Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
error = None
return_to = request.GET.get('next')
if return_to and _valid_return_path(return_to):
request.session['login_return_path'] = return_to
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
try:
if (
validators.user_exists(username) and not
user_is_sorried(username) and
utils.password_matches(username, password)
):
session_login(request, username)
return redirect_back(request)
else:
error = (
'Authentication failed. Your account may be disabled, '
'or you may have typed the wrong username or password.'
)
except ValueError as ex:
error = 'Authentication failed: {error}'.format(
error=str(ex),
)
else:
form = LoginForm()
def clean(self):
cleaned_data = super(ApproveForm, self).clean()
# validate password (requires username to check similarity)
username = cleaned_data.get('username')
password = cleaned_data.get('password')
if username and password:
wrap_validator(validators.validate_password)(username, password)