views.py

Revision 10332, 7.4 kB (checked in by jacob, 3 months ago)
Fixed #10460: the logout view can now redirect like the rest of the auth views. Thanks, chronos and steingrd.
Property svn:eol-style set to `native` Property svn:keywords set to `LastChangedRevision`

Line
1	from django.conf import settings
2	from django.contrib.auth import REDIRECT_FIELD_NAME
3	from django.contrib.auth.decorators import login_required
4	from django.contrib.auth.forms import AuthenticationForm
5	from django.contrib.auth.forms import PasswordResetForm, SetPasswordForm, PasswordChangeForm
6	from django.contrib.auth.tokens import default_token_generator
7	from django.core.urlresolvers import reverse
8	from django.shortcuts import render_to_response, get_object_or_404
9	from django.contrib.sites.models import Site, RequestSite
10	from django.http import HttpResponseRedirect, Http404
11	from django.template import RequestContext
12	from django.utils.http import urlquote, base36_to_int
13	from django.utils.translation import ugettext as _
14	from django.contrib.auth.models import User
15	from django.views.decorators.cache import never_cache
16
17	def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
18	"Displays the login form and handles the login action."
19	redirect_to = request.REQUEST.get(redirect_field_name, '')
20	if request.method == "POST":
21	form = AuthenticationForm(data=request.POST)
22	if form.is_valid():
23	# Light security check -- make sure redirect_to isn't garbage.
24	if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
25	redirect_to = settings.LOGIN_REDIRECT_URL
26	from django.contrib.auth import login
27	login(request, form.get_user())
28	if request.session.test_cookie_worked():
29	request.session.delete_test_cookie()
30	return HttpResponseRedirect(redirect_to)
31	else:
32	form = AuthenticationForm(request)
33	request.session.set_test_cookie()
34	if Site._meta.installed:
35	current_site = Site.objects.get_current()
36	else:
37	current_site = RequestSite(request)
38	return render_to_response(template_name, {
39	'form': form,
40	redirect_field_name: redirect_to,
41	'site': current_site,
42	'site_name': current_site.name,
43	}, context_instance=RequestContext(request))
44	login = never_cache(login)
45
46	def logout(request, next_page=None, template_name='registration/logged_out.html', redirect_field_name=REDIRECT_FIELD_NAME):
47	"Logs out the user and displays 'You are logged out' message."
48	from django.contrib.auth import logout
49	logout(request)
50	if next_page is None:
51	redirect_to = request.REQUEST.get(redirect_field_name, '')
52	if redirect_to:
53	return HttpResponseRedirect(redirect_to)
54	else:
55	return render_to_response(template_name, {
56	'title': _('Logged out')
57	}, context_instance=RequestContext(request))
58	else:
59	# Redirect to this page until the session has been cleared.
60	return HttpResponseRedirect(next_page or request.path)
61
62	def logout_then_login(request, login_url=None):
63	"Logs out the user if he is logged in. Then redirects to the log-in page."
64	if not login_url:
65	login_url = settings.LOGIN_URL
66	return logout(request, login_url)
67
68	def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
69	"Redirects the user to the login page, passing the given 'next' page"
70	if not login_url:
71	login_url = settings.LOGIN_URL
72	return HttpResponseRedirect('%s?%s=%s' % (login_url, urlquote(redirect_field_name), urlquote(next)))
73
74	# 4 views for password reset:
75	# - password_reset sends the mail
76	# - password_reset_done shows a success message for the above
77	# - password_reset_confirm checks the link the user clicked and
78	# prompts for a new password
79	# - password_reset_complete shows a success message for the above
80
81	def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html',
82	email_template_name='registration/password_reset_email.html',
83	password_reset_form=PasswordResetForm, token_generator=default_token_generator,
84	post_reset_redirect=None):
85	if post_reset_redirect is None:
86	post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done')
87	if request.method == "POST":
88	form = password_reset_form(request.POST)
89	if form.is_valid():
90	opts = {}
91	opts['use_https'] = request.is_secure()
92	opts['token_generator'] = token_generator
93	if is_admin_site:
94	opts['domain_override'] = request.META['HTTP_HOST']
95	else:
96	opts['email_template_name'] = email_template_name
97	if not Site._meta.installed:
98	opts['domain_override'] = RequestSite(request).domain
99	form.save(**opts)
100	return HttpResponseRedirect(post_reset_redirect)
101	else:
102	form = password_reset_form()
103	return render_to_response(template_name, {
104	'form': form,
105	}, context_instance=RequestContext(request))
106
107	def password_reset_done(request, template_name='registration/password_reset_done.html'):
108	return render_to_response(template_name, context_instance=RequestContext(request))
109
110	def password_reset_confirm(request, uidb36=None, token=None, template_name='registration/password_reset_confirm.html',
111	token_generator=default_token_generator, set_password_form=SetPasswordForm,
112	post_reset_redirect=None):
113	"""
114	View that checks the hash in a password reset link and presents a
115	form for entering a new password.
116	"""
117	assert uidb36 is not None and token is not None # checked by URLconf
118	if post_reset_redirect is None:
119	post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
120	try:
121	uid_int = base36_to_int(uidb36)
122	except ValueError:
123	raise Http404
124
125	user = get_object_or_404(User, id=uid_int)
126	context_instance = RequestContext(request)
127
128	if token_generator.check_token(user, token):
129	context_instance['validlink'] = True
130	if request.method == 'POST':
131	form = set_password_form(user, request.POST)
132	if form.is_valid():
133	form.save()
134	return HttpResponseRedirect(post_reset_redirect)
135	else:
136	form = set_password_form(None)
137	else:
138	context_instance['validlink'] = False
139	form = None
140	context_instance['form'] = form
141	return render_to_response(template_name, context_instance=context_instance)
142
143	def password_reset_complete(request, template_name='registration/password_reset_complete.html'):
144	return render_to_response(template_name, context_instance=RequestContext(request,
145	{'login_url': settings.LOGIN_URL}))
146
147	def password_change(request, template_name='registration/password_change_form.html',
148	post_change_redirect=None):
149	if post_change_redirect is None:
150	post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
151	if request.method == "POST":
152	form = PasswordChangeForm(request.user, request.POST)
153	if form.is_valid():
154	form.save()
155	return HttpResponseRedirect(post_change_redirect)
156	else:
157	form = PasswordChangeForm(request.user)
158	return render_to_response(template_name, {
159	'form': form,
160	}, context_instance=RequestContext(request))
161	password_change = login_required(password_change)
162
163	def password_change_done(request, template_name='registration/password_change_done.html'):
164	return render_to_response(template_name, context_instance=RequestContext(request))

Note: See TracBrowser for help on using the browser.

Code

root/django/trunk/django/contrib/auth/views.py

Download in other formats: