Adapt user login (based on django.contrib.auth)

orchestra/conf/project_template/project_name/settings.py

@@ -220,8 +220,22 @@ EMAIL_BACKEND = 'orchestra.contrib.mailer.backends.EmailBackend'
 DATA_UPLOAD_MAX_NUMBER_FIELDS = None
 
 
+############################
+## MUSICIAN CONFIGURATION ##
+############################
+
+# Direcction than go when you login
+LOGIN_REDIRECT_URL = 'musician:dashboard'
+
+# Where requests are redirected for login
+LOGIN_URL = 'musician:login'
+
+# The URL or named URL pattern where requests are redirected after logout
+LOGOUT_REDIRECT_URL = 'musician:login'
+
+
 #################################
-## 3RD PARTY APPS CONIGURATION ##
+## 3RD PARTY APPS CONFIGURATION ##
 #################################
 
 # Admin Tools

orchestra/contrib/musician/api.py

@@ -1,12 +1,13 @@
 import urllib.parse
 
-import requests
 from django.conf import settings
+from django.contrib.auth import authenticate, login
 from django.http import Http404
 from django.urls.exceptions import NoReverseMatch
 from django.utils.translation import gettext_lazy as _
 
-from .models import Address, DatabaseService, Domain, Mailbox, SaasService, UserAccount, WebSite
+from .models import (Address, DatabaseService, Domain, Mailbox, SaasService,
+                     UserAccount, WebSite)
 
 DOMAINS_PATH = 'domains/'
 TOKEN_PATH = '/api-token-auth/'
@@ -37,14 +38,10 @@ API_PATHS = {
 
 
 class Orchestra(object):
-    def __init__(self, *args, username=None, password=None, **kwargs):
+    def __init__(self, request, username=None, password=None, **kwargs):
-        self.base_url = kwargs.pop('base_url', settings.API_BASE_URL)
+        self.request = request
         self.username = username
-        self.session = requests.Session()
+        self.user = self.authenticate(self.username, password)
-        self.auth_token = kwargs.pop("auth_token", None)
-
-        if self.auth_token is None:
-            self.auth_token = self.authenticate(self.username, password)
 
     def build_absolute_uri(self, path_name):
         path = API_PATHS.get(path_name, None)
@@ -55,13 +52,14 @@ class Orchestra(object):
         return urllib.parse.urljoin(self.base_url, path)
 
     def authenticate(self, username, password):
-        url = self.build_absolute_uri('token-auth')
+        user = authenticate(self.request, username=username, password=password)
-        response = self.session.post(
-            url,
-            data={"username": username, "password": password},
-        )
 
-        return response.json().get("token", None)
+        if user is not None:
+            login(self.request, user)
+            return user
+
+        # Return an 'invalid login' error message.
+        return None
 
     def request(self, verb, resource=None, url=None, data=None, render_as="json", querystring=None, raise_exception=True):
         assert verb in ["HEAD", "GET", "POST", "PATCH", "PUT", "DELETE"]

orchestra/contrib/musician/forms.py

@@ -6,6 +6,7 @@ from django.utils.translation import gettext_lazy as _
 
 from . import api
 
+
 class LoginForm(AuthenticationForm):
 
     def clean(self):
@@ -13,14 +14,13 @@ class LoginForm(AuthenticationForm):
         password = self.cleaned_data.get('password')
 
         if username is not None and password:
-            orchestra = api.Orchestra(username=username, password=password)
+            orchestra = api.Orchestra(self.request, username=username, password=password)
 
-            if orchestra.auth_token is None:
+            if orchestra.user is None:
                 raise self.get_invalid_login_error()
             else:
                 self.username = username
-                self.token = orchestra.auth_token
+                self.user = orchestra.user
-                self.user = orchestra.retrieve_profile()
 
         return self.cleaned_data
 

orchestra/contrib/musician/mixins.py

@@ -1,9 +1,10 @@
-from django.contrib.auth.mixins import UserPassesTestMixin
+from django.conf import settings
+from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
 from django.utils.translation import gettext_lazy as _
 from django.views.generic.base import ContextMixin
-from django.conf import settings
 
 from orchestra import get_version
+
 from . import api
 from .auth import SESSION_KEY_TOKEN
 
@@ -49,30 +50,13 @@ class ExtendedPaginationMixin:
         return paginate_by
 
 
-class UserTokenRequiredMixin(UserPassesTestMixin):
+class UserTokenRequiredMixin(LoginRequiredMixin):
-    """
-    Checks that the request has a token that authenticates him/her.
-    If the user is logged adds context variable 'profile' with its information.
-    """
-
-    def test_func(self):
-        """Check that the user has an authorized token."""
-        token = self.request.session.get(SESSION_KEY_TOKEN, None)
-        if token is None:
-            return False
-
-        # initialize orchestra api orm
-        self.orchestra = api.Orchestra(auth_token=token)
-
-        # verify if the token is valid
-        if self.orchestra.verify_credentials() is None:
-            return False
-
-        return True
 
+    # TODO XXX adapt this code
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         context.update({
-            'profile': self.orchestra.retrieve_profile(),
+            # TODO XXX
+            # 'profile': self.orchestra.retrieve_profile(),
         })
         return context

orchestra/contrib/musician/views.py

@@ -1,12 +1,13 @@
+import datetime
 import logging
 import smtplib
-import datetime
 
 from django.conf import settings
 from django.contrib import messages
 from django.core.exceptions import ImproperlyConfigured
 from django.core.mail import mail_managers
-from django.http import HttpResponse, HttpResponseNotFound, HttpResponseRedirect
+from django.http import (HttpResponse, HttpResponseNotFound,
+                         HttpResponseRedirect)
 from django.urls import reverse_lazy
 from django.utils import translation
 from django.utils.html import format_html
@@ -20,9 +21,11 @@ from django.views.generic.list import ListView
 from requests.exceptions import HTTPError
 
 from orchestra import get_version
-from .auth import login as auth_login
+
+# from .auth import login as auth_login
 from .auth import logout as auth_logout
-from .forms import LoginForm, MailboxChangePasswordForm, MailboxCreateForm, MailboxUpdateForm, MailForm
+from .forms import (LoginForm, MailboxChangePasswordForm, MailboxCreateForm,
+                    MailboxUpdateForm, MailForm)
 from .mixins import (CustomContextMixin, ExtendedPaginationMixin,
                      UserTokenRequiredMixin)
 from .models import (Address, Bill, DatabaseService, Mailbox,
@@ -553,7 +556,6 @@ class LoginView(FormView):
 
     def form_valid(self, form):
         """Security check complete. Log the user in."""
-        auth_login(self.request, form.username, form.token)
 
         # set user language as active language
         user_language = form.user.language