[Update] 修改用户登录,首次登录不需要验证码,登录失败时需要验证码校验

2018-04-24 13:00:36 +08:00 · 2018-04-24 13:00:36 +08:00 · 784bec42ff
parent 7aa2bb06e8
commit 784bec42ff
3 changed files with 27 additions and 1 deletions
--- a/apps/users/forms.py
+++ b/apps/users/forms.py
@ -15,6 +15,14 @@ class UserLoginForm(AuthenticationForm):
        label=_('Password'), widget=forms.PasswordInput,
        max_length=128, strip=False
    )
+
+
+class UserLoginCaptchaForm(AuthenticationForm):
+    username = forms.CharField(label=_('Username'), max_length=100)
+    password = forms.CharField(
+        label=_('Password'), widget=forms.PasswordInput,
+        max_length=128, strip=False
+    )
    captcha = CaptchaField()


--- a/apps/users/templates/users/login.html
+++ b/apps/users/templates/users/login.html
@ -53,7 +53,7 @@
                            {% endif %}
                        {% endif %}
                        <div class="form-group">
-                            <input type="text" class="form-control" name="{{ form.username.html_name }}" placeholder="{% trans 'Username' %}" required="">
+                            <input type="text" class="form-control" name="{{ form.username.html_name }}" placeholder="{% trans 'Username' %}" required="" value="{% if form.username.value %}{{ form.username.value }}{% endif %}">
                        </div>
                        <div class="form-group">
                            <input type="password" class="form-control" name="{{ form.password.html_name }}" placeholder="{% trans 'Password' %}" required="">
--- a/apps/users/views/login.py
+++ b/apps/users/views/login.py
@ -2,6 +2,7 @@

 from __future__ import unicode_literals
 import os
+from django.core.cache import cache
 from django.shortcuts import render
 from django.contrib.auth import login as auth_login, logout as auth_logout
 from django.contrib.auth.mixins import LoginRequiredMixin
@ -43,7 +44,9 @@ __all__ = [
 class UserLoginView(FormView):
    template_name = 'users/login.html'
    form_class = forms.UserLoginForm
+    form_class_captcha = forms.UserLoginCaptchaForm
    redirect_field_name = 'next'
+    key_prefix = "_LOGIN_INVALID_{}"

    def get(self, request, *args, **kwargs):
        if request.user.is_staff:
@ -58,6 +61,21 @@ class UserLoginView(FormView):
        set_tmp_user_to_cache(self.request, form.get_user())
        return redirect(self.get_success_url())

+    def form_invalid(self, form):
+        ip = get_login_ip(self.request)
+        cache.set(self.key_prefix.format(ip), 1, 3600)
+        old_form = form
+        form = self.form_class_captcha(data=form.data)
+        form._errors = old_form.errors
+        return super().form_invalid(form)
+
+    def get_form_class(self):
+        ip = get_login_ip(self.request)
+        if cache.get(self.key_prefix.format(ip)):
+            return self.form_class_captcha
+        else:
+            return self.form_class
+
    def get_success_url(self):
        user = get_user_or_tmp_user(self.request)