2005-07-13 09:25:57 +08:00
|
|
|
from django.parts.auth.formfields import AuthenticationForm
|
2005-10-15 04:10:13 +08:00
|
|
|
from django.core import formfields
|
2005-09-23 06:26:56 +08:00
|
|
|
from django.core.extensions import DjangoContext, render_to_response
|
2005-08-17 06:54:05 +08:00
|
|
|
from django.models.auth import users
|
2005-07-13 09:25:57 +08:00
|
|
|
from django.models.core import sites
|
|
|
|
from django.utils.httpwrappers import HttpResponse, HttpResponseRedirect
|
|
|
|
|
|
|
|
REDIRECT_FIELD_NAME = 'next'
|
2005-11-26 15:20:07 +08:00
|
|
|
LOGIN_URL = '/accounts/login/'
|
2005-07-13 09:25:57 +08:00
|
|
|
|
|
|
|
def login(request):
|
|
|
|
"Displays the login form and handles the login action."
|
|
|
|
manipulator = AuthenticationForm(request)
|
|
|
|
redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '')
|
|
|
|
if request.POST:
|
|
|
|
errors = manipulator.get_validation_errors(request.POST)
|
|
|
|
if not errors:
|
|
|
|
# Light security check -- make sure redirect_to isn't garbage.
|
|
|
|
if not redirect_to or '://' in redirect_to or ' ' in redirect_to:
|
|
|
|
redirect_to = '/accounts/profile/'
|
2005-08-17 06:54:05 +08:00
|
|
|
request.session[users.SESSION_KEY] = manipulator.get_user_id()
|
2005-09-23 09:28:44 +08:00
|
|
|
request.session.delete_test_cookie()
|
2005-08-17 06:54:05 +08:00
|
|
|
return HttpResponseRedirect(redirect_to)
|
2005-07-13 09:25:57 +08:00
|
|
|
else:
|
|
|
|
errors = {}
|
2005-08-17 07:15:13 +08:00
|
|
|
request.session.set_test_cookie()
|
2005-09-23 06:26:56 +08:00
|
|
|
return render_to_response('registration/login', {
|
2005-07-13 09:25:57 +08:00
|
|
|
'form': formfields.FormWrapper(manipulator, request.POST, errors),
|
|
|
|
REDIRECT_FIELD_NAME: redirect_to,
|
|
|
|
'site_name': sites.get_current().name,
|
2005-09-22 13:18:23 +08:00
|
|
|
}, context_instance=DjangoContext(request))
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2005-08-17 06:54:05 +08:00
|
|
|
def logout(request, next_page=None):
|
2005-08-17 00:57:20 +08:00
|
|
|
"Logs out the user and displays 'You are logged out' message."
|
2005-08-17 06:54:05 +08:00
|
|
|
try:
|
|
|
|
del request.session[users.SESSION_KEY]
|
|
|
|
except KeyError:
|
2005-09-23 06:26:56 +08:00
|
|
|
return render_to_response('registration/logged_out', context_instance=DjangoContext(request))
|
2005-08-17 06:54:05 +08:00
|
|
|
else:
|
2005-09-22 13:18:23 +08:00
|
|
|
# Redirect to this page until the session has been cleared.
|
2005-08-17 06:54:05 +08:00
|
|
|
return HttpResponseRedirect(next_page or request.path)
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2005-11-26 15:20:07 +08:00
|
|
|
def logout_then_login(request, login_url=LOGIN_URL):
|
2005-07-13 09:25:57 +08:00
|
|
|
"Logs out the user if he is logged in. Then redirects to the log-in page."
|
2005-11-26 15:20:07 +08:00
|
|
|
return logout(request, login_url)
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2005-11-26 15:20:07 +08:00
|
|
|
def redirect_to_login(next, login_url=LOGIN_URL):
|
2005-07-13 09:25:57 +08:00
|
|
|
"Redirects the user to the login page, passing the given 'next' page"
|
2005-11-26 15:20:07 +08:00
|
|
|
return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, next))
|