from django.conf import settings from django.contrib.auth import authenticate from django.contrib.auth import forms as auth_forms from django.contrib.auth import login, logout from django.contrib.auth.decorators import login_required from django.shortcuts import redirect, render from django.utils.http import url_has_allowed_host_and_scheme """This enforces the login requirement for non-public pages using the decorator mechanism. https://www.fullstackpython.com/django-contrib-auth-decorators-login-required-examples.html """ class login_required_if_public(object): def __init__(self, f): if settings.PUBLIC_SITE: self.f = login_required(f) else: self.f = f def __call__(self, *args, **kwargs): return self.f(*args, **kwargs) # This is copied from CUYC.cuy.website.view.auth # If we want to do the whole online-email thing, we would also need to copy across the code in these # imported files and delete what is superfluous. # Or we could just load the latest version of django-registration app. # from cuy.club.models import Member, Message # from ..forms import WebsiteLoginForm, WebsiteRegisterForm # from ...common import mail_site_error # from .generic import user_is_active """The login and logout functions. This is also where we would manage registration: for people wanting to create and validate their individual logon accounts/forgottenpassword""" ############################ # Authentication Functions # ############################ def expologout(request): login_form = auth_forms.AuthenticationForm() logout(request) return render(request, "login/logout.html", {"form": login_form}) def expologin(request): # GET if not request.method == "POST": if (not request.user.is_authenticated) or (not request.user.is_active): return render(request, "login/index.html", {}) else: # going to login page when you are already logged in return render(request, "tasks.html", {}) # POST username = request.POST["username"] password = request.POST["password"] user = authenticate(username=username, password=password) if user is None: return render(request, "login/index.html", {"invalid": True, "username": username}) if not user.is_active: return render(request, "login/enable.html", {"login_state": "notenabled"}) try: login(request, user) # Should do the ?next= stuff here.. return redirect_after_login(request) except: return render(request, "errors/generic.html", {}) def redirect_after_login(request): nxt = request.GET.get("next", None) if nxt is None: return redirect(settings.LOGIN_REDIRECT_URL) elif not url_has_allowed_host_and_scheme(url=nxt, allowed_hosts={request.get_host()}, require_https=request.is_secure()): return redirect(settings.LOGIN_REDIRECT_URL) else: return redirect(nxt)