def ajax_login_bare(self, username, password): """ check user login and return tuple of (boolean,msg) which first field is successfull login or not and second is failure massage """
request = current.request session = current.session table_user = self.settings.table_user if self.settings.login_userfield: userfield = self.settings.login_userfield elif 'username' in table_user.fields: userfield = 'username' else: userfield = 'email' passfield = self.settings.password_field key = {userfield:username,passfield:password} user = self.db(table_user[userfield] == username).select().first() if user: # user in db, check if registration pending or disabled temp_user = user if temp_user.registration_key == 'pending': return (False,self.messages.registration_pending) elif temp_user.registration_key in ('disabled', 'blocked'): return (False,self.messages.login_disabled) elif not temp_user.registration_key is None and temp_user.registration_key.strip(): return (False,self.messages.registration_verifying) # try alternate logins 1st as these have the # current version of the password user = None for login_method in self.settings.login_methods: if login_method != self and login_method(username,password): if not self in self.settings.login_methods: # do not store password in db password = None user = self.get_or_create_user(key) break if not user: # alternates have failed, maybe because service inaccessible if self.settings.login_methods[0] == self: # try logging in locally using cached credentials if password == temp_user[passfield]: # success user = temp_user else: # user not in db if not self.settings.alternate_requires_registration: # we're allowed to auto-register users from external systems for login_method in self.settings.login_methods: if login_method != self and login_method(username,password): if not self in self.settings.login_methods: # do not store password in db key[passfield] = None user = self.get_or_create_user(key) break if not user: self.log_event(self.messages.login_failed_log,request.post_vars) return (False,self.messages.invalid_login) else: user = Row(table_user._filter_fields(user, id=True)) # process authenticated users # user wants to be logged in for longer self.login_user(user) session.auth.expiration = \ request.vars.get('remember', False) and \ self.settings.long_expiration or \ self.settings.expiration session.auth.remember = 'remember' in request.vars self.log_event(self.messages.login_log, user) return (True,self.messages.logged_in) def index(): if request <http://127.0.0.1:8000/examples/global/vars/request>.post_vars: from gluon.serializers import json logged,msg = auth.ajax_login_bare(request <http://127.0.0.1:8000/examples/global/vars/request>.vars.email,request <http://127.0.0.1:8000/examples/global/vars/request>.vars.password) if logged: return json(dict(redirect <http://127.0.0.1:8000/examples/global/vars/redirect>=get_user_info(),logged=logged,msg=msg)) else: return json(dict(logged=logged,msg=msg)) form = auth.login() return dict(form=form) -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.