|
1 from django.conf import settings |
|
2 from django.contrib.auth import REDIRECT_FIELD_NAME |
|
3 from django.contrib.auth.decorators import login_required |
|
4 from django.contrib.auth.forms import AuthenticationForm |
|
5 from django.contrib.auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm |
|
6 from django.contrib.auth.tokens import default_token_generator |
|
7 from django.core.urlresolvers import reverse |
|
8 from django.shortcuts import render_to_response, get_object_or_404 |
|
9 from django.contrib.sites.models import Site, RequestSite |
|
10 from django.http import HttpResponseRedirect, Http404 |
|
11 from django.template import RequestContext |
|
12 from django.utils.http import urlquote, base36_to_int |
|
13 from django.utils.translation import ugettext as _ |
|
14 from django.contrib.auth.models import User |
|
15 from django.views.decorators.cache import never_cache |
|
16 |
|
17 def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME): |
|
18 "Displays the login form and handles the login action." |
|
19 redirect_to = request.REQUEST.get(redirect_field_name, '') |
|
20 if request.method == "POST": |
|
21 form = AuthenticationForm(data=request.POST) |
|
22 if form.is_valid(): |
|
23 # Light security check -- make sure redirect_to isn't garbage. |
|
24 if not redirect_to or '//' in redirect_to or ' ' in redirect_to: |
|
25 redirect_to = settings.LOGIN_REDIRECT_URL |
|
26 from django.contrib.auth import login |
|
27 login(request, form.get_user()) |
|
28 if request.session.test_cookie_worked(): |
|
29 request.session.delete_test_cookie() |
|
30 return HttpResponseRedirect(redirect_to) |
|
31 else: |
|
32 form = AuthenticationForm(request) |
|
33 request.session.set_test_cookie() |
|
34 if Site._meta.installed: |
|
35 current_site = Site.objects.get_current() |
|
36 else: |
|
37 current_site = RequestSite(request) |
|
38 return render_to_response(template_name, { |
|
39 'form': form, |
|
40 redirect_field_name: redirect_to, |
|
41 'site': current_site, |
|
42 'site_name': current_site.name, |
|
43 }, context_instance=RequestContext(request)) |
|
44 login = never_cache(login) |
|
45 |
|
46 def logout(request, next_page=None, template_name='registration/logged_out.html', redirect_field_name=REDIRECT_FIELD_NAME): |
|
47 "Logs out the user and displays 'You are logged out' message." |
|
48 from django.contrib.auth import logout |
|
49 logout(request) |
|
50 if next_page is None: |
|
51 redirect_to = request.REQUEST.get(redirect_field_name, '') |
|
52 if redirect_to: |
|
53 return HttpResponseRedirect(redirect_to) |
|
54 else: |
|
55 return render_to_response(template_name, { |
|
56 'title': _('Logged out') |
|
57 }, context_instance=RequestContext(request)) |
|
58 else: |
|
59 # Redirect to this page until the session has been cleared. |
|
60 return HttpResponseRedirect(next_page or request.path) |
|
61 |
|
62 def logout_then_login(request, login_url=None): |
|
63 "Logs out the user if he is logged in. Then redirects to the log-in page." |
|
64 if not login_url: |
|
65 login_url = settings.LOGIN_URL |
|
66 return logout(request, login_url) |
|
67 |
|
68 def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): |
|
69 "Redirects the user to the login page, passing the given 'next' page" |
|
70 if not login_url: |
|
71 login_url = settings.LOGIN_URL |
|
72 return HttpResponseRedirect('%s?%s=%s' % (login_url, urlquote(redirect_field_name), urlquote(next))) |
|
73 |
|
74 # 4 views for password reset: |
|
75 # - password_reset sends the mail |
|
76 # - password_reset_done shows a success message for the above |
|
77 # - password_reset_confirm checks the link the user clicked and |
|
78 # prompts for a new password |
|
79 # - password_reset_complete shows a success message for the above |
|
80 |
|
