Merge pull request #2798 from FinnStutzenstein/Issue2654

Cookie handling on login

openslides/core/static/templates/core/login-form.html

@@ -1,4 +1,4 @@
-<form ng-submit="login(username, password)">
+<form ng-submit="login()">
   <div class="modal-header">
     <img src="/static/img/openslides-logo.png" alt="OpenSlides" class="login-logo center-block">
   </div>

openslides/users/static/js/users/site.js

@@ -1486,10 +1486,11 @@ angular.module('OpenSlidesApp.users.site', [
         // login
         $scope.login = function () {
             $scope.alerts = [];
-            $http.post(
+            var data = { 'username': $scope.username, 'password': $scope.password };
-                '/users/login/',
+            if (!navigator.cookieEnabled) {
-                {'username': $scope.username, 'password': $scope.password}
+                data.cookies = false;
-            ).then(
+            }
+            $http.post('/users/login/', data).then(
                 function (response) {
                     // Success: User logged in.
                     operator.setUser(response.data.user_id);

openslides/users/views.py

@@ -164,6 +164,9 @@ class UserLoginView(APIView):
     http_method_names = ['get', 'post']
 
     def post(self, *args, **kwargs):
+        # If the client tells that cookies are disabled, do not continue as guest (if enabled)
+        if not self.request.data.get('cookies', True):
+            raise ValidationError({'detail': _('Cookies have to be enabled to use OpenSlides.')})
         form = AuthenticationForm(self.request, data=self.request.data)
         if not form.is_valid():
             raise ValidationError({'detail': _('Username or password is not correct.')})