Commit 4e997c7c authored by Lukas Burgey's avatar Lukas Burgey
Browse files

Handle deactivated user at login

parent ecd9041a
......@@ -50,7 +50,6 @@ def set_session(request, key, value):
class Auth(View):
def get(self, request, **kwargs):
logger.debug('Auth')
try:
state = rndstr()
......@@ -80,7 +79,6 @@ class Auth(View):
class AuthCallback(View):
def get(self, request, **kwargs):
logger.debug('AuthCallback')
try:
state = get_session(request, 'state', None)
idp_id = get_session(request, 'idp_id', default_idp().id)
......@@ -121,16 +119,21 @@ class AuthCallback(View):
token=ac_token_response['access_token'],
)
response = redirect('/')
if user is None:
# authentication failed -> 401
msg = 'Login for user {} failed'.format(request.user)
# authentication failed -> "401"
logger.error('User failed to log in'.format(request.user))
request.session['error'] = 'Login failed'
logger.error(msg)
response = HttpResponse('Unauthorized', status=401)
# response = HttpResponse('Unauthorized', status=401)
elif not user.is_active:
# user is deactivated -> "403"
logger.info('{} tried to log in'.format(user))
request.session['error'] = 'Account deactivated'
# response = HttpResponse('Forbidden', status=403)
else:
# redirect back to the frontend
# user authenticated -> back to frontend
login(request, user)
response = redirect('/')
response.set_cookie('sessionid', request.COOKIES['sessionid'])
return response
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment