From 2b6a8820e0c9492d00c55dc780bfbb2a2929f03c Mon Sep 17 00:00:00 2001
From: Joshua Laymon <joshlaymon@icloud.com>
Date: Sat, 10 Jan 2026 00:11:45 +0000
Subject: [PATCH] Update web/core/views.py

---
 web/core/views.py | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/web/core/views.py b/web/core/views.py
index 4b788ea..f738e8a 100644
--- a/web/core/views.py
+++ b/web/core/views.py
@@ -53,6 +53,33 @@ EXPECTED_HEADERS = [
     "Date Edited",
 ]
 
+def login_view(request):
+    # Already logged into Django
+    if request.user.is_authenticated:
+        return redirect("search")
+
+    # IMPORTANT:
+    # Only auto-initiate OIDC on a *direct* visit to /login/
+    # Never during the OIDC callback flow
+    if (
+        request.method == "GET"
+        and not request.path.startswith("/oidc/")
+    ):
+        return redirect("oidc_authentication_init")
+
+    # Local login fallback (optional)
+    ctx = {}
+    if request.method == "POST":
+        u = request.POST.get("username")
+        p = request.POST.get("password")
+        user = authenticate(request, username=u, password=p)
+        if user:
+            login(request, user)
+            return redirect("search")
+        ctx["error"] = "Invalid credentials"
+
+    return render(request, "login.html", ctx)
+
 
 def is_admin(user):
     return user.is_superuser or user.is_staff