webapp/django/contrib/auth/views.py - gerrit-attic - Git at Google

 from django.conf import settings
 from django.contrib.auth import REDIRECT_FIELD_NAME
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.forms import AuthenticationForm
 from django.contrib.auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm
 from django.contrib.auth.tokens import default_token_generator
 from django.core.urlresolvers import reverse
 from django.shortcuts import render_to_response, get_object_or_404
 from django.contrib.sites.models import Site, RequestSite
 from django.http import HttpResponseRedirect, Http404
 from django.template import RequestContext
 from django.utils.http import urlquote, base36_to_int
 from django.utils.translation import ugettext as _
 from django.contrib.auth.models import User
 from django.views.decorators.cache import never_cache

 def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
     "Displays the login form and handles the login action."
     redirect_to = request.REQUEST.get(redirect_field_name, '')
     if request.method == "POST":
         form = AuthenticationForm(data=request.POST)
         if form.is_valid():
             # Light security check -- make sure redirect_to isn't garbage.
             if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
                 redirect_to = settings.LOGIN_REDIRECT_URL
             from django.contrib.auth import login
             login(request, form.get_user())
             if request.session.test_cookie_worked():
                 request.session.delete_test_cookie()
             return HttpResponseRedirect(redirect_to)
     else:
         form = AuthenticationForm(request)
     request.session.set_test_cookie()
     if Site._meta.installed:
         current_site = Site.objects.get_current()
     else:
         current_site = RequestSite(request)
     return render_to_response(template_name, {
         'form': form,
         redirect_field_name: redirect_to,
         'site_name': current_site.name,
     }, context_instance=RequestContext(request))
 login = never_cache(login)

 def logout(request, next_page=None, template_name='registration/logged_out.html'):
     "Logs out the user and displays 'You are logged out' message."
     from django.contrib.auth import logout
     logout(request)
     if next_page is None:
         return render_to_response(template_name, {'title': _('Logged out')}, context_instance=RequestContext(request))
     else:
         # Redirect to this page until the session has been cleared.
         return HttpResponseRedirect(next_page or request.path)

 def logout_then_login(request, login_url=None):
     "Logs out the user if he is logged in. Then redirects to the log-in page."
     if not login_url:
         login_url = settings.LOGIN_URL
     return logout(request, login_url)

 def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
     "Redirects the user to the login page, passing the given 'next' page"
     if not login_url:
         login_url = settings.LOGIN_URL
     return HttpResponseRedirect('%s?%s=%s' % (login_url, urlquote(redirect_field_name), urlquote(next)))

 # 4 views for password reset:
 # - password_reset sends the mail
 # - password_reset_done shows a success message for the above
 # - password_reset_confirm checks the link the user clicked and
 #   prompts for a new password
 # - password_reset_complete shows a success message for the above

 def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html',
         email_template_name='registration/password_reset_email.html',
         password_reset_form=PasswordResetForm, token_generator=default_token_generator,
         post_reset_redirect=None):
     if post_reset_redirect is None:
         post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done')
     if request.method == "POST":
         form = password_reset_form(request.POST)
         if form.is_valid():
             opts = {}
             opts['use_https'] = request.is_secure()
             opts['token_generator'] = token_generator
             if is_admin_site:
                 opts['domain_override'] = request.META['HTTP_HOST']
             else:
                 opts['email_template_name'] = email_template_name
                 if not Site._meta.installed:
                     opts['domain_override'] = RequestSite(request).domain
             form.save(**opts)
             return HttpResponseRedirect(post_reset_redirect)
     else:
         form = password_reset_form()
     return render_to_response(template_name, {
         'form': form,
     }, context_instance=RequestContext(request))

 def password_reset_done(request, template_name='registration/password_reset_done.html'):
     return render_to_response(template_name, context_instance=RequestContext(request))

 def password_reset_confirm(request, uidb36=None, token=None, template_name='registration/password_reset_confirm.html',
                            token_generator=default_token_generator, set_password_form=SetPasswordForm,
                            post_reset_redirect=None):
     """
     View that checks the hash in a password reset link and presents a
     form for entering a new password.
     """
     assert uidb36 is not None and token is not None # checked by URLconf
     if post_reset_redirect is None:
         post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
     try:
         uid_int = base36_to_int(uidb36)
     except ValueError:
         raise Http404

     user = get_object_or_404(User, id=uid_int)
     context_instance = RequestContext(request)

     if token_generator.check_token(user, token):
         context_instance['validlink'] = True
         if request.method == 'POST':
             form = set_password_form(user, request.POST)
             if form.is_valid():
                 form.save()
                 return HttpResponseRedirect(post_reset_redirect)
         else:
             form = set_password_form(None)
     else:
         context_instance['validlink'] = False
         form = None
     context_instance['form'] = form
     return render_to_response(template_name, context_instance=context_instance)

 def password_reset_complete(request, template_name='registration/password_reset_complete.html'):
     return render_to_response(template_name, context_instance=RequestContext(request,
                                                                              {'login_url': settings.LOGIN_URL}))

 def password_change(request, template_name='registration/password_change_form.html',
                     post_change_redirect=None):
     if post_change_redirect is None:
         post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
     if request.method == "POST":
         form = PasswordChangeForm(request.user, request.POST)
         if form.is_valid():
             form.save()
             return HttpResponseRedirect(post_change_redirect)
     else:
         form = PasswordChangeForm(request.user)
     return render_to_response(template_name, {
         'form': form,
     }, context_instance=RequestContext(request))
 password_change = login_required(password_change)

