From c56fc2f6a03b5fbb53548f85b73872c864eeb1b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20V=C3=A9zina?= Date: Thu, 20 Aug 2015 15:23:59 -0400 Subject: [PATCH] Improve proposed enhancement #1052 --- gluon/tools.py | 57 +++++++++++++++++++++++++++++--------------------- 1 file changed, 33 insertions(+), 24 deletions(-) diff --git a/gluon/tools.py b/gluon/tools.py index 8e63caee..4e861e0e 100644 --- a/gluon/tools.py +++ b/gluon/tools.py @@ -2488,6 +2488,17 @@ class Auth(object): # Allow up to 4 attempts (the 1st one plus 3 more) session.auth_two_factor_tries_left = 3 + def when_is_logged_in_bypass_next_in_url(self, next, session): + """ + This function should be use when someone want to avoid asking for user + credentials when loaded page contains "user/login?_next=NEXT_COMPONENT" + in the URL is refresh but user is already authenticated. + """ + if self.is_logged_in(): + if next == session._auth_next: + del session._auth_next + redirect(next, client_side=self.settings.client_side) + def login(self, next=DEFAULT, onvalidation=DEFAULT, @@ -2497,33 +2508,11 @@ class Auth(object): """ Returns a login form """ - # Avoid asking for credentials when page reload and page URL contains - # "user/login?_next=NEXT_COMPONENT" if user is already authenticated - if self.get_vars_next() is not None and self.get_vars_next() != '' and self.is_logged_in(): - redirect(self.get_vars_next()) - - table_user = self.table_user() settings = self.settings - if 'username' in table_user.fields or \ - not settings.login_email_validate: - tmpvalidator = IS_NOT_EMPTY(error_message=self.messages.is_empty) - if not settings.username_case_sensitive: - tmpvalidator = [IS_LOWER(), tmpvalidator] - else: - tmpvalidator = IS_EMAIL(error_message=self.messages.invalid_email) - if not settings.email_case_sensitive: - tmpvalidator = [IS_LOWER(), tmpvalidator] - request = current.request response = current.response session = current.session - passfield = settings.password_field - try: - table_user[passfield].requires[-1].min_length = 0 - except: - pass - ### use session for federated login snext = self.get_vars_next() @@ -2547,6 +2536,27 @@ class Auth(object): next = user_next else: next = user_next + # Avoid asking unnecessary user credentials when user is logged in + self.when_is_logged_in_bypass_next_in_url(next=next, session=session) + + # Moved here to avoid unnecessary execution in case of redirection to next in case of logged in user + table_user = self.table_user() + if 'username' in table_user.fields or \ + not settings.login_email_validate: + tmpvalidator = IS_NOT_EMPTY(error_message=self.messages.is_empty) + if not settings.username_case_sensitive: + tmpvalidator = [IS_LOWER(), tmpvalidator] + else: + tmpvalidator = IS_EMAIL(error_message=self.messages.invalid_email) + if not settings.email_case_sensitive: + tmpvalidator = [IS_LOWER(), tmpvalidator] + + passfield = settings.password_field + try: + table_user[passfield].requires[-1].min_length = 0 + except: + pass + if onvalidation is DEFAULT: onvalidation = settings.login_onvalidation if onaccept is DEFAULT: @@ -2558,8 +2568,7 @@ class Auth(object): user = None # default - - #Setup the default field used for the form + # Setup the default field used for the form multi_login = False if self.settings.login_userfield: username = self.settings.login_userfield