def index() -> Union[Response, str]:
"""Handle the login process.
Opened with GET:
Check if the user is logged in. If it is, redirect to the app.
Otherwise, render template to log in.
Opened with POST:
Get 'username' parameter from the POST form. Log in user of a given 'username'
and redirect her/him to app if she/he entered valid credentials. Otherwise, show
message that login was unsuccessful.
Returns:
By default, the rendered login page.
If received valid POST form, the rendered app page.
"""
if current_user.is_authenticated:
return redirect(url_for('main.setup_app'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if is_valid_user(user, form):
login_user(user=user, remember=form.remember)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(
url_for('main.setup_app'))
else:
flash('Login Unsuccessful. Incorrect email or password.', 'danger')
return render_template('login.html', form=form)
def login():
form = LoginForm()
# Our form is an instance of LoginForm
if form.validate_on_submit(
): # A built in validator built in to flask-wtf.FlaskForm
return redirect('/')
return render_template('login.html', form=form)
def login():
login_form = LoginForm()
if login_form.validate_on_submit():
flash('Login requested for user {}, remember_me={}'.format(
login_form.username.data, login_form.submit.data))
return redirect('/')
return render_template('login.html', title='Sign in', form=login_form)
def login_route():
if current_user.is_authenticated:
return redirect(url_for('home.index'))
form = LoginForm()
if form.validate_on_submit():
email = form.username.data
password = form.password.data
try:
u = auth.sign_in_with_email_and_password(email, password)
userID = u['localId']
refreshToken = u['refreshToken']
idToken = u['idToken']
user = User(userID, idToken, refreshToken)
login_user(user, remember=form.remember_me.data)
flash('Login requested for user {}, remember_me={}'.format(
form.username.data, form.remember_me.data))
return redirect(url_for('home.index'))
except Exception:
flash('Invalid username or password')
return redirect(url_for('login.login_route'))
return render_template('login.html', title='Sign In', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
login_user(form.user)
if 'admin' in current_user.permissions:
return redirect(url_for('admin.index'))
return redirect(url_for('index'))
return render_template('public/login.html', form=form)
def post(self):
form = LoginForm(request.form)
if not form.validate_on_submit():
save_form_to_session(request.form)
return redirect(url_for("LoginView:show"))
if do_login(username=form.username.data, password=form.password.data):
return redirect(url_for("IndexView:index"))
else:
return redirect(url_for("LoginView:show"))
def login_page():
if current_user.is_authenticated:
return redirect("/")
form = LoginForm()
if form.validate_on_submit():
try:
log_in(form.login.data, form.password.data, form.remember_me.data)
return redirect("/")
except InvalidLoginOrPassword as e:
form.password.errors.append(str(e))
return render_template("user/login.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password')
return redirect(url_for('login'))
login_user(user, remember=form.remember_me.data)
return redirect(url_for('index'))
return render_template('login.html', title='Sign In', form=form)
def login():
"""登录视图"""
# 判断用户是否为已登录状态
# 如果用户已登录则跳转回首页
if current_user.is_authenticated:
return redirect(url_for('web.index'))
# 实例化 LoginForm 表单类,并且向它传递一个参数
# request 对象可以用来获取客户端传递的各种数据
# request.form 就是得到前端表单中填写的数据
# 向表单类传递 request.form 不是必须的,但是如果登录失败,用户填写的数据会保留在表单的输入框中,增加用户体验
# 保留用户填写的数据除了要在这里传入 request.form,前端表单也需要接收,后面会提到
form = LoginForm(request.form)
# flask-wtf 独有的方法,它等同于下面这种写法:
# if request.method == 'POST' and form.validate():
if form.validate_on_submit():
# 表单校验成功,去 admin 表中查询是否有 username 与表单 username 匹配的记录
admin = Admin.query.filter_by(username=form.username.data).first()
# 判断记录是否存在并判断密码是否匹配
# check_password 是我们最开始就写好的校验密码的方法
if admin and admin.check_password(form.password.data):
# 配置 session 的 permanent 的值为 True
# 使 PERMANENT_SESSION_LIFETIME 配置项生效
session.permanent = True
# 如果有这条记录,且密码匹配,处理代码写在这里
# 数据校验通过,执行 login_user 方法
# 这个方法有一个必须参数,就是登录用户的查询实例
# remember 参数控制是否记住用户,也就是浏览器关闭之后,再次打开,是否保留登录状态
login_user(admin, remember=form.remember.data)
# 通过 request.args.get 获取 next 参数值
# 自动生成的 next 参数值是一个相对链接
# 也就是类似 `/admin` 这种形式的
next_url = request.args.get('next')
# 如果 next_url 没有值或者 next_url 不是以 `/` 开头的话
# next_url 的值就等于 url_for('web.index')
# 否则 next_url 的值就是 next 参数的值
# url_for 方法接受视图的 endpoint 作为参数,返回的是视图的相对链接
if not next_url or not next_url.startswith('/'):
next_url = url_for('web.index')
# 通过 redirect 执行重定向
return redirect(next_url)
else:
# 如果数据库中没有相应的记录或者密码不匹配,处理代码写在这里
flash('登录失败!请检查用户名或密码', 'error')
# 渲染登录页面模板,并传递表单实例
return render_template('login/login.html', form=form)
def login():
"""
Login page.
