diff --git a/openedx/core/djangoapps/user_authn/views/login.py b/openedx/core/djangoapps/user_authn/views/login.py
index 384f33e8e6..3c8ad24219 100644
--- a/openedx/core/djangoapps/user_authn/views/login.py
+++ b/openedx/core/djangoapps/user_authn/views/login.py
@@ -119,17 +119,30 @@ def _check_excessive_login_attempts(user):
def _generate_locked_out_error_message():
+ """
+ Helper function to generate error message for users consumed all
+ login attempts.
+ """
locked_out_period_in_sec = settings.MAX_FAILED_LOGIN_ATTEMPTS_LOCKOUT_PERIOD_SECS
- raise AuthFailedError(Text(_('To protect your account, it’s been temporarily '
- 'locked. Try again in {locked_out_period} minutes.'
- '{li_start}To be on the safe side, you can reset your '
- 'password {link_start}here{link_end} before you try again.')).format(
- link_start=HTML(''),
- link_end=HTML(''),
- li_start=HTML(''),
- li_end=HTML(''),
- locked_out_period=int(locked_out_period_in_sec / 60)))
+ if not should_redirect_to_logistration_mircrofrontend: # pylint: disable=no-else-raise
+ raise AuthFailedError(Text(_('To protect your account, it’s been temporarily '
+ 'locked. Try again in {locked_out_period} minutes.'
+ '{li_start}To be on the safe side, you can reset your '
+ 'password {link_start}here{link_end} before you try again.')).format(
+ link_start=HTML(''),
+ link_end=HTML(''),
+ li_start=HTML(''),
+ li_end=HTML(''),
+ locked_out_period=int(locked_out_period_in_sec / 60)))
+ else:
+ raise AuthFailedError(Text(_('To protect your account, it’s been temporarily '
+ 'locked. Try again in {locked_out_period} minutes.\n'
+ 'To be on the safe side, you can reset your '
+ 'password {link_start}here{link_end} before you try again.\n')).format(
+ link_start=HTML(''),
+ link_end=HTML(''),
+ locked_out_period=int(locked_out_period_in_sec / 60)))
def _enforce_password_policy_compliance(request, user):
@@ -218,18 +231,31 @@ def _handle_failed_authentication(user, authenticated_user):
if not LoginFailures.is_user_locked_out(user):
max_failures_allowed = settings.MAX_FAILED_LOGIN_ATTEMPTS_ALLOWED
remaining_attempts = max_failures_allowed - failure_count
- raise AuthFailedError(Text(_('Email or password is incorrect.'
- '{li_start}You have {remaining_attempts} more sign-in '
- 'attempts before your account is temporarily locked.{li_end}'
- '{li_start}If you\'ve forgotten your password, click '
- '{link_start}here{link_end} to reset.{li_end}'
- ))
- .format(
- link_start=HTML(''),
- link_end=HTML(''),
- li_start=HTML(''),
- li_end=HTML(''),
- remaining_attempts=remaining_attempts))
+ if not should_redirect_to_logistration_mircrofrontend: # pylint: disable=no-else-raise
+ raise AuthFailedError(Text(_('Email or password is incorrect.'
+ '{li_start}You have {remaining_attempts} more sign-in '
+ 'attempts before your account is temporarily locked.{li_end}'
+ '{li_start}If you\'ve forgotten your password, click '
+ '{link_start}here{link_end} to reset.{li_end}'
+ ))
+ .format(
+ link_start=HTML(''),
+ link_end=HTML(''),
+ li_start=HTML(''),
+ li_end=HTML(''),
+ remaining_attempts=remaining_attempts))
+ else:
+ raise AuthFailedError(Text(_('Email or password is incorrect.\n'
+ 'You have {remaining_attempts} more sign-in '
+ 'attempts before your account is temporarily locked.\n'
+ 'If you{quote}ve forgotten your password, click '
+ '{link_start}here{link_end} to reset.\n'
+ ))
+ .format(
+ quote=HTML("'"),
+ link_start=HTML(''),
+ link_end=HTML(''),
+ remaining_attempts=remaining_attempts))
else:
_generate_locked_out_error_message()
@@ -287,6 +313,30 @@ def _track_user_login(user, request):
)
+def _create_message(site, root_url, allowed_domain):
+ """
+ Helper function to create error message for those users that belongs
+ to an allowed domain and not whitelisted then ask such users to login
+ through allowed domain SSO provider.
+ """
+ msg = Text(_(
+ u'As {allowed_domain} user, You must login with your {allowed_domain} '
+ u'{link_start}{provider} account{link_end}.'
+ )).format(
+ allowed_domain=allowed_domain,
+ link_start=HTML("").format(
+ root_url=root_url if root_url else '',
+ tpa_provider_link='{dashboard_url}?tpa_hint={tpa_hint}'.format(
+ dashboard_url=reverse('dashboard'),
+ tpa_hint=site.configuration.get_value('THIRD_PARTY_AUTH_ONLY_HINT'),
+ )
+ ),
+ provider=site.configuration.get_value('THIRD_PARTY_AUTH_ONLY_PROVIDER'),
+ link_end=HTML("")
+ )
+ return msg
+
+
def _check_user_auth_flow(site, user):
"""
Check if user belongs to an allowed domain and not whitelisted
@@ -306,20 +356,11 @@ def _check_user_auth_flow(site, user):
# If user belongs to allowed domain and not whitelisted then user must login through allowed domain SSO
if user_domain == allowed_domain and not AllowedAuthUser.objects.filter(site=site, email=user.email).exists():
- msg = Text(_(
- u'As {allowed_domain} user, You must login with your {allowed_domain} '
- u'{link_start}{provider} account{link_end}.'
- )).format(
- allowed_domain=allowed_domain,
- link_start=HTML("").format(
- tpa_provider_link='{dashboard_url}?tpa_hint={tpa_hint}'.format(
- dashboard_url=reverse('dashboard'),
- tpa_hint=site.configuration.get_value('THIRD_PARTY_AUTH_ONLY_HINT'),
- )
- ),
- provider=site.configuration.get_value('THIRD_PARTY_AUTH_ONLY_PROVIDER'),
- link_end=HTML("")
- )
+ if not should_redirect_to_logistration_mircrofrontend():
+ msg = _create_message(site, None, allowed_domain)
+ else:
+ root_url = configuration_helpers.get_value('LMS_ROOT_URL', settings.LMS_ROOT_URL)
+ msg = _create_message(site, root_url, allowed_domain)
raise AuthFailedError(msg)