websauna.system.user.loginservice module

Default login service implementation.

class websauna.system.user.loginservice.DefaultLoginService(request)[source]

Bases: object

A login service which tries to authenticate with email and username against the current user registry.

Login service must know details about user implementation and user registry abstraction is not enough.

authenticate_credentials(username, password, login_source, location=None)[source]

Try logging in the user with username and password.

This is called after the user credentials have been validated, after sign up when direct sign in after sign up is in use or after successful federated authentication.

Sets the auth cookies and redirects to a post login page, which defaults to a view named ‘index’.

Fills in user last login time and IP data..

Parameters
  • username (str) – Username.

  • password (str) – User password.

  • login_source (str) – Source of this login attempt.

  • location (Optional[str]) – Override the redirect page. If none use websauna.login_redirect. TODO - to be changed.

Raise

AuthenticationError

Return type

Response

Returns

HTTPResponse what should happen as post-login action

authenticate_user(user, login_source, location=None)[source]

Make the current session logged in session for this particular user.

How to authenticate user using the login service (assuming you have done password match or related yourself):

from websauna.system.user.utils import get_login_service

def my_view(request):

    # load user model instance from database
    # user = ...

    login_service = get_login_service(request)
    response = login_service.authenticate_user(user, "my-login-source")
Parameters
  • user (InterfaceClass) – User object.

  • login_source (str) – Source of this login.

  • location (Optional[str]) – Location to redirect the user to.

Raises

AuthenticationFailure – If login cannot proceed due to disabled user account, etc.

Return type

Response

Returns

HTTPResponse what should happen as post-login action

check_credentials(username, password)[source]

Check if the user password matches.

  • First try username + password

  • Then try with email + password

Parameters
  • username (str) – username or email

  • password (str) –

Raises

websauna.system.user.interfaces.AuthenticationFailure – On login problem.

Return type

UserMixin

Returns

User object which was picked

do_post_login_actions(user, headers, location=None)[source]

What happens after a successful login.

Override this to customize e.g. where the user lands.

Parameters
  • user (InterfaceClass) – User object.

  • headers (dict) – Dictionary with headers to be added to the HTTPFound response.

  • location (Optional[str]) – URL to redirect the user to.

Return type

Response

Returns

Redirection to location.

greet_user(user)[source]

Allow easy overriding of a welcome message.

Parameters

user (InterfaceClass) – User object.

logout(location=None)[source]

Log out user from the site.

  • Terminate session

  • Show logged out message

  • Redirect the user to post login page

Parameters

location (Optional[str]) – Override the redirect page. If none use websauna.login_redirect. TODO - to be changed.

Return type

Response

Returns

HTTPFound to location.

update_login_data(user)[source]

Update last_login_at and last_login_ip on User object.

If this is the User first login, trigger FirstLogin event.

Parameters

user (InterfaceClass) – User object.