我们从Python开源项目中,提取了以下50个代码示例,用于说明如何使用django.conf.settings.LOGIN_URL。
def password_reset_complete(request, template_name='registration/password_reset_complete.html', extra_context=None): warnings.warn("The password_reset_complete() view is superseded by the " "class-based PasswordResetCompleteView().", RemovedInDjango21Warning, stacklevel=2) context = { 'login_url': resolve_url(settings.LOGIN_URL), 'title': _('Password reset complete'), } if extra_context is not None: context.update(extra_context) return TemplateResponse(request, template_name, context) # Class-based password reset views # - PasswordResetView sends the mail # - PasswordResetDoneView shows a success message for the above # - PasswordResetConfirmView checks the link the user clicked and # prompts for a new password # - PasswordResetCompleteView shows a success message for the above
def test_unauthorized(self): self._stub_nova_api_calls_unauthorized( self.exceptions.nova_unauthorized) self.mox.ReplayAll() url = reverse('horizon:project:overview:index') # Avoid the log message in the test # when unauthorized exception will be logged logging.disable(logging.ERROR) res = self.client.get(url) logging.disable(logging.NOTSET) self.assertEqual(302, res.status_code) self.assertEqual(('Location', settings.TESTSERVER + settings.LOGIN_URL + '?' + REDIRECT_FIELD_NAME + '=' + url), res._headers.get('location', None),)
def test_instance_details_unauthorized(self): server = self.servers.first() api.nova.server_get(IsA(http.HttpRequest), server.id)\ .AndRaise(self.exceptions.nova_unauthorized) self.mox.ReplayAll() url = reverse('horizon:project:instances:detail', args=[server.id]) # Avoid the log message in the test # when unauthorized exception will be logged logging.disable(logging.ERROR) res = self.client.get(url) logging.disable(logging.NOTSET) self.assertEqual(302, res.status_code) self.assertEqual(('Location', settings.TESTSERVER + settings.LOGIN_URL + '?' + REDIRECT_FIELD_NAME + '=' + url), res._headers.get('location', None),)
def test_change_password_sets_logout_reason(self): api.keystone.user_update_own_password(IsA(http.HttpRequest), 'oldpwd', 'normalpwd').AndReturn(None) self.mox.ReplayAll() formData = {'method': 'PasswordForm', 'current_password': 'oldpwd', 'new_password': 'normalpwd', 'confirm_password': 'normalpwd'} res = self.client.post(INDEX_URL, formData, follow=False) self.assertRedirectsNoFollow(res, settings.LOGOUT_URL) self.assertIn('logout_reason', res.cookies) self.assertEqual(res.cookies['logout_reason'].value, "Password changed. Please log in again to continue.") scheme, netloc, path, query, fragment = urlsplit(res.url) redirect_response = res.client.get(path, http.QueryDict(query)) self.assertRedirectsNoFollow(redirect_response, settings.LOGIN_URL)
def test_public(self): dogs = horizon.get_dashboard("dogs") # Known to have no restrictions on it other than being logged in. puppies = dogs.get_panel("puppies") url = puppies.get_absolute_url() # Get a clean, logged out client instance. self.client.logout() resp = self.client.get(url) redirect_url = "?".join(['http://testserver' + settings.LOGIN_URL, "next=%s" % url]) self.assertRedirects(resp, redirect_url) # Simulate ajax call resp = self.client.get(url, HTTP_X_REQUESTED_WITH='XMLHttpRequest') # Response should be HTTP 401 with redirect header self.assertEqual(401, resp.status_code) self.assertEqual(redirect_url, resp["X-Horizon-Location"])
def test_ssl_redirect_by_proxy(self): dogs = horizon.get_dashboard("dogs") puppies = dogs.get_panel("puppies") url = puppies.get_absolute_url() redirect_url = "?".join([settings.LOGIN_URL, "next=%s" % url]) self.client.logout() resp = self.client.get(url) if django.VERSION >= (1, 9): self.assertRedirects(resp, settings.TESTSERVER + redirect_url) else: self.assertRedirects(resp, redirect_url) # Set SSL settings for test server settings.SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') resp = self.client.get(url, HTTP_X_FORWARDED_PROTOCOL="https") self.assertEqual(302, resp.status_code) self.assertEqual('https://testserver:80%s' % redirect_url, resp['location']) # Restore settings settings.SECURE_PROXY_SSL_HEADER = None
def test_process_response_redirect_on_ajax_request(self): url = settings.LOGIN_URL mw = middleware.HorizonMiddleware() request = self.factory.post(url, HTTP_X_REQUESTED_WITH='XMLHttpRequest') request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' request.horizon = {'async_messages': [('error', 'error_msg', 'extra_tag')]} response = HttpResponseRedirect(url) response.client = self.client resp = mw.process_response(request, response) self.assertEqual(200, resp.status_code) self.assertEqual(url, resp['X-Horizon-Location'])
