More work on users signin

misago/users/forms/auth.py

@@ -19,7 +19,8 @@ class AuthenticationForm(forms.Form, BaseAuthenticationForm):
 
     error_messages = {
         'empty_data': _("You have to fill out both fields."),
-        'invalid_login': _("Your login or password is incorrect. Please try again."),
+        'invalid_login': _("Your login or password is incorrect. "
+                           "Please try again."),
         'inactive': _("This account is inactive."),
     }
 
@@ -45,6 +46,10 @@ class AuthenticationForm(forms.Form, BaseAuthenticationForm):
 
         return self.cleaned_data
 
+    def confirm_login_allowed(self, user):
+        # TODO: CHECK ACTIVATION AND BANS
+        pass
+
 
 class AdminAuthenticationForm(AuthenticationForm):
     required_css_class = 'required'

misago/users/urls.py

@@ -3,5 +3,6 @@ from django.conf.urls import patterns, url
 
 urlpatterns = patterns('misago.users.views.auth',
     url(r'^login/$', 'login', name='login'),
+    url(r'^login/banned/$', 'login_banned', name='login_banned'),
     url(r'^logout/$', 'logout', name='logout'),
 )

misago/users/views/auth.py

@@ -1,4 +1,5 @@
 from django.contrib.auth import authenticate, login
+from django.http import Http404
 from django.shortcuts import render, redirect
 from django.views.decorators.debug import sensitive_post_parameters
 from django.views.decorators.cache import never_cache
@@ -18,7 +19,7 @@ def login(request):
     if request.method == 'POST':
         form = AuthenticationForm(request, data=request.POST)
         if form.is_valid():
-            pass
+            request.session.pop('login_ban', None)
 
     return render(request, 'misago/login.html', {'form': form})
 
@@ -29,3 +30,13 @@ def login(request):
 @never_cache
 def logout(request):
     return redirect('misago:index')
+
+
+@never_cache
+def login_banned(request):
+    try:
+        ban = request.session.['login_ban']
+    except KeyError:
+        Http404()
+
+    return render(request, 'misago/errorpages/banned.html', {'ban': ban})