Sanify authentication

[elizabethyalkut]

I need a way to detect if a user is authenticated as a community partner. The is_authenticated test works only for the editor/admin user groups, as I understand the documentation.

[birkin]

@elizabethyalkut Re the title, I'm not aware of a user-reported problem with authentication.

The logic has been:

• Always have research-assistants start at the /login url. Logging in there for data-entry work gives them seamless access to the browse page.
• Always have community-partners start at the /browse url.

Given that, landing at the browse-page performs a check.

• If the person has logged-in via the login-page, the browse-page displays.
• Otherwise, if the person has logged-in via the /browse-page login-form, the browse-page displays.

If a person lands at the browse-page and neither of the above two checks indicate the person has logged in, the assumption is that this is a Community Partner (because research-assistants always start at the /login url), and the browse-page displays the community-partner login-form.

Regarding code...

• The research-assistant login-check is here -- request.user.is_authenticated is the check.
• The community-partner login-check is here.
  • If that session-variable indicates the person hasn't logged in, the Community-Partner login-form appears. On submission, if the login is legit, that session-variable is set, here.

Let me know if there's something else you need beyond those two checks.