Authentication Forms¶

newauth provides a BaseAuthForm which can be used to authenticate users. You can simply implement the get_credentials() method on the form and add the needed fields. You can also override the auth_failure key in the default_error_messages dictionary property to provide your own error message.

from django import forms
from django.utils.translation import gettext_lazy as _
from newauth.forms import BaseAuthForm

class AuthForm(BaseAuthForm):
    email = forms.EmailField()
    password = forms.CharField(widget=forms.PasswordInput)

    default_error_messages = {
        'auth_failure': _("Please enter the correct email and password."),
    }

    def get_credentials(self):
        return {
            'email': self.cleaned_data['email'],
            'password': self.cleaned_data['password'],
        }

The authenticated user can be obtained by calling the get_user() method in views after calling the is_valid() method. Here is an example of a very simple example of a login view:

from django.shortcuts import redirect
from newauth.api import login

from account.forms import AuthForm

def mylogin(request):
    form = AuthForm(request.POST or None)
    if request.method == 'POST':
        if form.is_valid():
            user = form.get_user()

            # Login the user
            login(request, user)
            return redirect('/')
    else:
        return ("""<html><body>"""
               """<form action="" method="POST">%s</form"""
               """</body></html>""") % form

In the next section we’ll discuss how to limit access to views to logged-in users.