def login():
username = request.form['username']
password = request.form['password']
action = request.form['action']
if action == 'Login':
user = check_password(username, password)
if user is not None:
session['session_id'] = user['id']
session['user_id'] = user['id']
session['logged_in'] = True
session['username'] = user['username']
session['is_admin'] = (user.get('group_id') == app.config['ADMIN_GROUP_ID'])
flash('Welcome ' + user['username'], 'flash')
else:
flash('Login failed.', 'error')
elif action =='Register':
username = request.form['username']
password = request.form['password']
check = query_db('SELECT * FROM users WHERE username = ?', [username], one=True)
if check is None:
create_user(username, password)
flash('You successfully registered as ' + username, 'flash')
else:
flash('Your username, ' + username + ', is already taken.', 'error')
return redirect(url_for('home'))
def login():
username = request.form.get('username', '')
password = request.form.get('password', '')
user = db.check_password(username, password)
exists = db.find_user(username)
port = find_open_port()
if port is None:
return abort(503)
if exists and user:
t = binascii.hexlify(os.urandom(16)).decode('ascii')
ws_ports[port] = 1 # placeholder
tokens[t] = port
usernames[t] = username
return jsonify({'token': t})
elif exists:
return abort(403)
elif username and password and meets_requirements(username):
db.create_user(username, password)
t = binascii.hexlify(os.urandom(16)).decode('ascii')
ws_ports[port] = 1 # placeholder
tokens[t] = port
usernames[t] = username
return jsonify({'token': t})
else:
return abort(400)
def login():
if request.method == 'GET':
return render_template('login.html', title='Login')
email = request.form['email']
if db.check_password(email,request.form['password']):
user_dict=db.get_user(email)
user = User()
user.id = user_dict['email']
user.name= user_dict['email']
login_user(user)
if 'url' in session:
return redirect(session['url'])
else:
return 'you have logged in the makrup service'
return 'Bad login'
def request_loader(request):
email = request.form.get('email')
user_dict=db.get_user(email)
if user_dict is None:
return
user = User()
user.id = user_dict['email']
user.name=user_dict['email']
user.is_authenticated = db.check_password(email,request.form['password'])
return user
def changepassword():
password=request.form['old_password']
username= session['username']
if db.check_password(username,password) == False:
print(request.form['new_password'])
error = 'Invalid password'
print("1")
elif request.form['new_password'] != request.form['confirm_password']:
error = 'Inputted password and confirmed password, must match'
print("olikA LÖSEN")
else:
print("2")
db.change_password(session['username'],request.form['new_password'])
print("3")
return redirect(url_for('userinfo(username)'))
def login():
if request.method == "GET":
return render_template("login.html",
url=url_for("login",
next=request.args.get("next", "/")))
else:
try:
if not require_fields("username", "password"):
raise AppError("必填项未填")
session["user"] = db.check_password(request.form["username"],
request.form["password"])
target = request.args.get("next", "/")
return redirect(target)
except AppError as e:
db.log("login_failure", username=request.form.get("username"))
return render_template("login.html", errors=(e.message, ))
def logged_in_page(user_t,pass_t,root2):
flag=False
if db.check_userid(user_t.get()) :
passw = db.check_password(user_t.get())
label = tk.Label(root2, text = 'Incorrect password' , font = ('Arial',8,'normal'), fg = 'red')
if pass_t.get() == passw:
print("logged in")
label['text'] = ''
#root2.update_idletasks()
foo(root2 , user_t.get())
else:
label.pack()
label.place(x = 200, y = 210)
pass_t.delete(0,len(pass_t.get()))
else:
msg = tk.Tk()
l = tk.Label(msg, text = "Invalid user id!", font = ("Arial", 12, "normal"))
l.pack()
msg.mainloop()
def login():
"""
Function that controls the login of users of the website.
It takes in the parameters of username and password from the website login form.
If succesful, it redirects you to the logged in view.
:return: :rtype: Returns the redirect to the homepage, if you're logged in
else it renders the login.html and sends an error message.
