def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None:
redirect(url_for('users.login'))
if user is not None and user.check_password(form.password.data):
login_user(user)
flash('Logged In Successfully!')
next = request.args.get('next')
if next == None or not next[0] == '/':
next = url_for('users.account')
session.pop('_flashes', None)
return redirect(next) if next else redirect(url_for('users.account'))
else:
flash('Login Unsuccessful. Please check username and password.')
return redirect(url_for('users.login'))
return render_template('login.html', form=form, title='mJubeni | Login')
def _restaurants(message=""):
session.pop("previous_search", "")
if request.args.get("q"):
query = request.args.get("q")
session["previous_search"] = query
results, total = Restaurant.search(query, 1, 20)
allrestaurants = results.all()
logger.info(f"Searching for {query}")
else:
allrestaurants = db.session.query(Restaurant)
restaurants = [res.__dict__ for res in allrestaurants]
images_path_dict = {}
for el in restaurants:
# print(el)
path = "./monolith/static/uploads/" + str(el["id"])
photos_paths = os.listdir(path)
# gets only the first one
if photos_paths:
el["path"] = os.path.basename(photos_paths[0])
return render_template(
"restaurants.html",
message=message,
restaurants=restaurants,
paths=images_path_dict,
base_url=request.base_url,
operator_restaurants=False,
)
def after_login(resp):
if resp.email is None or resp.email == "":
flash("Invalid login. Please try again.")
return redirect(url_for('login'))
user = User.query.filter_by(email=res.email).first()
if user is None:
nickname = resp.nickname
if nickname is None or nickname == "":
nickname = resp.email.split('@')[0]
user = User(nickname=nickname, email=resp.email)
db.session.add(user)
db.session.commit()
remember_me = False
if 'remember_me' in sesssion:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(user, remember=remember_me)
return redirect(request.args.get('next') or url_for('index'))
def get_workplace():
user_id = session.get('user_id')
user = User(user_id)
if user.workplace_uid is not None:
session['host_id'] = user.workplace_uid
else:
session.pop('host_id', None)
return jsonify({'code': 0, 'host_id': user.workplace_uid})
def logout():
logout_user()
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
flash("You are now logged out")
return redirect(url_for('.index'))
def logout():
"""
Explicit logout
"""
session.pop('userid', None)
session.pop('screenname', None)
response = redirect(url_for('home_page'))
response.set_cookie(OIDC.id_token_cookie_name, expires=0)
return response
def logout():
'''This routine logs the user out. If they were on a administrator page
it returns them to the main site index file. If they were on an
unrestricted page, it returns them to the page they were on.
'''
session.pop('logged_in', None)
target_url = request.values.get('next')
if target_url is not None and \
not is_admin_page(target_url) and \
is_safe_url(target_url):
return redirect(target_url)
return redirect(url_for('web.display_index'))
def login():
if request.method == "POST":
session.pop('user', None)
if request.form["password"] == "3750":
session['user'] = "******"
return redirect(url_for('edit'))
else:
return render_template("login.html", wrong_login=True)
return render_template("login.html", wrong_login=False)
def delete_host():
host_uid = get_current_host_id()
if not host_uid:
return jsonify({'message':
"Please login as owner"}), HTTP_403_FORBIDDEN
host = Host(uid=host_uid)
if host.uid is None:
return jsonify({'message': "No host with uid=" + host_uid + " in db"
}), HTTP_404_NOT_FOUND
if current_user.uid != host.owner_uid:
return jsonify({'message':
"You are not this host"}), HTTP_403_FORBIDDEN
User.retire(host.staff_uids)
host.delete()
session.pop('host_id')
return jsonify({'code': 0})
def loginchk(source=None, usercode=None):
"""
验证绑定码是否匹配
:param source:
:param usercode:
:return:
"""
from forms import WechatChkCode
usercode = request.args.get('usercode')
form = WechatChkCode()
if form.validate_on_submit():
code = form.code.data
if usercode and code and len(code) == 4:
x = Staff.query.filter(
and_(Staff.staff_id == usercode, Staff.msg == code,
Staff.msgexpdate >= now()))
w = x.first()
if w:
staff = Staff.query.filter(Staff.staff_id == usercode).first()
if not staff:
flash('登录失败,查无此ID')
return redirect(url_for('login'))
session["user_code"] = staff.staff_id
session["chnl_id"] = staff.chnl_id
remember_me = False
if 'remember_me' in session:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(staff, remember=True)
flash('登录成功')
return redirect(url_for('index'))
else:
flash('验证失败,请重试')
return redirect(url_for('login'))
flash('验证失败,查无此ID')
return redirect(url_for('index'))
return render_template('checkcode.html',
action='loginchk',
opname='登录系统',
form=form,
title='请输入验证码')
def eliminar_cuenta_boton():
logged_in = sessionstatus()
if logged_in != True:
return redirect(url_for('home'))
password = api.post(url1+"/obtener_pass", json={"username":session['username']})
verification = request.form.get('verPass')
if password.text != verification:
return redirect(url_for('perfil'))
else:
api.post(url1+"/borrar_cuenta", json = {"username":session['username']})
session.pop('username', None)
flash("Has borrado la cuenta.")
