diff options
| author | Adrian Holovaty <adrian@holovaty.com> | 2005-08-16 22:54:05 +0000 |
|---|---|---|
| committer | Adrian Holovaty <adrian@holovaty.com> | 2005-08-16 22:54:05 +0000 |
| commit | 07889c13a63eeb3e8a73f1e02a21227def3ae548 (patch) | |
| tree | 04a76ba333ae0308450710f4d8e7e251948437ad /django/views | |
| parent | f21ff30b104ef1eedcfebd230a98fef4b6cc7ebd (diff) | |
Fixed #1 -- Added anonymous session support via middleware and request.session. Removed the former request.session, which wasn't being used anyway. Removed auth.Session model. See the BackwardsIncompatibleChanges wiki page for IMPORTANT notes on code you'll have to change and a DB table you'll have to create.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@518 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django/views')
| -rw-r--r-- | django/views/auth/login.py | 33 |
1 files changed, 12 insertions, 21 deletions
diff --git a/django/views/auth/login.py b/django/views/auth/login.py index fdb064d0b0..a8d7d143d2 100644 --- a/django/views/auth/login.py +++ b/django/views/auth/login.py @@ -1,7 +1,7 @@ from django.parts.auth.formfields import AuthenticationForm from django.core import formfields, template_loader from django.core.extensions import DjangoContext as Context -from django.models.auth import sessions +from django.models.auth import users from django.models.core import sites from django.utils.httpwrappers import HttpResponse, HttpResponseRedirect @@ -17,14 +17,12 @@ def login(request): # Light security check -- make sure redirect_to isn't garbage. if not redirect_to or '://' in redirect_to or ' ' in redirect_to: redirect_to = '/accounts/profile/' - response = HttpResponseRedirect(redirect_to) - sessions.start_web_session(manipulator.get_user_id(), request, response) - return response + request.session[users.SESSION_KEY] = manipulator.get_user_id() + return HttpResponseRedirect(redirect_to) else: errors = {} response = HttpResponse() - # Set this cookie as a test to see whether the user accepts cookies - response.set_cookie(sessions.TEST_COOKIE_NAME, sessions.TEST_COOKIE_VALUE) + response.session.set_test_cookie() t = template_loader.get_template('registration/login') c = Context(request, { 'form': formfields.FormWrapper(manipulator, request.POST, errors), @@ -34,28 +32,21 @@ def login(request): response.write(t.render(c)) return response -def logout(request): +def logout(request, next_page=None): "Logs out the user and displays 'You are logged out' message." - if request.session: - # Do a redirect to this page until the session has been cleared. - response = HttpResponseRedirect(request.path) - # Delete the cookie by setting a cookie with an empty value and max_age=0 - response.set_cookie(request.session.get_cookie()[0], '', max_age=0) - request.session.delete() - return response - else: + try: + del request.session[users.SESSION_KEY] + except KeyError: t = template_loader.get_template('registration/logged_out') c = Context(request) return HttpResponse(t.render(c)) + else: + # Do a redirect to this page until the session has been cleared. + return HttpResponseRedirect(next_page or request.path) def logout_then_login(request): "Logs out the user if he is logged in. Then redirects to the log-in page." - response = HttpResponseRedirect('/accounts/login/') - if request.session: - # Delete the cookie by setting a cookie with an empty value and max_age=0 - response.set_cookie(request.session.get_cookie()[0], '', max_age=0) - request.session.delete() - return response + return logout(request, '/accounts/login/') def redirect_to_login(next): "Redirects the user to the login page, passing the given 'next' page" |