"""
error = None
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
if db.check_password(username,password) == False:
error = 'Invalid password or username'
flash('Invalid password or username')
else:
session['logged_in'] = True
flash('You were logged in')
return redirect(url_for('index'))
return render_template('login.html', error=error)
def logged_in_page(user_t,pass_t,root2):
flag=False
if db.check_userid(user_t.get()) :
passw = db.check_password(user_t.get())
label = tk.Label(root2, text = 'Incorrect password' , font = ("Segoe Script", 8,"normal"), fg = 'red')
if pass_t.get() == passw:
emp_l = tk.Label(root2, text = '')
print("logged in")
emp_l.pack()
emp_l.place(x = 200, y = 210)
foo(root2 , user_t.get())
else:
label.pack()
label.place(x = 200, y = 210)
pass_t.delete(0,len(pass_t.get()))
else:
msg = tk.Tk()
msg.bell()
l = tk.Message(msg, text = "Invalid user id!", font = ("Segoe Script", 10,"bold"))
l.pack(expand = True)
l.config(bg = "black", fg = "white")
msg.mainloop()
def update_profile():
error = ''
flash_msg = ''
cur_pass = request.args.get('cur_pass')
if cur_pass is None:
pass
elif cur_pass == '':
error = 'You must always provide your current password.'
else:
q = check_password(session['username'], cur_pass)
if q is None:
error = 'Current password was incorrect. No operation was executed.'
else:
set_query = ''
query_params = list()
new_pass1 = request.args.get('new_pass1')
new_pass2 = request.args.get('new_pass2')
old_signature = q['signature']
new_signature = request.args.get('signature')
coins_buy = request.args.get('buycoins')
coins_sell = request.args.get('sellcoins')
coins_trade_amt = request.args.get('tradecoins_amt')
coins_trade_dest= request.args.get('tradecoins_dest')
coins = start_coins = q['coins']
if new_pass1 != '':
if new_pass1 != new_pass2:
error += 'New passwords do not match. Password was not changed.<br>'
else:
set_query += 'password = ?, '
query_params.append(new_pass1)
flash_msg += 'Password changed.<br>'
if old_signature != new_signature:
set_query += 'signature = ?, '
query_params.append(new_signature)
flash_msg += 'Signature changed.<br>'
if coins_buy:
if coins_buy.isdigit():
coins += int(coins_buy)
flash_msg += 'Purchased %s coins.<br>' % coins_buy
else:
error += 'Could not buy coins. The value given was invalid.<br>'
if coins_sell:
if coins_sell.isdigit():
coins -= int(coins_sell)
flash_msg += 'Sold %s coins.<br>' % coins_sell
else:
error += 'Could not sell coins. The value given was invalid.<br>'
if coins_trade_dest:
trade_dest = query_db('SELECT id FROM users WHERE username = ?', [coins_trade_dest], one=True)
if trade_dest is not None:
if coins_trade_amt.isdigit():
coins -= int(coins_trade_amt)
query_db('UPDATE users SET coins = ? WHERE id = ?', [coins_trade_amt, trade_dest['id']])
flash_msg += 'Transferred %s coins to %s.<br>' % [coins_trade_amt, coins_trade_dest]
else:
error += 'Could not trade coins. The value given was invalid.<br>'
else:
error += 'Could not trade coins. The recipient does not exist.<br>'
set_query += 'coins = ? '
if coins < 0:
query_params.append(start_coins)
error += 'Unable to process transaction. You do not have enough coins.<br>'
else:
query_params.append(coins)
query_params.append(session['user_id'])
if set_query != '':
query_db('UPDATE users SET ' + set_query + 'WHERE id = ?', query_params)
if error != '':
flash(Markup(error), 'error')
if flash_msg != '':
flash(Markup(flash_msg), 'flash')
coins = query_db('SELECT coins FROM users WHERE id = ?', [session['user_id']], one=True)['coins']
return render_template('update_profile.html', coins=coins)
