Refactor login and logout with built-in views

core/templates/core/base.html

@@ -10,7 +10,7 @@
         {% block header %}
         {% if user.is_authenticated %}Hello, {{ user.username }}!{% endif %}
         <ul>
-            <li><a href="{% url 'core:register' %}">Register</a></li>
+            <li><a href="">Register</a></li>
             <li><a href="{% url 'core:login' %}">Login</a></li>
             <li><a href="{% url 'core:logout' %}">Logout</a></li>
             <li><a href="{% url 'core:user_list' %}">Users</a></li>

core/templates/core/login.html

@@ -1,14 +1,38 @@
 {% extends "core/base.html" %}
 
-{% block title %}{{ title }}{% endblock %}
-
 {% block content %}
-<h1>{{ title }}</h1>
 
-<form action="{% url 'core:login' %}" method="post">
-    {% csrf_token %}
-    {{ form }}
-    <p><input type="submit" value="Login!" /></p>
+{% if form.errors %}
+<p>Your username and password didn't match. Please try again.</p>
+{% endif %}
+
+{% if next %}
+    {% if user.is_authenticated %}
+    <p>Your account doesn't have access to this page. To proceed,
+    please login with an account that has access.</p>
+    {% else %}
+    <p>Please login to see this page.</p>
+    {% endif %}
+{% endif %}
+
+<form method="post" action="{% url 'core:login' %}">
+{% csrf_token %}
+<table>
+<tr>
+    <td>{{ form.username.label_tag }}</td>
+    <td>{{ form.username }}</td>
+</tr>
+<tr>
+    <td>{{ form.password.label_tag }}</td>
+    <td>{{ form.password }}</td>
+</tr>
+</table>
+
+<input type="submit" value="login" />
+<input type="hidden" name="next" value="{{ next }}" />
 </form>
-{% endblock %}
 
+{# Assumes you setup the password_reset view in your URLconf #}
+<p><a href="{% url 'core:password_reset' %}">Lost password?</a></p>
+
+{% endblock %}

core/urls.py

@@ -1,8 +1,9 @@
-from django.conf.urls import url
+from django.conf.urls import url, include
 
 from core.views import *
 
 urlpatterns = [
+    url('^', include('django.contrib.auth.urls')),
     url(r'^$', index, name='index'),
     url(r'^login$', login, name='login'),
     url(r'^logout$', logout, name='logout'),

core/views/user.py

@@ -1,7 +1,9 @@
 # This file contains all the views that concern the user model
 from django.shortcuts import render, redirect, get_object_or_404
 from django.contrib.auth import logout as auth_logout
+from django.contrib.auth import views
 from django.contrib.auth.forms import PasswordChangeForm
+from django.core.urlresolvers import reverse
 import logging
 
 from core.views.forms import RegisteringForm, LoginForm, UserEditForm
@@ -31,28 +33,13 @@ def login(request):
 
     Needs to be improve with correct handling of form exceptions
     """
-    context = {'title': 'Login'}
-    if request.method == 'POST':
-        try:
-            form = LoginForm(request)
-            form.login()
-            context['tests'] = 'LOGIN_OK'
-            return render(request, 'core/index.html', context)
-        except Exception as e:
-            logging.debug(e)
-            context['error'] = "Login failed"
-            context['tests'] = 'LOGIN_FAIL'
-    else:
-        form = LoginForm()
-    context['form'] = form.as_p()
-    return render(request, "core/login.html", context)
+    return views.login(request, template_name="core/login.html")
 
 def logout(request):
     """
     The logout view
     """
-    auth_logout(request)
-    return redirect('core:index')
+    return views.logout_then_login(request)
 
 def user(request, user_id=None):
     """

sith/settings.py

@@ -102,3 +102,5 @@ USE_TZ = True
 
 STATIC_URL = '/static/'
 AUTH_USER_MODEL = 'core.User'
+LOGIN_URL = '/login'
+LOGIN_REDIRECT_URL = '/'