1from pyramid.httpexceptions import HTTPFound 2from pyramid.security import ( 3 remember, 4 forget, 5 ) 6from pyramid.view import ( 7 forbidden_view_config, 8 view_config, 9) 10 11from ..models import User 12 13 14@view_config(route_name='login', renderer='../templates/login.jinja2') 15def login(request): 16 next_url = request.params.get('next', request.referrer) 17 if not next_url: 18 next_url = request.route_url('view_wiki') 19 message = '' 20 login = '' 21 if 'form.submitted' in request.params: 22 login = request.params['login'] 23 password = request.params['password'] 24 user = request.dbsession.query(User).filter_by(name=login).first() 25 if user is not None and user.check_password(password): 26 headers = remember(request, user.id) 27 return HTTPFound(location=next_url, headers=headers) 28 message = 'Failed login' 29 30 return dict( 31 message=message, 32 url=request.route_url('login'), 33 next_url=next_url, 34 login=login, 35 ) 36 37@view_config(route_name='logout') 38def logout(request): 39 headers = forget(request) 40 next_url = request.route_url('view_wiki') 41 return HTTPFound(location=next_url, headers=headers) 42 43@forbidden_view_config() 44def forbidden_view(request): 45 next_url = request.route_url('login', _query={'next': request.url}) 46 return HTTPFound(location=next_url) 47