--- a/src/hdalab/views/profile.py	Thu Jul 24 16:25:52 2014 +0200
+++ b/src/hdalab/views/profile.py	Tue Aug 19 18:29:35 2014 +0200
@@ -4,11 +4,24 @@
 
 @author: tc
 '''
+
+
 from datetime import datetime
+from django.conf import settings
+from django.contrib.auth import REDIRECT_FIELD_NAME, login as auth_login
+from django.contrib.auth.forms import AuthenticationForm
+from django.contrib.sites.models import get_current_site
+from django.core.urlresolvers import reverse
 from django.db.models import Q
 from django.http import HttpResponse
+from django.http import HttpResponseRedirect
 from django.shortcuts import get_object_or_404, redirect
-from django.views.decorators.csrf import csrf_exempt
+from django.shortcuts import resolve_url
+from django.template.response import TemplateResponse
+from django.utils.http import is_safe_url
+from django.views.decorators.cache import never_cache
+from django.views.decorators.csrf import csrf_exempt, csrf_protect
+from django.views.decorators.debug import sensitive_post_parameters
 from django.views.generic import TemplateView, View
 from hdabo.models import Tag
 from hdalab.models.renkan import HdalabRenkan
@@ -20,8 +33,8 @@
 import uuid
 
 
+
 import logging
-from django.core.urlresolvers import reverse
 logger = logging.getLogger(__name__)
 
 
@@ -80,6 +93,9 @@
             if rk.owner!=self.request.user:
                 raise Exception("You are not allowed to edit this renkan")
         
+        form = AuthenticationForm(self.request)
+        context["form"] = form
+        
         return context
 
 
@@ -252,4 +268,47 @@
         if "next" in request.GET:
             return redirect(request.GET["next"])
         return redirect(reverse('profile_home'))
+
+
+
+# Function copied from django.contrib.auth.views to simplify ajax login
+@sensitive_post_parameters()
+@csrf_protect
+@never_cache
+def ajax_login(request, template_name='ajax_identification/ajax_login.html',
+          redirect_field_name=REDIRECT_FIELD_NAME,
+          authentication_form=AuthenticationForm,
+          current_app=None, extra_context=None):
+    """
+    Displays the login form and handles the login action.
+    """
+    redirect_to = request.REQUEST.get(redirect_field_name, '')
+
+    if request.method == "POST":
+        form = authentication_form(request, data=request.POST)
+        if form.is_valid():
+
+            # Ensure the user-originating redirection url is safe.
+            if not is_safe_url(url=redirect_to, host=request.get_host()):
+                redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
+
+            # Okay, security check complete. Log the user in.
+            auth_login(request, form.get_user())
+
+            return HttpResponseRedirect(redirect_to)
+    else:
+        form = authentication_form(request)
+
+    current_site = get_current_site(request)
+
+    context = {
+        'form': form,
+        redirect_field_name: redirect_to,
+        'site': current_site,
+        'site_name': current_site.name,
+    }
+    if extra_context is not None:
+        context.update(extra_context)
+    return TemplateResponse(request, template_name, context,
+                            current_app=current_app)
     
\ No newline at end of file