diff --git a/apps/authentication/urls/view_urls.py b/apps/authentication/urls/view_urls.py index 0bac07e25..92d5818cb 100644 --- a/apps/authentication/urls/view_urls.py +++ b/apps/authentication/urls/view_urls.py @@ -2,6 +2,7 @@ # from django.urls import path, include +from django.db.transaction import non_atomic_requests from .. import views from users import views as users_view @@ -10,7 +11,7 @@ app_name = 'authentication' urlpatterns = [ # login - path('login/', views.UserLoginView.as_view(), name='login'), + path('login/', non_atomic_requests(views.UserLoginView.as_view()), name='login'), path('login/otp/', views.UserLoginOtpView.as_view(), name='login-otp'), path('login/wait-confirm/', views.UserLoginWaitConfirmView.as_view(), name='login-wait-confirm'), path('login/guard/', views.UserLoginGuardView.as_view(), name='login-guard'), diff --git a/apps/authentication/views/login.py b/apps/authentication/views/login.py index 6a2481d20..3fc62e08d 100644 --- a/apps/authentication/views/login.py +++ b/apps/authentication/views/login.py @@ -4,6 +4,7 @@ from __future__ import unicode_literals import os import datetime + from django.contrib.auth import login as auth_login, logout as auth_logout from django.http import HttpResponse from django.shortcuts import reverse, redirect @@ -17,6 +18,7 @@ from django.views.generic.edit import FormView from django.conf import settings from django.urls import reverse_lazy from django.contrib.auth import BACKEND_SESSION_KEY +from django.db.transaction import atomic from common.utils import get_request_ip, FlashMessageUtil from users.utils import ( @@ -107,7 +109,8 @@ class UserLoginView(mixins.AuthMixin, FormView): self.request.session.delete_test_cookie() try: - self.check_user_auth(decrypt_passwd=True) + with atomic(): + self.check_user_auth(decrypt_passwd=True) except errors.AuthFailedError as e: form.add_error(None, e.msg) self.set_login_failed_mark()