:return: Login template.
"""
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
session['remember_me'] = form.remember_me.data
return tryLogin(User.query.get(form.username.data), form.password.data)
return render_template('login.html', title='Sign In', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash(f'No se encuentra el usuario')
return redirect(url_for('login'))
login_user(user, remember=form.remember_me.data)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('views/login.html', title='Login', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index_user'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password_hash.data):
flash('Username atau password salah')
return redirect(url_for('login'))
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index_user')
return redirect(next_page)
return redirect(url_for('index_user'))
return render_template('user/login.html', title='Log In', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('dashboard.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password')
return redirect(url_for('auth.login'))
login_user(user, remember=form.remember_me.data)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('dashboard.index')
return redirect(next_page)
return render_template('auth/login.html', title=('Sign In'), form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
# se o usuario existe
user = User.query.filter_by(email=form.email.data).first()
if user and user.password == form.password.data:
login_user(user)
flash('Seja bem vindo(a) ' + current_user.name)
db.session.add(user)
db.session.commit()
return redirect(url_for('getVagas'))
else:
flash('Informações inválidas.')
else:
print(form.errors)
return render_template('usuario/login.html', form=form)
def login():
"""login screen"""
if current_user.is_authenticated:
return redirect(url_for('home'))
form = LoginForm()
if form.validate_on_submit():
user = SiteUser.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('invalid username or password')
return redirect(url_for('login'))
login_user(user, remember=form.remember_me.data)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('home')
return redirect(next_page)
return render_template('login.html', title='sign in', form=form)
def login():
"""
Login page.
:return: Login template.
"""
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
session['remember_me'] = form.remember_me.data
return tryLogin(User.query.get(form.username.data), form.password.data)
return render_template('login.html',
title='Sign In',
form=form)
def login():
"""Route to the login page"""
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid user name or password')
return redirect(url_for('auth.login'))
login_user(user, remember=form.remember_me.data)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('profile.user', nickname=user.nickname)
return redirect(next_page)
return render_template('login.html', title='Sign In', form=form)
def users_login():
""" Login page """
if current_user.is_authenticated():
return redirect(url_for('index_home'))
form = LoginForm()
if form.validate_on_submit():
user = User.find_by_name(form.username.data)
if user is None or not user.is_valid_password(form.password.data):
flash('Invalid username or password', 'danger')
elif login_user(user, remember=form.remember.data):
