local.py 5.86 KB
Newer Older
Antony Chazapis's avatar
Antony Chazapis committed
1
# Copyright 2011-2012 GRNET S.A. All rights reserved.
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#
# Redistribution and use in source and binary forms, with or
# without modification, are permitted provided that the following
# conditions are met:
#
#   1. Redistributions of source code must retain the above
#      copyright notice, this list of conditions and the following
#      disclaimer.
#
#   2. Redistributions in binary form must reproduce the above
#      copyright notice, this list of conditions and the following
#      disclaimer in the documentation and/or other materials
#      provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# The views and conclusions contained in the software and
# documentation are those of the authors and should not be
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.

34
from django.http import HttpResponseBadRequest, HttpResponseRedirect
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
35
36
37
from django.shortcuts import render_to_response
from django.template import RequestContext
from django.contrib.auth import authenticate
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
38
from django.contrib import messages
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
39
from django.utils.translation import ugettext as _
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
40
from django.views.decorators.csrf import csrf_exempt
41
from django.views.decorators.http import require_http_methods
42
from django.core.urlresolvers import reverse
43
from django.contrib.auth.decorators import login_required
44

45
from astakos.im.util import prepare_response, get_query
46
from astakos.im.views import requires_anonymous, signed_terms_required
47
from astakos.im.models import AstakosUser, PendingThirdPartyUser
48
from astakos.im.forms import LoginForm, ExtendedPasswordChangeForm
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
49
from astakos.im.settings import RATELIMIT_RETRIES_ALLOWED
50
from astakos.im.settings import ENABLE_LOCAL_ACCOUNT_MIGRATION
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
51
52
53
54
55

from ratelimit.decorators import ratelimit

retries = RATELIMIT_RETRIES_ALLOWED-1
rate = str(retries)+'/m'
56

57
@require_http_methods(["GET", "POST"])
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
58
@csrf_exempt
59
@requires_anonymous
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
60
@ratelimit(field='username', method='POST', rate=rate)
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
61
def login(request, on_failure='im/login.html'):
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
62
    """
63
    on_failure: the template name to render on login failure
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
64
    """
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
65
66
    was_limited = getattr(request, 'limited', False)
    form = LoginForm(data=request.POST, was_limited=was_limited, request=request)
67
    next = get_query(request).get('next', '')
68
69
    username = get_query(request).get('key')
    
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
70
    if not form.is_valid():
71
72
73
74
75
76
77
        return render_to_response(
            on_failure,
            {'login_form':form,
             'next':next,
             'key':username},
            context_instance=RequestContext(request)
        )
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
78
79
    # get the user from the cash
    user = form.user_cache
80
    
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
81
    message = None
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
82
83
84
    if not user:
        message = _('Cannot authenticate account')
    elif not user.is_active:
85
        if not user.activation_sent:
86
87
            message = _('Your request is pending activation')
        else:
88
89
            url = reverse('send_activation', kwargs={'user_id':user.id})
            message = _('You have not followed the activation link. \
90
            <a href="%s">Resend activation email?</a>' % url)
91
92
93
94
95
    elif user.provider not in ('local', ''):
        message = _(
            'Local login is not the current authentication method for this account.'
        )
    
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
96
    if message:
97
        messages.error(request, message)
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
98
        return render_to_response(on_failure,
99
                                  {'login_form':form},
Sofia Papagiannaki's avatar
Sofia Papagiannaki committed
100
                                  context_instance=RequestContext(request))
101
    
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
    # hook for switching account to use third party authentication
    if ENABLE_LOCAL_ACCOUNT_MIGRATION and username:
        try:
            new = PendingThirdPartyUser.objects.get(
                username=username)
        except:
            messages.error(
                request,
                _('Account failed to switch to %(provider)s' % locals())
            )
            return render_to_response(
                on_failure,
                {'login_form':form,
                 'next':next},
                context_instance=RequestContext(request)
            )
        else:
            user.provider = new.provider
            user.third_party_identifier = new.third_party_identifier
            user.save()
            new.delete()
            messages.success(
                request,
                _('Account successfully switched to %(provider)s' % user.__dict__)
            )
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
    return prepare_response(request, user, next)

@require_http_methods(["GET", "POST"])
@signed_terms_required
@login_required
def password_change(request, template_name='registration/password_change_form.html',
                    post_change_redirect=None, password_change_form=ExtendedPasswordChangeForm):
    if post_change_redirect is None:
        post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
    if request.method == "POST":
        form = password_change_form(
            user=request.user,
            data=request.POST,
            session_key=request.session.session_key
        )
        if form.is_valid():
            form.save()
            return HttpResponseRedirect(post_change_redirect)
    else:
        form = password_change_form(user=request.user)
    return render_to_response(template_name, {
        'form': form,
    }, context_instance=RequestContext(request))