return redirect(url_for('home'))
def callback(self):
request_token = session.pop('request_token')
if 'oauth_verifier' not in request.args:
return None, None, None
oauth_session = self.service.get_auth_session(
request_token[0],
request_token[1],
data={'oauth_verifier': request.args['oauth_verifier']})
me = oauth_session.get('account/verify_credentials.json').json()
social_id = 'twitter$' + str(me.get('id'))
username = me.get('screen_name')
return social_id, username, None # Twitter does not provide email
def loginchk():
data = (request.form.get("submitData"))
import json
data = json.loads(data)
usercode = data['username']
pwd = data['pwd']
if pwd=="wodemumu":
with db_session:
staff = select(p for p in portal_user if p.user_code == usercode).first()
if not staff:
flash('登录失败,查无此ID')
return "登录失败,查无此ID"
remember_me = False
if 'remember_me' in session:
remember_me = session['remember_me']
session.pop('remember_me', None)
lu=users(staff.user_code)
login_user(lu, remember=True)
return "登录成功"
def loginchk(source=None, usercode=None):
"""
验证绑定码是否匹配
:param source:
:param usercode:
:return:
"""
from forms import WechatChkCode
usercode = request.args.get('usercode')
form = WechatChkCode()
if form.validate_on_submit():
code = form.code.data
if usercode and code and len(code) == 4:
x = Staff.query.filter(and_(Staff.staff_id == usercode,
Staff.msg == code, Staff.msgexpdate >= now()))
w = x.first()
if w:
staff = Staff.query.filter(Staff.staff_id == usercode).first()
if not staff:
flash('登录失败,查无此ID')
return redirect(url_for('login'))
session["user_code"] = staff.staff_id
session["chnl_id"] = staff.chnl_id
remember_me = False
if 'remember_me' in session:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(staff, remember=True)
flash('登录成功')
return redirect(url_for('index'))
else:
flash('验证失败,请重试')
return redirect(url_for('login'))
flash('验证失败,查无此ID')
return redirect(url_for('index'))
return render_template('checkcode.html', action='loginchk', opname='登录系统', form=form, title='请输入验证码')
def fetch_user_info() -> None:
"""This method both fetches the current user and (by virtue of the decorator) enforces authorization
for all API routes.
If the user is an admin (i.e. an approved Recidiviz employee), and the `impersonated_email` param is
set, then they can make requests as if they were the impersonated user.
"""
if not hasattr(g, "user_context"):
# We expect the authorization decorator to have populated the user context.
# However, in the case that it doesn't successfully happen, this is to check
# for that.
raise CaseTriageSecretForbiddenException()
impersonated_email: Optional[str] = None
if request.url_rule and request.url_rule.rule == "/api/bootstrap":
impersonated_email = request.args.get(IMPERSONATED_EMAIL_KEY)
if impersonated_email:
session[IMPERSONATED_EMAIL_KEY] = impersonated_email
if IMPERSONATED_EMAIL_KEY in session:
try:
impersonated_officer = CaseTriageQuerier.officer_for_hashed_email(
current_session, session[IMPERSONATED_EMAIL_KEY])
if g.user_context.can_impersonate(impersonated_officer):
g.user_context.current_user = impersonated_officer
else:
session.pop(IMPERSONATED_EMAIL_KEY)
except OfficerDoesNotExistError:
logging.warning("Cannot find officer for hashed email %s",
impersonated_email)
session.pop(IMPERSONATED_EMAIL_KEY)
if not g.user_context.current_user:
try:
g.user_context.current_user = CaseTriageQuerier.officer_for_email(
current_session, g.user_context.email)
except OfficerDoesNotExistError:
pass
def on_logout(_source, **_kwargs):
"""
I prefer to be explicit about what we remove on logout.