 def password_change_done(request, template_name='registration/password_change_done.html'):
     return render_to_response(template_name, context_instance=RequestContext(request))
	from django.conf import settings
	from django.contrib.auth import REDIRECT_FIELD_NAME
	from django.contrib.auth.decorators import login_required
	from django.contrib.auth.forms import AuthenticationForm
	from django.contrib.auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm
	from django.contrib.auth.tokens import default_token_generator
	from django.core.urlresolvers import reverse
	from django.shortcuts import render_to_response, get_object_or_404
	from django.contrib.sites.models import Site, RequestSite
	from django.http import HttpResponseRedirect, Http404
	from django.template import RequestContext
	from django.utils.http import urlquote, base36_to_int
	from django.utils.translation import ugettext as _
	from django.contrib.auth.models import User
	from django.views.decorators.cache import never_cache

	def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
	"Displays the login form and handles the login action."
	redirect_to = request.REQUEST.get(redirect_field_name, '')
	if request.method == "POST":
	form = AuthenticationForm(data=request.POST)
	if form.is_valid():
	# Light security check -- make sure redirect_to isn't garbage.
	if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
	redirect_to = settings.LOGIN_REDIRECT_URL
	from django.contrib.auth import login
	login(request, form.get_user())
	if request.session.test_cookie_worked():
	request.session.delete_test_cookie()
	return HttpResponseRedirect(redirect_to)
	else:
	form = AuthenticationForm(request)
	request.session.set_test_cookie()
	if Site._meta.installed:
	current_site = Site.objects.get_current()
	else:
	current_site = RequestSite(request)
	return render_to_response(template_name, {
	'form': form,
	redirect_field_name: redirect_to,
	'site_name': current_site.name,
	}, context_instance=RequestContext(request))
	login = never_cache(login)

	def logout(request, next_page=None, template_name='registration/logged_out.html'):
	"Logs out the user and displays 'You are logged out' message."
	from django.contrib.auth import logout
	logout(request)
	if next_page is None:
	return render_to_response(template_name, {'title': _('Logged out')}, context_instance=RequestContext(request))
	else:
	# Redirect to this page until the session has been cleared.
	return HttpResponseRedirect(next_page or request.path)

	def logout_then_login(request, login_url=None):
	"Logs out the user if he is logged in. Then redirects to the log-in page."
	if not login_url:
	login_url = settings.LOGIN_URL
	return logout(request, login_url)

	def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
	"Redirects the user to the login page, passing the given 'next' page"
	if not login_url:
	login_url = settings.LOGIN_URL
	return HttpResponseRedirect('%s?%s=%s' % (login_url, urlquote(redirect_field_name), urlquote(next)))

	# 4 views for password reset:
	# - password_reset sends the mail
	# - password_reset_done shows a success message for the above
	# - password_reset_confirm checks the link the user clicked and
	# prompts for a new password
	# - password_reset_complete shows a success message for the above

	def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html',
	email_template_name='registration/password_reset_email.html',
	password_reset_form=PasswordResetForm, token_generator=default_token_generator,
	post_reset_redirect=None):
	if post_reset_redirect is None:
	post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done')
	if request.method == "POST":
	form = password_reset_form(request.POST)
	if form.is_valid():
	opts = {}
	opts['use_https'] = request.is_secure()
	opts['token_generator'] = token_generator
	if is_admin_site:
	opts['domain_override'] = request.META['HTTP_HOST']
	else:
	opts['email_template_name'] = email_template_name
	if not Site._meta.installed:
	opts['domain_override'] = RequestSite(request).domain
	form.save(**opts)
	return HttpResponseRedirect(post_reset_redirect)
	else:
	form = password_reset_form()
	return render_to_response(template_name, {
	'form': form,
	}, context_instance=RequestContext(request))

	def password_reset_done(request, template_name='registration/password_reset_done.html'):
	return render_to_response(template_name, context_instance=RequestContext(request))

	def password_reset_confirm(request, uidb36=None, token=None, template_name='registration/password_reset_confirm.html',
	token_generator=default_token_generator, set_password_form=SetPasswordForm,
	post_reset_redirect=None):
	"""
	View that checks the hash in a password reset link and presents a
	form for entering a new password.
	"""
	assert uidb36 is not None and token is not None # checked by URLconf
	if post_reset_redirect is None:
	post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
	try:
	uid_int = base36_to_int(uidb36)
	except ValueError:
	raise Http404

	user = get_object_or_404(User, id=uid_int)
	context_instance = RequestContext(request)

	if token_generator.check_token(user, token):
	context_instance['validlink'] = True
	if request.method == 'POST':
	form = set_password_form(user, request.POST)
	if form.is_valid():
	form.save()
	return HttpResponseRedirect(post_reset_redirect)
	else:
	form = set_password_form(None)
	else:
	context_instance['validlink'] = False
	form = None
	context_instance['form'] = form
	return render_to_response(template_name, context_instance=context_instance)

	def password_reset_complete(request, template_name='registration/password_reset_complete.html'):
	return render_to_response(template_name, context_instance=RequestContext(request,
	{'login_url': settings.LOGIN_URL}))

	def password_change(request, template_name='registration/password_change_form.html',
	post_change_redirect=None):
	if post_change_redirect is None:
	post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
	if request.method == "POST":
	form = PasswordChangeForm(request.user, request.POST)
	if form.is_valid():
	form.save()
	return HttpResponseRedirect(post_change_redirect)
	else:
	form = PasswordChangeForm(request.user)
	return render_to_response(template_name, {
	'form': form,
	}, context_instance=RequestContext(request))
	password_change = login_required(password_change)

	def password_change_done(request, template_name='registration/password_change_done.html'):
	return render_to_response(template_name, context_instance=RequestContext(request))