Mercurial > kallithea
comparison rhodecode/controllers/login.py @ 2623:44678a64cfae beta
Use HttpFound response in login.
- redirect_to lacks possibility to pass headers
- use those headers for proper Set-Cookie handling
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Mon, 16 Jul 2012 18:47:36 +0200 |
parents | 5b12cbae0b50 |
children | 04d2bcfbe7a6 |
comparison
equal
deleted
inserted
replaced
2622:0ffcbeb76e4f | 2623:44678a64cfae |
---|---|
23 # You should have received a copy of the GNU General Public License | 23 # You should have received a copy of the GNU General Public License |
24 # along with this program. If not, see <http://www.gnu.org/licenses/>. | 24 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
25 | 25 |
26 import logging | 26 import logging |
27 import formencode | 27 import formencode |
28 import datetime | |
28 | 29 |
29 from formencode import htmlfill | 30 from formencode import htmlfill |
30 | 31 from webob.exc import HTTPFound |
31 from pylons.i18n.translation import _ | 32 from pylons.i18n.translation import _ |
32 from pylons.controllers.util import abort, redirect | 33 from pylons.controllers.util import abort, redirect |
33 from pylons import request, response, session, tmpl_context as c, url | 34 from pylons import request, response, session, tmpl_context as c, url |
34 | 35 |
35 import rhodecode.lib.helpers as h | 36 import rhodecode.lib.helpers as h |
37 from rhodecode.lib.base import BaseController, render | 38 from rhodecode.lib.base import BaseController, render |
38 from rhodecode.model.db import User | 39 from rhodecode.model.db import User |
39 from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm | 40 from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm |
40 from rhodecode.model.user import UserModel | 41 from rhodecode.model.user import UserModel |
41 from rhodecode.model.meta import Session | 42 from rhodecode.model.meta import Session |
43 | |
42 | 44 |
43 | 45 |
44 log = logging.getLogger(__name__) | 46 log = logging.getLogger(__name__) |
45 | 47 |
46 | 48 |
60 | 62 |
61 if request.POST: | 63 if request.POST: |
62 # import Login Form validator class | 64 # import Login Form validator class |
63 login_form = LoginForm() | 65 login_form = LoginForm() |
64 try: | 66 try: |
67 session.invalidate() | |
65 c.form_result = login_form.to_python(dict(request.POST)) | 68 c.form_result = login_form.to_python(dict(request.POST)) |
66 # form checks for username/password, now we're authenticated | 69 # form checks for username/password, now we're authenticated |
67 username = c.form_result['username'] | 70 username = c.form_result['username'] |
68 user = User.get_by_username(username, case_insensitive=True) | 71 user = User.get_by_username(username, case_insensitive=True) |
69 auth_user = AuthUser(user.user_id) | 72 auth_user = AuthUser(user.user_id) |
70 auth_user.set_authenticated() | 73 auth_user.set_authenticated() |
71 cs = auth_user.get_cookie_store() | 74 cs = auth_user.get_cookie_store() |
72 session['rhodecode_user'] = cs | 75 session['rhodecode_user'] = cs |
76 user.update_lastlogin() | |
77 Session().commit() | |
78 | |
73 # If they want to be remembered, update the cookie | 79 # If they want to be remembered, update the cookie |
74 if c.form_result['remember'] is not False: | 80 if c.form_result['remember'] is not False: |
75 session.cookie_expires = False | 81 _year = (datetime.datetime.now() + |
76 session._set_cookie_values() | 82 datetime.timedelta(seconds=60 * 60 * 24 * 365)) |
77 session._update_cookie_out() | 83 session._set_cookie_expires(_year) |
84 | |
78 session.save() | 85 session.save() |
79 | 86 |
80 log.info('user %s is now authenticated and stored in ' | 87 log.info('user %s is now authenticated and stored in ' |
81 'session, session attrs %s' % (username, cs)) | 88 'session, session attrs %s' % (username, cs)) |
82 user.update_lastlogin() | 89 |
83 Session.commit() | 90 # dumps session attrs back to cookie |
91 session._update_cookie_out() | |
92 | |
93 # we set new cookie | |
94 headers = None | |
95 if session.request['set_cookie']: | |
96 # send set-cookie headers back to response to update cookie | |
97 headers = [('Set-Cookie', session.request['cookie_out'])] | |
84 | 98 |
85 if c.came_from: | 99 if c.came_from: |
86 return redirect(c.came_from) | 100 raise HTTPFound(location=c.came_from, headers=headers) |
87 else: | 101 else: |
88 return redirect(url('home')) | 102 raise HTTPFound(location=url('home'), headers=headers) |
89 | 103 |
90 except formencode.Invalid, errors: | 104 except formencode.Invalid, errors: |
91 return htmlfill.render( | 105 return htmlfill.render( |
92 render('/login.html'), | 106 render('/login.html'), |
93 defaults=errors.value, | 107 defaults=errors.value, |
113 form_result = register_form.to_python(dict(request.POST)) | 127 form_result = register_form.to_python(dict(request.POST)) |
114 form_result['active'] = c.auto_active | 128 form_result['active'] = c.auto_active |
115 UserModel().create_registration(form_result) | 129 UserModel().create_registration(form_result) |
116 h.flash(_('You have successfully registered into rhodecode'), | 130 h.flash(_('You have successfully registered into rhodecode'), |
117 category='success') | 131 category='success') |
118 Session.commit() | 132 Session().commit() |
119 return redirect(url('login_home')) | 133 return redirect(url('login_home')) |
120 | 134 |
121 except formencode.Invalid, errors: | 135 except formencode.Invalid, errors: |
122 return htmlfill.render( | 136 return htmlfill.render( |
123 render('/register.html'), | 137 render('/register.html'), |