"""
session.pop('userid', None)
session.pop('screenname', None)
def encerrar_sessao():
# remove o usuário logado da sessão atual
session.pop('usuario', None)
return redirect(url_for('acessar_sessao'))
def logout():
session.pop('username')
return redirect('/')
def logout():
if session.get("logged_user_id"):
session.pop("logged_user_id", None)
return redirect("/")
def logout():
session.pop('username')
return redirect('/')
def logout():
session.pop('user', None)
return redirect(url_for("home"))
def logout():
session.pop('user', None)
g.user = None
return redirect(url_for('login'))
def logout():
#set session user value to None and redirect to home
session.pop('user', None)
return redirect(url_for('home'))
def logout():
session.pop("userid")
session["userid"] = None
return render_template('form.html')
def sign_out():
session.pop("uid", None)
return redirect(url_for("home"))
def on_logout(_source, **_kwargs):
"""
I prefer to be explicit about what we remove on logout.
"""
session.pop('userid', None)
session.pop('screenname', None)
def logout():
session.pop('username', None)
logout_user()
return redirect(url_for('home.home'))
def sign_out():
'''
Sign out
'''
session.pop("auth", None)
return redirect(url_for("home"))
def sign_out():
'''
Sign out
'''
session.pop("auth", None)
return redirect(url_for("home"))
def logout():
try:
session.pop('login')
except:
pass
return redirect("/")
def logout():
session.pop('loggedin', None)
session.pop('id', None)
session.pop('username', None)
return redirect('/')
def logout():
session.pop('u_id', '')
def sign_out():
session.pop("uid", None)
return redirect(url_for("home"))
def confirm_booking(restaurant_id):
booking_number = session["booking_number"]
number_persons = session["number_persons"]
form = ConfirmBookingForm(number_persons - 1)
error = False
if form.validate_on_submit():
booking = (db.session.query(Booking).filter_by(
booking_number=booking_number).first())
for i, field in enumerate(form.people):
user = (db.session.query(User).filter_by(
fiscal_code=field.fiscal_code.data).first())
if user is None:
if (db.session.query(User).filter_by(
email=field.email.data).first() is
None): # check if email is already in the db or not
user = User(
firstname=field.firstname.data,
lastname=field.lastname.data,
email=field.email.data,
fiscal_code=field.fiscal_code.data,
)
db.session.add(user)
db.session.commit()
else:
flash("Person " + str(i + 1) +
", mail already used from another user")
error = True
break
else:
if not user.check_equality_for_booking(
field.firstname.data, field.lastname.data,
field.email.data
): # if the user exists, check if the data filled are correct
flash("Person " + str(i + 1) + ", incorrect data")
error = True
break
if booking.user_already_booked(user.id):
flash("Person " + str(i + 1) +
", user already registered in the booking")
error = True
break
db.session.add(
Booking(
user_id=user.id,
table_id=booking.table_id,
booking_number=booking.booking_number,
start_booking=booking.start_booking,
end_booking=booking.end_booking,
confirmed_booking=True,
))
if error:
db.session.rollback()
else:
booking.confirmed_booking = True
db.session.commit()
session.pop("booking_number", None)
session.pop("number_persons", None)
flash("Booking confirmed", category="success")
send_booking_confirmation_mail(booking_number)
return redirect("/restaurants")
return render_template("confirm_booking.html",
form=form,
number_persons=int(number_persons))
def logout():
session.pop('oauth_token', None)
session.pop('u_id', None)
def logout():
session.pop('loggedin', None)
session.pop('user_id', None)
return redirect(url_for('index'))
def logout(session):
session.pop(app.config['u_id'])
def logout():
session.pop('user', None)
return redirect(url_for('index'))
def logout():
session.pop('host_id', None)
logout_user()
return jsonify(SUCCESS)