81 def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html', |
|
82 email_template_name='registration/password_reset_email.html', |
|
83 password_reset_form=PasswordResetForm, token_generator=default_token_generator, |
|
84 post_reset_redirect=None): |
|
85 if post_reset_redirect is None: |
|
86 post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done') |
|
87 if request.method == "POST": |
|
88 form = password_reset_form(request.POST) |
|
89 if form.is_valid(): |
|
90 opts = {} |
|
91 opts['use_https'] = request.is_secure() |
|
92 opts['token_generator'] = token_generator |
|
93 if is_admin_site: |
|
94 opts['domain_override'] = request.META['HTTP_HOST'] |
|
95 else: |
|
96 opts['email_template_name'] = email_template_name |
|
97 if not Site._meta.installed: |
|
98 opts['domain_override'] = RequestSite(request).domain |
|
99 form.save(**opts) |
|
100 return HttpResponseRedirect(post_reset_redirect) |
|
101 else: |
|
102 form = password_reset_form() |
|
103 return render_to_response(template_name, { |
|
104 'form': form, |
|
105 }, context_instance=RequestContext(request)) |
|
106 |
|
107 def password_reset_done(request, template_name='registration/password_reset_done.html'): |
|
108 return render_to_response(template_name, context_instance=RequestContext(request)) |
|
109 |
|
110 def password_reset_confirm(request, uidb36=None, token=None, template_name='registration/password_reset_confirm.html', |
|
111 token_generator=default_token_generator, set_password_form=SetPasswordForm, |
|
112 post_reset_redirect=None): |
|
113 """ |
|
114 View that checks the hash in a password reset link and presents a |
|
115 form for entering a new password. |
|
116 """ |
|
117 assert uidb36 is not None and token is not None # checked by URLconf |
|
118 if post_reset_redirect is None: |
|
119 post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete') |
|
120 try: |
|
121 uid_int = base36_to_int(uidb36) |
|
122 except ValueError: |
|
123 raise Http404 |
|
124 |
|
125 user = get_object_or_404(User, id=uid_int) |
|
126 context_instance = RequestContext(request) |
|
127 |
|
128 if token_generator.check_token(user, token): |
|
129 context_instance['validlink'] = True |
|
130 if request.method == 'POST': |
|
131 form = set_password_form(user, request.POST) |
|
132 if form.is_valid(): |
|
133 form.save() |
|
134 return HttpResponseRedirect(post_reset_redirect) |
|
135 else: |
|
136 form = set_password_form(None) |
|
137 else: |
|
138 context_instance['validlink'] = False |
|
139 form = None |
|
140 context_instance['form'] = form |
|
141 return render_to_response(template_name, context_instance=context_instance) |
|
142 |
|
143 def password_reset_complete(request, template_name='registration/password_reset_complete.html'): |
|
144 return render_to_response(template_name, context_instance=RequestContext(request, |
|
145 {'login_url': settings.LOGIN_URL})) |
|
146 |
|
147 def password_change(request, template_name='registration/password_change_form.html', |
|
148 post_change_redirect=None): |
|
149 if post_change_redirect is None: |
|
150 post_change_redirect = reverse('django.contrib.auth.views.password_change_done') |
|
151 if request.method == "POST": |
|
152 form = PasswordChangeForm(request.user, request.POST) |
|
153 if form.is_valid(): |
|
154 form.save() |
|
155 return HttpResponseRedirect(post_change_redirect) |
|
156 else: |
|
157 form = PasswordChangeForm(request.user) |
|
158 return render_to_response(template_name, { |
|
159 'form': form, |
|
160 }, context_instance=RequestContext(request)) |
|
161 password_change = login_required(password_change) |
|
162 |
|
163 def password_change_done(request, template_name='registration/password_change_done.html'): |
|
164 return render_to_response(template_name, context_instance=RequestContext(request)) |