def test_user_can_create_new_account(self): email = 'steve-o' password = '******' encrypted_password = pwd_context.encrypt(password) rv = self.app.post('/register', data=dict( email=email, password=password)) user = session.query(User).filter(User.email == email).first() self.assertIsNotNone(user) self.assertEqual(user.email, email) pwd_context.verify(encrypted_password, user.password)
def login(): # If a user is already logged in. is_authenticated is a function # of the User class in models.py if g.user.is_authenticated(): return render_template('index.html', message='A user is already logged in.', email=g.user.email, listings=get_listings()) # If the user is sending information (i.e. trying to log in), # checks the selected email against the users in the database. if request.method == 'POST': email = request.form['email'] password = request.form['password'] # queries the database for a user with the email submitted user = session.query(User).filter(User.email == email).first() # if the user was in the database and the password matches, # logs the user in and returns a message. if user is not None and pwd_context.verify(password, user.password): login_user(user) return render_template('index.html', message='Login was successful.', email=user.email, listings=get_listings()) return render_template('index.html', message='Email or password invalid. Please try again.', listings=get_listings()) # returns login form if request method was GET return render_template('login.html')
def _verify_password(plain_password, hashed_password): return pwd_context.verify(plain_password, hashed_password)
def verify_password(self, password): return pwd_context.verify(password, self.password_hash)
def check_password_hash(plain_password: str, hashed_password: str): return pwd_context.verify(plain_password + PASSWORD_SALT, hashed_password)
def verify_password(self, password): """ Check if hashed password matches actual password """ return pwd_context.verify(password, self.password_hash)