# Enable session expiration only if user hasn't chosen to be remembered.
session.permanent = not form.remember.data
return redirect(request.args.get('next') or url_for('index_home'))
elif form.errors:
flash('Invalid username or password', 'danger')
return render_template('users/login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = Profesor.query.filter_by(email=form.email.data).first()
if user is None:
flash(f'No se encuentra el correo del profesor')
return redirect(url_for('login'))
if not user.check_password(form.password.data):
flash(f'La clave ingresada es erronea')
return redirect(url_for('login'))
login_user(user, remember=form.remember_me.data)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('views/login.html', title='Login', form=form)
def login():
form = LoginForm()
if request.method == 'GET':
return render_template('login.html', form=form, page_title=lazy_gettext(u'Log in'),
get_text=lazy_gettext)
elif request.method == 'POST':
if form.validate_on_submit():
user = User.objects(username=form.username.data).first()
if user:
if user.password == form.password.data:
login_user(user)
return redirect('/admin')
else:
form.password.errors.append("Wrong Password")
else:
form.username.errors.append("user doesn't exist")
return render_template('login.html', form=form, page_title=lazy_gettext(u'Log in'),
get_text=lazy_gettext)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
query = User.query
user = query.filter_by(name=data['name'])
count = user.count()
result = query.first()
if count == 0:
flash("用户不存在", "error")
if not result.verify_password(data['password']):
flash("密码不正确", "error")
return redirect(url_for("admin.login"))
if request.method == "POST":
session['name'] = data['name']
session['id'] = result.id
return redirect(
request.args.get("next") or url_for("admin.article"))
return render_template("admin/login.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
login_form = LoginForm(request.form)
if login_form.validate_on_submit():
user = User.query.filter_by(email=request.form["email"]).first()
if user is None or not user.check_password(request.form["password"]):
flash("Invalid username or password")
return redirect(url_for("auth.login"))
remember_me = False
if "remember_me" in request.form:
remember_me = True
login_user(user, remember=remember_me)
next_page = request.args.get("next")
if not next_page or url_parse(next_page).netloc != "":
next_page = url_for("index")
return redirect(next_page)
flash_form_errors(login_form)
return render_template("login.html", page_title="Log in", form=login_form)
def login():
form = LoginForm()
if form.validate_on_submit():
try:
user = User.query.filter_by(username=form.username.data).first()
if user is None:
raise UserNotFoundException()
user.verify_password(form.password.data)
except Exception:
form.username.errors.append("Invalid credentials")
form.password.errors.append("Invalid credentials")
else:
login_user(user)
return redirect(url_for("main.list_chatrooms"))
return render_template("auth/login.html", form=form)
def login():
if current_user.is_authenticated():
return redirect('/')
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None and user.check_password(form.password.data):
if login_user(user, remember=form.remember.data):
# Enable session expiration only if user hasn't chosen to be
# remembered.
session.permanent = not form.remember.data
flash(_('Logged in successfully!'), 'success')
return redirect('/')
else:
flash(_('This username is disabled!'), 'error')
else:
flash(_('Wrong username or password!'), 'error')
return render_template('users/login.html', version='0.1', form=form)
def login():
if current_user.is_authenticated():
return redirect('/')
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None and user.check_password(form.password.data):
if login_user(user, remember=form.remember.data):
# Enable session expiration only if user hasn't chosen to be
# remembered.
session.permanent = not form.remember.data
flash(_('Logged in successfully!'), 'success')
return redirect('/')
else:
flash(_('This username is disabled!'), 'error')
else:
flash(_('Wrong username or password!'), 'error')
return render_template('users/login.html', version=app.config['SAGEO_VERSION'], form=form)
def login():
"""登录视图"""
# 如果用户已登录则跳转回首页
if current_user.is_authenticated:
return redirect(url_for('web.index'))
form = LoginForm(request.form)
if form.validate_on_submit():
admin = Admin.query.filter_by(username=form.username.data).first()
if admin and admin.check_password(form.password.data):
# 使 PERMANENT_SESSION_LIFETIME 配置项生效
session.permanent = True
login_user(admin, remember=form.remember.data)
# 登录后重定向,预防重定向攻击
next_url = request.args.get('next')
if not next_url or not next_url.startswith('/'):
next_url = url_for('web.index')
return redirect(next_url)
else:
flash('登录失败!请检查用户名或密码', 'error')
return render_template('login/login.html', form=form)
def login():
if current_user.is_active:
return redirect(url_for("web.login+login_success"))
form = LoginForm()
if form.validate_on_submit():
csrf_token = session.get("csrf_token")
server_code = redis_store.get(csrf_token)
if server_code is None:
flash("验证码失效,请从新登录")
return redirect(url_for("web.login+login"))
if server_code != form.verification.data.lower():
flash("验证码错误")
return redirect(url_for("web.login+login"))
user = User.query.filter_by(username=form.username.data).first()
if user:
redis_store.delete(csrf_token)
if user.check_password(form.password.data):
login_user(user)
next = request.args.get("next")
if next and next.startswith("/"):
return redirect(next)
return redirect(url_for("web.login+login_success"))
else:
flash("密码错误")
return redirect(url_for("web.login+login"))
else:
flash("账号不存在")
return redirect(url_for("web.login+login"))
code = randon_code()
redis_store.set(session.get("csrf_token"),
code.lower(),
ex=current_app.config.get("VERIFICATION_TIMEOUT", 300))
return render_template("login/login.html", form=form, code=code)
def login():
form = LoginForm()
if form.validate_on_submit():
return redirect('/')
return render_template('login.html', form=form)
