multi-auth: Updated auth views to use new api.

git-svn-id: http://code.djangoproject.com/svn/django/branches/multi-auth@2887 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2025-07-04 09:49:12 +00:00 · 2006-05-10 04:30:25 +00:00 · 2006-05-10 04:30:25 +00:00 · c9136c0bff
commit c9136c0bff
parent cfdfb1088b
2 changed files with 10 additions and 13 deletions
--- a/django/contrib/auth/forms.py
+++ b/django/contrib/auth/forms.py
@ -1,4 +1,5 @@
 from django.contrib.auth.models import User
+from django.contrib.auth import authenticate
 from django.contrib.sites.models import Site
 from django.template import Context, loader
 from django.core import validators
@ -20,8 +21,7 @@ class AuthenticationForm(forms.Manipulator):
        self.fields = [
            forms.TextField(field_name="username", length=15, maxlength=30, is_required=True,
                validator_list=[self.isValidUser, self.hasCookiesEnabled]),
-            forms.PasswordField(field_name="password", length=15, maxlength=30, is_required=True,
-                validator_list=[self.isValidPasswordForUser]),
+            forms.PasswordField(field_name="password", length=15, maxlength=30, is_required=True),
        ]
        self.user_cache = None

@ -30,14 +30,10 @@ class AuthenticationForm(forms.Manipulator):
            raise validators.ValidationError, _("Your Web browser doesn't appear to have cookies enabled. Cookies are required for logging in.")

    def isValidUser(self, field_data, all_data):
-        try:
-            self.user_cache = User.objects.get(username=field_data)
-        except User.DoesNotExist:
-            raise validators.ValidationError, _("Please enter a correct username and password. Note that both fields are case-sensitive.")
-
-    def isValidPasswordForUser(self, field_data, all_data):
-        if self.user_cache is not None and not self.user_cache.check_password(field_data):
-            self.user_cache = None
+        username = field_data
+        password = all_data.get('password', None)
+        self.user_cache = authenticate(username=username, password=password)
+        if self.user_cache is None:
            raise validators.ValidationError, _("Please enter a correct username and password. Note that both fields are case-sensitive.")

    def get_user_id(self):
--- a/django/contrib/auth/views.py
+++ b/django/contrib/auth/views.py
@ -3,7 +3,6 @@ from django.contrib.auth.forms import PasswordResetForm, PasswordChangeForm
 from django import forms
 from django.shortcuts import render_to_response
 from django.template import RequestContext
-from django.contrib.auth.models import SESSION_KEY
 from django.contrib.sites.models import Site
 from django.http import HttpResponse, HttpResponseRedirect
 from django.contrib.auth.decorators import login_required
@ -19,7 +18,8 @@ def login(request):
            # Light security check -- make sure redirect_to isn't garbage.
            if not redirect_to or '://' in redirect_to or ' ' in redirect_to:
                redirect_to = '/accounts/profile/'
-            request.session[SESSION_KEY] = manipulator.get_user_id()
+            from django.contrib.auth import login
+            login(request, manipulator.get_user())
            request.session.delete_test_cookie()
            return HttpResponseRedirect(redirect_to)
    else:
@ -33,8 +33,9 @@ def login(request):

 def logout(request, next_page=None):
    "Logs out the user and displays 'You are logged out' message."
+    from django.contrib.auth import logout
    try:
-        del request.session[SESSION_KEY]
+        logout(request)
    except KeyError:
        return render_to_response('registration/logged_out.html', {'title': 'Logged out'}, context_instance=RequestContext(request))
    else: