You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
157 lines
7.2 KiB
157 lines
7.2 KiB
from django.conf import settings |
|
from django.contrib.auth import REDIRECT_FIELD_NAME |
|
from django.contrib.auth.decorators import login_required |
|
from django.contrib.auth.forms import AuthenticationForm |
|
from django.contrib.auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm |
|
from django.contrib.auth.tokens import default_token_generator |
|
from django.core.urlresolvers import reverse |
|
from django.shortcuts import render_to_response, get_object_or_404 |
|
from django.contrib.sites.models import Site, RequestSite |
|
from django.http import HttpResponseRedirect, Http404 |
|
from django.template import RequestContext |
|
from django.utils.http import urlquote, base36_to_int |
|
from django.utils.translation import ugettext as _ |
|
from django.contrib.auth.models import User |
|
from django.views.decorators.cache import never_cache |
|
|
|
def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME): |
|
"Displays the login form and handles the login action." |
|
redirect_to = request.REQUEST.get(redirect_field_name, '') |
|
if request.method == "POST": |
|
form = AuthenticationForm(data=request.POST) |
|
if form.is_valid(): |
|
# Light security check -- make sure redirect_to isn't garbage. |
|
if not redirect_to or '//' in redirect_to or ' ' in redirect_to: |
|
redirect_to = settings.LOGIN_REDIRECT_URL |
|
from django.contrib.auth import login |
|
login(request, form.get_user()) |
|
if request.session.test_cookie_worked(): |
|
request.session.delete_test_cookie() |
|
return HttpResponseRedirect(redirect_to) |
|
else: |
|
form = AuthenticationForm(request) |
|
request.session.set_test_cookie() |
|
if Site._meta.installed: |
|
current_site = Site.objects.get_current() |
|
else: |
|
current_site = RequestSite(request) |
|
return render_to_response(template_name, { |
|
'form': form, |
|
redirect_field_name: redirect_to, |
|
'site_name': current_site.name, |
|
}, context_instance=RequestContext(request)) |
|
login = never_cache(login) |
|
|
|
def logout(request, next_page=None, template_name='registration/logged_out.html'): |
|
"Logs out the user and displays 'You are logged out' message." |
|
from django.contrib.auth import logout |
|
logout(request) |
|
if next_page is None: |
|
return render_to_response(template_name, {'title': _('Logged out')}, context_instance=RequestContext(request)) |
|
else: |
|
# Redirect to this page until the session has been cleared. |
|
return HttpResponseRedirect(next_page or request.path) |
|
|
|
def logout_then_login(request, login_url=None): |
|
"Logs out the user if he is logged in. Then redirects to the log-in page." |
|
if not login_url: |
|
login_url = settings.LOGIN_URL |
|
return logout(request, login_url) |
|
|
|
def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): |
|
"Redirects the user to the login page, passing the given 'next' page" |
|
if not login_url: |
|
login_url = settings.LOGIN_URL |
|
return HttpResponseRedirect('%s?%s=%s' % (login_url, urlquote(redirect_field_name), urlquote(next))) |
|
|
|
# 4 views for password reset: |
|
# - password_reset sends the mail |
|
# - password_reset_done shows a success message for the above |
|
# - password_reset_confirm checks the link the user clicked and |
|
# prompts for a new password |
|
# - password_reset_complete shows a success message for the above |
|
|
|
def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html', |
|
email_template_name='registration/password_reset_email.html', |
|
password_reset_form=PasswordResetForm, token_generator=default_token_generator, |
|
post_reset_redirect=None): |
|
if post_reset_redirect is None: |
|
post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done') |
|
if request.method == "POST": |
|
form = password_reset_form(request.POST) |
|
if form.is_valid(): |
|
opts = {} |
|
opts['use_https'] = request.is_secure() |
|
opts['token_generator'] = token_generator |
|
if is_admin_site: |
|
opts['domain_override'] = request.META['HTTP_HOST'] |
|
else: |
|
opts['email_template_name'] = email_template_name |
|
if not Site._meta.installed: |
|
opts['domain_override'] = RequestSite(request).domain |
|
form.save(**opts) |
|
return HttpResponseRedirect(post_reset_redirect) |
|
else: |
|
form = password_reset_form() |
|
return render_to_response(template_name, { |
|
'form': form, |
|
}, context_instance=RequestContext(request)) |
|
|
|
def password_reset_done(request, template_name='registration/password_reset_done.html'): |
|
return render_to_response(template_name, context_instance=RequestContext(request)) |
|
|
|
def password_reset_confirm(request, uidb36=None, token=None, template_name='registration/password_reset_confirm.html', |
|
token_generator=default_token_generator, set_password_form=SetPasswordForm, |
|
post_reset_redirect=None): |
|
""" |
|
View that checks the hash in a password reset link and presents a |
|
form for entering a new password. |
|
""" |
|
assert uidb36 is not None and token is not None # checked by URLconf |
|
if post_reset_redirect is None: |
|
post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete') |
|
try: |
|
uid_int = base36_to_int(uidb36) |
|
except ValueError: |
|
raise Http404 |
|
|
|
user = get_object_or_404(User, id=uid_int) |
|
context_instance = RequestContext(request) |
|
|
|
if token_generator.check_token(user, token): |
|
context_instance['validlink'] = True |
|
if request.method == 'POST': |
|
form = set_password_form(user, request.POST) |
|
if form.is_valid(): |
|
form.save() |
|
return HttpResponseRedirect(post_reset_redirect) |
|
else: |
|
form = set_password_form(None) |
|
else: |
|
context_instance['validlink'] = False |
|
form = None |
|
context_instance['form'] = form |
|
return render_to_response(template_name, context_instance=context_instance) |
|
|
|
def password_reset_complete(request, template_name='registration/password_reset_complete.html'): |
|
return render_to_response(template_name, context_instance=RequestContext(request, |
|
{'login_url': settings.LOGIN_URL})) |
|
|
|
def password_change(request, template_name='registration/password_change_form.html', |
|
post_change_redirect=None): |
|
if post_change_redirect is None: |
|
post_change_redirect = reverse('django.contrib.auth.views.password_change_done') |
|
if request.method == "POST": |
|
form = PasswordChangeForm(request.user, request.POST) |
|
if form.is_valid(): |
|
form.save() |
|
return HttpResponseRedirect(post_change_redirect) |
|
else: |
|
form = PasswordChangeForm(request.user) |
|
return render_to_response(template_name, { |
|
'form': form, |
|
}, context_instance=RequestContext(request)) |
|
password_change = login_required(password_change) |
|
|
|
def password_change_done(request, template_name='registration/password_change_done.html'): |
|
return render_to_response(template_name, context_instance=RequestContext(request))
|
|
|