cubicweb: pyramid_cubicweb/login.py@ca3412269cd1 (annotated)

11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	1	from pyramid import security
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	2	from pyramid.httpexceptions import HTTPSeeOther
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	3	from pyramid.view import view_config
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	4
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	5	import cubicweb
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	6
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	7	from pyramid_cubicweb.core import render_view
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	8
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	9
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	10	@view_config(route_name='login')
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	11	def login_form(request):
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	12	request.response.text = render_view(request, 'login')
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	13	return request.response
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	14
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	15
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	16	@view_config(route_name='login', request_param=('__login', '__password'))
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	17	def login_password_login(request):
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	18	repo = request.registry['cubicweb.repository']
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	19
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	20	user_eid = None
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	21
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	22	login = request.params['__login']
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	23	password = request.params['__password']
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	24
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	25	try:
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	26	with repo.internal_cnx() as cnx:
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	27	user = repo.authenticate_user(cnx, login, password=password)
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	28	user_eid = user.eid
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	29	except cubicweb.AuthenticationError:
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	30	request.cw_request.set_message(request.cw_request._(
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	31	"Authentication failed. Please check your credentials."))
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	32	request.cw_request.post = dict(request.params)
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	33	del request.cw_request.post['__password']
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	34	return login_form(request)
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	35
11509 ca3412269cd1 Handle '__setauthcookie' Christophe de Vienne <christophe@unlish.com> parents: 11497 diff changeset	36	max_age = None
ca3412269cd1 Handle '__setauthcookie' Christophe de Vienne <christophe@unlish.com> parents: 11497 diff changeset	37	if request.params.get('__setauthcookie') == '1':
ca3412269cd1 Handle '__setauthcookie' Christophe de Vienne <christophe@unlish.com> parents: 11497 diff changeset	38	max_age = '604800'
ca3412269cd1 Handle '__setauthcookie' Christophe de Vienne <christophe@unlish.com> parents: 11497 diff changeset	39	headers = security.remember(request, user_eid, max_age=max_age)
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	40
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	41	new_path = request.params.get('postlogin_path', '/')
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	42
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	43	if new_path == 'login':
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	44	new_path = '/'
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	45
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	46	raise HTTPSeeOther(new_path, headers=headers)
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	47
11494 79ce84750c18 If the postlogin_path is 'login', redirect to '/' instead Christophe de Vienne <christophe@unlish.com> parents: 11493 diff changeset	48
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	49	@view_config(route_name='login', effective_principals=security.Authenticated)
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	50	def login_already_loggedin(request):
855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	51	raise HTTPSeeOther('/')
11493 00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	52
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	53
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	54	def includeme(config):
00e5cb9771c5 Put the login view in a separate module. Christophe de Vienne <christophe@unlish.com> parents: diff changeset	55	config.add_route('login', '/login')
11497 855219da7c70 Use a predicate based view selection for handling /login Christophe de Vienne <christophe@unlish.com> parents: 11494 diff changeset	56	config.scan('pyramid_cubicweb.login')

author	Christophe de Vienne <christophe@unlish.com>
	Thu, 18 Sep 2014 16:51:55 +0200
changeset 11509	ca3412269cd1
parent 11497	855219da7c70
child 11527	aa05b41a5816
permissions	-rw-r--r--