From 90ca5a8bb7c68d4629d864eb2291aa2b1a401358 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Fri, 2 Sep 2016 22:23:15 +0800
Subject: [PATCH] start capcha support

---
 apps/jumpserver/settings.py           |  1 +
 apps/users/forms.py                   | 10 ++--------
 apps/users/templates/users/login.html | 12 ++++++------
 apps/users/urls.py                    |  5 +++--
 apps/users/views.py                   | 27 ++++++++++++++++++++++++++-
 5 files changed, 38 insertions(+), 17 deletions(-)

diff --git a/apps/jumpserver/settings.py b/apps/jumpserver/settings.py
index 2244a0a79..7a84cf142 100644
--- a/apps/jumpserver/settings.py
+++ b/apps/jumpserver/settings.py
@@ -61,6 +61,7 @@ INSTALLED_APPS = [
     'rest_framework',
     'rest_framework.authtoken',
     'bootstrapform',
+    'captcha',
     # 'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
diff --git a/apps/users/forms.py b/apps/users/forms.py
index cc6b551c2..719a6f0a5 100644
--- a/apps/users/forms.py
+++ b/apps/users/forms.py
@@ -2,21 +2,15 @@
 
 from django.forms import ModelForm
 from django import forms
+from captcha.fields import CaptchaField
 
 from .models import User, UserGroup
 
 
-# class UserLoginForm(ModelForm):
-#     class Meta:
-#         model = User
-#         fields = [
-#             "email", "password"
-#         ]
-
-
 class UserLoginForm(forms.Form):
     username = forms.CharField(label='用户名', max_length=100)
     password = forms.CharField(label='密码', widget=forms.PasswordInput, max_length=100)
+    # captcha = CaptchaField()
 
 
 class UserAddForm(ModelForm):
diff --git a/apps/users/templates/users/login.html b/apps/users/templates/users/login.html
index 8f556d74d..633a53bcb 100644
--- a/apps/users/templates/users/login.html
+++ b/apps/users/templates/users/login.html
@@ -43,13 +43,16 @@
                     <form class="m-t" role="form" method="post" action="{% url 'users:login' %}">
                         {% csrf_token %}
                         {% if form.errors %}
-                            <p class="red-fonts">用户名/密码 不正确, 请重试</p>
+                            <p class="red-fonts">{{ form.errors }}</p>
+                        {% endif %}
+                        {% if errors %}
+                            <p class="red-fonts">{{ errors }}</p>
                         {% endif %}
                         <div class="form-group">
-                            <input type="text" class="form-control" name="username" placeholder="Username" required="">
+                            <input type="text" class="form-control" name="{{ form.username.html_name }}" placeholder="Username" required="">
                         </div>
                         <div class="form-group">
-                            <input type="password" class="form-control" name="password" placeholder="Password" required="">
+                            <input type="password" class="form-control" name="{{ form.password.html_name }}" placeholder="Password" required="">
                         </div>
                         <button type="submit" class="btn btn-primary block full-width m-b">Login</button>
 
@@ -58,12 +61,9 @@
                         </a>
 
                         <p class="text-muted text-center">
-{#                            <small>Do not have an account?</small>#}
                         </p>
-{#                        <a class="btn btn-sm btn-white btn-block" href="register.html">Create an account</a>#}
                     </form>
                     <p class="m-t">
-{#                        <small>Inspinia we app framework base on Bootstrap 3 &copy; 2014</small>#}
                     </p>
                 </div>
             </div>
diff --git a/apps/users/urls.py b/apps/users/urls.py
index d12a27528..fc353009a 100644
--- a/apps/users/urls.py
+++ b/apps/users/urls.py
@@ -1,4 +1,4 @@
-from django.conf.urls import url
+from django.conf.urls import url, include
 from django.contrib.auth import views as auth_views
 
 import views
@@ -7,8 +7,9 @@ import api
 app_name = 'users'
 
 urlpatterns = [
-    url(r'^login$', auth_views.login, {'template_name': 'users/login.html'}, name='login'),
+    url(r'^login$', views.UserLoginView.as_view(), name='login'),
     url(r'^logout$', auth_views.logout, {'template_name': 'users/login.html'}, name='logout'),
+    url(r'^captcha/', include('captcha.urls')),
     url(r'^password/forget$', views.UserForgetPasswordView.as_view(), name='forget-password'),
     url(r'^password/forget/sendmail-success$',
         views.UserForgetPasswordSendmailSuccessView.as_view(), name='forget-password-sendmail-success'),
diff --git a/apps/users/views.py b/apps/users/views.py
index 4a3c6da33..8680f220f 100644
--- a/apps/users/views.py
+++ b/apps/users/views.py
@@ -4,7 +4,7 @@ from __future__ import unicode_literals
 
 import logging
 
-from django.shortcuts import get_object_or_404, reverse, render, Http404
+from django.shortcuts import get_object_or_404, reverse, render, Http404, redirect
 from django.http import HttpResponseRedirect
 from django.urls import reverse_lazy
 from django.db.models import Q
@@ -15,6 +15,7 @@ from django.views.generic.detail import DetailView
 from django.contrib.messages.views import SuccessMessageMixin
 from django.conf import settings
 from django.http import HttpResponseRedirect
+from django.contrib.auth import views as auth_view, authenticate, login
 
 from common.utils import get_object_or_none
 
@@ -26,6 +27,30 @@ from .utils import AdminUserRequiredMixin, ssh_key_gen, user_add_success_next, s
 logger = logging.getLogger('jumpserver.users.views')
 
 
+class UserLoginView(FormView):
+    template_name = 'users/login.html'
+    form_class = UserLoginForm
+    redirect_field_name = 'next'
+
+    def get(self, request, *args, **kwargs):
+        if self.request.user.is_staff:
+            return redirect(request.GET.get(self.redirect_field_name, reverse('index')))
+        return super(UserLoginView, self).get(request, *args, **kwargs)
+
+    def post(self, request, *args, **kwargs):
+        form = self.get_form()
+        username = form['username'].value()
+        password = form['password'].value()
+
+        user = authenticate(username=username, password=password)
+        if user is None:
+            kwargs.update({'errors': '账号密码不正确'})
+            return self.get(request, *args, **kwargs)
+
+        login(request, user)
+        return redirect(request.GET.get(self.redirect_field_name, reverse('index')))
+
+
 class UserListView(AdminUserRequiredMixin, ListView):
     model = User
     paginate_by = settings.CONFIG.DISPLAY_PER_PAGE