Mercurial > kallithea

comparison rhodecode/controllers/login.py @ 2623:44678a64cfae beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Use HttpFound response in login. - redirect_to lacks possibility to pass headers - use those headers for proper Set-Cookie handling
author Marcin Kuzminski <marcin@python-works.com>
date Mon, 16 Jul 2012 18:47:36 +0200
parents 5b12cbae0b50
children 04d2bcfbe7a6
comparison
equal deleted inserted replaced
2622:0ffcbeb76e4f 2623:44678a64cfae
23 # You should have received a copy of the GNU General Public License 23 # You should have received a copy of the GNU General Public License
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. 24 # along with this program. If not, see <http://www.gnu.org/licenses/>.
25 25
26 import logging 26 import logging
27 import formencode 27 import formencode
28 import datetime
28 29
29 from formencode import htmlfill 30 from formencode import htmlfill
30 31 from webob.exc import HTTPFound
31 from pylons.i18n.translation import _ 32 from pylons.i18n.translation import _
32 from pylons.controllers.util import abort, redirect 33 from pylons.controllers.util import abort, redirect
33 from pylons import request, response, session, tmpl_context as c, url 34 from pylons import request, response, session, tmpl_context as c, url
34 35
35 import rhodecode.lib.helpers as h 36 import rhodecode.lib.helpers as h
37 from rhodecode.lib.base import BaseController, render 38 from rhodecode.lib.base import BaseController, render
38 from rhodecode.model.db import User 39 from rhodecode.model.db import User
39 from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm 40 from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm
40 from rhodecode.model.user import UserModel 41 from rhodecode.model.user import UserModel
41 from rhodecode.model.meta import Session 42 from rhodecode.model.meta import Session
43
42 44
43 45
44 log = logging.getLogger(__name__) 46 log = logging.getLogger(__name__)
45 47
46 48
60 62
61 if request.POST: 63 if request.POST:
62 # import Login Form validator class 64 # import Login Form validator class
63 login_form = LoginForm() 65 login_form = LoginForm()
64 try: 66 try:
67 session.invalidate()
65 c.form_result = login_form.to_python(dict(request.POST)) 68 c.form_result = login_form.to_python(dict(request.POST))
66 # form checks for username/password, now we're authenticated 69 # form checks for username/password, now we're authenticated
67 username = c.form_result['username'] 70 username = c.form_result['username']
68 user = User.get_by_username(username, case_insensitive=True) 71 user = User.get_by_username(username, case_insensitive=True)
69 auth_user = AuthUser(user.user_id) 72 auth_user = AuthUser(user.user_id)
70 auth_user.set_authenticated() 73 auth_user.set_authenticated()
71 cs = auth_user.get_cookie_store() 74 cs = auth_user.get_cookie_store()
72 session['rhodecode_user'] = cs 75 session['rhodecode_user'] = cs
76 user.update_lastlogin()
77 Session().commit()
78
73 # If they want to be remembered, update the cookie 79 # If they want to be remembered, update the cookie
74 if c.form_result['remember'] is not False: 80 if c.form_result['remember'] is not False:
75 session.cookie_expires = False 81 _year = (datetime.datetime.now() +
76 session._set_cookie_values() 82 datetime.timedelta(seconds=60 * 60 * 24 * 365))
77 session._update_cookie_out() 83 session._set_cookie_expires(_year)
84
78 session.save() 85 session.save()
79 86
80 log.info('user %s is now authenticated and stored in ' 87 log.info('user %s is now authenticated and stored in '
81 'session, session attrs %s' % (username, cs)) 88 'session, session attrs %s' % (username, cs))
82 user.update_lastlogin() 89
83 Session.commit() 90 # dumps session attrs back to cookie
91 session._update_cookie_out()
92
93 # we set new cookie
94 headers = None
95 if session.request['set_cookie']:
96 # send set-cookie headers back to response to update cookie
97 headers = [('Set-Cookie', session.request['cookie_out'])]
84 98
85 if c.came_from: 99 if c.came_from:
86 return redirect(c.came_from) 100 raise HTTPFound(location=c.came_from, headers=headers)
87 else: 101 else:
88 return redirect(url('home')) 102 raise HTTPFound(location=url('home'), headers=headers)
89 103
90 except formencode.Invalid, errors: 104 except formencode.Invalid, errors:
91 return htmlfill.render( 105 return htmlfill.render(
92 render('/login.html'), 106 render('/login.html'),
93 defaults=errors.value, 107 defaults=errors.value,
113 form_result = register_form.to_python(dict(request.POST)) 127 form_result = register_form.to_python(dict(request.POST))
114 form_result['active'] = c.auto_active 128 form_result['active'] = c.auto_active
115 UserModel().create_registration(form_result) 129 UserModel().create_registration(form_result)
116 h.flash(_('You have successfully registered into rhodecode'), 130 h.flash(_('You have successfully registered into rhodecode'),
117 category='success') 131 category='success')
118 Session.commit() 132 Session().commit()
119 return redirect(url('login_home')) 133 return redirect(url('login_home'))
120 134
121 except formencode.Invalid, errors: 135 except formencode.Invalid, errors:
122 return htmlfill.render( 136 return htmlfill.render(
123 render('/register.html'), 137 render('/register.html'),