def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): """ Redirects the user to the login page, passing the given 'next' page """ resolved_url = resolve_url(login_url or settings.LOGIN_URL) login_url_parts = list(urlparse(resolved_url)) if redirect_field_name: querystring = QueryDict(login_url_parts[4], mutable=True) querystring[redirect_field_name] = next login_url_parts[4] = querystring.urlencode(safe='/') return HttpResponseRedirect(urlunparse(login_url_parts)) # 4 views for password reset: # - password_reset sends the mail # - password_reset_done shows a success message for the above # - password_reset_confirm checks the link the user clicked and # prompts for a new password # - password_reset_complete shows a success message for the above
def process_request(self, request): assert hasattr(request, 'user'), "The Login Required middleware\ requires authentication middleware to be installed. Edit your\ MIDDLEWARE_CLASSES setting to insert\ 'django.contrib.auth.middleware.AuthenticationMiddleware'. If that doesn't\ work, ensure your TEMPLATE_CONTEXT_PROCESSORS setting includes\ 'django.core.context_processors.auth'." if request.user.is_authenticated(): if not request.user.is_staff: if "accounting" in request.path_info or "api" in request.path_info: return HttpResponseRedirect(settings.WORKER_LOGIN_REDIRECT_URL) else: path = request.path_info.lstrip('/') if not any(m.match(path) for m in EXEMPT_URLS): return HttpResponseRedirect(settings.LOGIN_URL)
def check_event_permissions(function): @wraps(function) def decorator(request, *args, **kwargs): from schedule.models import Event, Calendar user = request.user # check event permission event = get_object_or_None(Event, pk=kwargs.get('event_id', None)) allowed = CHECK_EVENT_PERM_FUNC(event, user) if not allowed: return HttpResponseRedirect(settings.LOGIN_URL) # check calendar permissions calendar = None if event: calendar = event.calendar elif 'calendar_slug' in kwargs: calendar = Calendar.objects.get(slug=kwargs['calendar_slug']) allowed = CHECK_CALENDAR_PERM_FUNC(calendar, user) if not allowed: return HttpResponseRedirect(settings.LOGIN_URL) # all checks passed return function(request, *args, **kwargs) return decorator
def check_calendar_permissions(function): @wraps(function) def decorator(request, *args, **kwargs): if CALENDAR_VIEW_PERM: from schedule.models import Event, Calendar user = request.user # check event permission event = get_object_or_None(Event, pk=kwargs.get('event_id', None)) # check calendar permissions calendar = None if event: calendar = event.calendar elif 'calendar_slug' in kwargs: calendar = Calendar.objects.get(slug=kwargs['calendar_slug']) allowed = CHECK_CALENDAR_PERM_FUNC(calendar, user) if not allowed: return HttpResponseRedirect(settings.LOGIN_URL) # all checks passed return function(request, *args, **kwargs) return decorator
def login_as(request, user_id): """ ????? ???... """ if not request.user.is_superuser: logout(request) return redirect(settings.LOGIN_URL) UserModel = get_user_model() try: user = UserModel.objects.get(pk=user_id) except ObjectDoesNotExist: logout(request) return redirect(settings.LOGIN_URL) else: for backend in get_backends(): if user == backend.get_user(user.pk): user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) break login(request, user) return redirect(LOGIN_AS_REDIRECT_URL)
def get(self, request, *args, username=None, **kwargs): if not username and not request.user.is_authenticated(): return redirect(settings.LOGIN_URL) request.js_storage.update( avatar_upload=resolve_url('users:avatar_upload'), avatar_crop=resolve_url('users:avatar_crop'), avatar_delete=resolve_url('users:avatar_delete'), ) if username: user = get_object_or_404(UserModel, username=username) elif not request.user.is_authenticated(): raise Http404 else: user = request.user # Seo seo = Seo() seo.title = _('Profile of «%(username)s»') % {'username': user.username} seo.save(request) return self.render_to_response({ 'profile_user': user, })
def is_owner(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): # assume username is first arg if request.user.is_authenticated(): if request.user.username == kwargs['username']: return view_func(request, *args, **kwargs) protocol = "https" if request.is_secure() else "http" return HttpResponseRedirect("%s://%s" % (protocol, request.get_host())) path = request.build_absolute_uri() login_url = request.build_absolute_uri(settings.LOGIN_URL) # If the login url is the same scheme and net location then just # use the path as the "next" url. login_scheme, login_netloc = urlparse.urlparse(login_url)[:2] current_scheme, current_netloc = urlparse.urlparse(path)[:2] if ((not login_scheme or login_scheme == current_scheme) and (not login_netloc or login_netloc == current_netloc)): path = request.get_full_path() from django.contrib.auth.views import redirect_to_login return redirect_to_login(path, None, REDIRECT_FIELD_NAME) return _wrapped_view
def process_request(self, request): #logger.debug('Come into the process_request.') myuser = request.user if myuser.is_anonymous(): #???????? #path = request.path pass else: #logger.debug('%s' % myuser) path = request.path_info.lstrip('/') #logger.debug('path:%s' % path) if not path=='user/login/': if myuser.is_active == False: #logger.info('%s user has been banned. Reject!' % request.user.email) from django.contrib import auth auth.logout(request) return HttpResponseRedirect(settings.LOGIN_URL)
