Chapter 4 - Page 170 - Creating a login view

[seyyed-amirreza-hosseini]

There is an issue with this code below:

def user_login(request):
    if request.method == 'POST':
        form = LoginForm(request.POST)
        if form.is_valid():
            cd = form.cleaned_data
            user = authenticate(request, username=cd['username'], password=cd['password'])
            if user is not None:
                if user.is_active:
                    login(request, user)
                    return HttpResponse('Authenticated successfully')
                else:
                    return HttpResponse('Disabled account')
            else:
                return HttpResponse('Invalid login')
    else:
        form = LoginForm()

    return render (request, 'account/login.html', {'form': form})          

The problem is that when the authenticate function is evaluated, it returns a user object if there is an active user in our database.
It means that if we have a user that is in the database but is NOT active, the authenticate function returns "None". As a result, checking if user.is_active after if user is not None is redundant because the authenticate function has already verified the user's active status.

Therefore, the user_login function can be simplified as follows:

def user_login(request):
   if request.method == 'POST':
       form = LoginForm(request.POST)
       if form.is_valid():
           cd = form.cleaned_data
           user = authenticate(request, username=cd['username'], password=cd['password'])
           if user:
               login(request, user)
               return HttpResponse('Authenticated successfully')
           else:
               return HttpResponse('Invalid login')
   else:
       form = LoginForm()

   return render (request, 'account/login.html', {'form': form})