = self._compress_user_name(user_id)
email = email if email else user_id+'@localhost'
try:
User.objects.get(username=uname)
except User.DoesNotExist:
try:
User.objects.create_user(username=uname, email=email, password=password)
except IntegrityError as e:
# A result of race condition of multiple simultaneous LTI requests - should be safe to ignore,
# as password and uname are stable (i.e. not change for the same user)
logger.info("IntegrityError creating user - assuming result of race condition: %s", e.message)
authenticated = authenticate(username=uname, password=password)
login(request, authenticated)
def login(request):
if request.session.get('username') is not None:
return HttpResponseRedirect('/profile',{"user":request.user})
else:
username = request.POST.get('username')
password = request.POST.get('password')
user = auth.authenticate(username=username,password=password)
if user and user.is_active:
auth.login(request,user)
request.session['username'] = username
return HttpResponseRedirect('/profile',{"user":request.user})
else:
if request.method == "POST":
return render_to_response('login.html',{"login_error_info":"???????????????"},
context_instance=RequestContext(request))
else:
return render_to_response('login.html',context_instance=RequestContext(request))
def change_password(request):
if request.method == 'POST':
user = request.user
old_password = request.POST.get('old_password')
new_password = request.POST.get('new_password')
confirm_password = request.POST.get('confirm_password')
if authenticate(username=user.username, password=old_password):
if new_password == confirm_password:
user.set_password(new_password)
user.save()
messages.success(request, 'Password Updated')
else:
messages.warning(request, 'Passwords do not match')
else:
messages.warning(request, 'Invalid Password')
return render(request,
'taskManager/change_password.html',
{'user': request.user})
def signup(request):
# if this is a POST request we need to process the form data
if request.method == 'POST':
form = forms.RegisterForm(request.POST)
if form.is_valid():
email = form.cleaned_data['email']
password = form.cleaned_data['password']
name = form.cleaned_data['name']
if models.User.objects.filter(email=email).first() is not None:
messages.error(request, 'An account with this email already exists')
else:
user = models.User.objects.create_user(email=email, password=password, name=name)
user = auth.authenticate(email=email, password=password)
auth.login(request, user)
return HttpResponseRedirect(reverse('root'))
else:
form = forms.RegisterForm()
return render(request, 'signup.html', {'form': form})
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
message = ERROR_MESSAGE
if username and password:
self.user_cache = authenticate(
username=username, password=password)
if self.user_cache is None:
if u'@' in username:
User = get_user_model()
# Mistakenly entered e-mail address instead of username? Look it up.
try:
user = User.objects.get(email=username)
except (User.DoesNotExist, User.MultipleObjectsReturned):
# Nothing to do here, moving along.
pass
else:
if user.check_password(password):
message = _("Your e-mail address is not your username."
" Try '%s' instead.") % user.username
raise forms.ValidationError(message)
elif not self.user_cache.is_active or not self.user_cache.is_staff:
raise forms.ValidationError(message)
return self.cleaned_data
def register(request):
if request.method == 'POST':
register_form = RegisterForm(request.POST)
if register_form.is_valid():
user = register_form.save()
if user is not None:
user = authenticate(username=register_form.cleaned_data['username'],password=register_form.cleaned_data['password'])
auth_login(request,user)
return HttpResponseRedirect(reverse('index-view'))
else:
auth_logout(request)
return render(request, 'users/register.html', {'errors': register_form.errors})
else:
register_form = RegisterForm()
user = None
return render(request, 'users/register.html')
def clean(self):
email = self.cleaned_data.get('email')
password = self.cleaned_data.get('password')
if email and password:
if django.VERSION >= (1, 11):
self.user_cache = authenticate(self.request, email=email, password=password)
else:
self.user_cache = authenticate(email=email, password=password)
if self.user_cache is None:
raise forms.ValidationError(
self.error_messages['invalid_login'],
code='invalid_login',
params={'username': self.username_field.verbose_name},
)
else:
self.confirm_login_allowed(self.user_cache)
return self.cleaned_data
def login_view(request):
if request.POST:
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
messages.add_message(request, messages.SUCCESS, "Login successful.", extra_tags='success')
return redirect('account:home')
else:
messages.add_message(request, messages.ERROR, "You account is disabled.", extra_tags='danger')
return redirect('account:login')
else:
messages.add_message(request, messages.ERROR, "Your username and/or your password is incorrect.", extra_tags='warning')
return redirect('account:login')
else:
if request.user.is_authenticated():
return redirect('account:home')
else:
return render(request, 'autostew_web_account/login.html')
def login_view(request):
if request.method == "GET":
return render(request, 'carrinho/login.html', {})
elif request.method == "POST":
if request.user.is_authenticated():
return redirect('/')
nome_usuario = request.POST.get('usuario')
senha = request.POST.get('senha')
usuario = authenticate(username=nome_usuario, password=senha)
if usuario is not None:
login(request, usuario)
return redirect('/')
return redirect('/login/')
else:
raise Http404()
def signup(request):
if request.method == 'POST':
form = SignUpForm(request.POST)
if form.is_valid():
user = form.save()
user.refresh_from_db() # load the profile instance created by the signal
#user.profile.birth_date = form.cleaned_data.get('birth_date')
user.teacher.teacher_name = form.cleaned_data.get('teacher_name')
user.teacher.subjects = form.cleaned_data.get('subjects')
user.refresh_from_db()
user.save()
raw_password = form.cleaned_data.get('password1')
user = authenticate(username=user.username, password=raw_password)
login(request, user)
return redirect('home')
else:
form = SignUpForm()
return render(request, 'signup.html', {'form': form})