def dispatch(self, request, *args, **kwargs): """ Most views in a CMS require a login, so this is the default setup. If a login is not required then the requires_login property can be set to False to disable this. """ if self.requires_login: if settings.LOGIN_URL is None or settings.LOGOUT_URL is None: raise ImproperlyConfigured( 'LOGIN_URL and LOGOUT_URL ' 'has to be defined if requires_login is True' ) if not request.user.is_authenticated(): return redirect('%s?next=%s' % ( resolve_url(settings.LOGIN_URL), quote(request.get_full_path()))) return super(View, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs): context = super(View, self).get_context_data(**kwargs) context['page_title'] = self.get_page_title() context['page_description'] = self.get_page_description() context['menu'] = menu(user=self.request.user, request=self.request) context['urls'] = self.get_urls() context['breadcrumbs'] = self.get_breadcrumbs() context['tabs'] = self.get_tabs() context['index_url'] = self.get_index_url() context['SITE_NAME'] = self.get_site_name() context['SITE_TITLE'] = self.get_site_title() context['SITE_LOGO'] = self.get_site_logo() context['SIDEBAR_BACKGROUND'] = self.get_sidebar_background() context['SIDEBAR_COLOR'] = self.get_sidebar_color() context['SIDEBAR_ALT_COLOR'] = self.get_sidebar_alt_color() context['HIGHLIGHT_BACKGROUND'] = self.get_highlight_background() context['HIGHLIGHT_COLOR'] = self.get_highlight_color() context['DATETIME_FORMATS'] = self.get_datetime_formats() context['LOGIN_URL'] = self.get_login_url() context['LOGOUT_URL'] = self.get_logout_url() context['media'] = self.media context['form_display'] = self.get_form_display() return context
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): """Replacement for django.contrib.auth.decorators.user_passes_test that returns 403 Forbidden if the user is already logged in. """ if not login_url: from django.conf import settings login_url = settings.LOGIN_URL def decorator(view_func): @wraps(view_func) def wrapper(request, *args, **kwargs): if test_func(request.user): return view_func(request, *args, **kwargs) elif request.user.is_authenticated(): return HttpResponseForbidden('<h1>Permission denied</h1>') else: path = '%s?%s=%s' % (login_url, redirect_field_name, urlquote(request.get_full_path())) return HttpResponseRedirect(path) return wrapper return decorator
def cms_perms(func): def inner(request, *args, **kwargs): page = request.current_page if page: if page.login_required and not request.user.is_authenticated(): return redirect_to_login(urlquote(request.get_full_path()), settings.LOGIN_URL) if not page.has_view_permission(request): return _handle_no_page(request, "$") return func(request, *args, **kwargs) inner.__module__ = func.__module__ inner.__doc__ = func.__doc__ if hasattr(func, '__name__'): inner.__name__ = func.__name__ elif hasattr(func, '__class__'): inner.__name__ = func.__class__.__name__ return inner
def process_request(self, request): """ Create a new login if on LOGIN_URL. Otherwise use an existing user if stored in the session. """ if request.path == settings.LOGIN_URL: self.flush_session(request) try: uwnetid = get_authenticated_uwnetid( remote_user=request.META.get('REMOTE_USER', ''), saml_idp=request.META.get('Shib-Identity-Provider', '')) request.session[self.UWNETID_KEY] = uwnetid except (LoginNotPerson, InvalidSessionError) as e: logger.info(e) request.login_url_error = e except Exception as e: logger.exception(e) request.login_url_error = e request.uwnetid = request.session.get(self.UWNETID_KEY, None)
def process_response(self, request, response): legitimate_page = False # 'HttpRequest.path' and 'HttpRequest.path_info' # For example, if the WSGIScriptAlias for your application # is set to "/minfo", # then 'path' might be "/minfo/music/bands/the_beatles/" # and 'path_info' would be "/music/bands/the_beatles/". path = request.path_info if any(url.match(path) for url in EXEMPT_URLS): legitimate_page = True # If it is a legitimate page in which 'login_required' is False, # let him/her go. if legitimate_page: return response # If it is not, check whether he/her has logged in. else: if hasattr(request, 'user') and request.user.is_authenticated(): return response else: return redirect(settings.LOGIN_URL)
def get_login_url(reset=False): global _LOGIN_URL # update by hzwangzhiwei @20160113 # if _LOGIN_URL is None or reset: # # if LOGIN_URL resolves force login_required to it instead of our own # # XXX: this must be done as late as possible to avoid idempotent requirements # try: # resolve(settings.LOGIN_URL) # except Exception: # _LOGIN_URL = settings.SENTRY_LOGIN_URL # else: # _LOGIN_URL = settings.LOGIN_URL # if _LOGIN_URL is None: # _LOGIN_URL = reverse('sentry-login') _LOGIN_URL = '/auth/openid-login/' return _LOGIN_URL