def signin():
""" Sign in an existing user
"""
form = SignInForm(request.form)
next = request.args.get('next', '/')
if request.method == 'POST' and form.validate():
email = form.email.data
password = form.password.data
if email:
user = Users.get_one(email=email)
if not user:
form.email.errors = ['No such user or password']
else:
if not user.check_password(password.encode()):
form.email.errors = ['No such user or password']
else:
login_user(user, remember=True)
return redirect(form.next.data)
# Not a POST or errors
form.next.data = next
context = {'form': form}
content = render_template('signin.html', **context)
return content
def signin():
if not flask_login.current_user.is_anonymous:
return redirect(url_for('index'))
form = SignInForm(request.form)
if form.validate_on_submit():
username = form.username.data
password = form.password.data
r = requests.post(url+':4900/v1/users/authenticate', json={'username': username, 'password': password})
json = r.json()
if r.status_code == 200:
id = json['_id']
access_token = json['accessToken']
user = login_manager.User()
user.id = id + ';' + access_token
flask_login.login_user(user)
next = request.args.get('next')
if not next or urlparse(next).netloc != '':
next = url_for('dashboard')
return redirect(next)
elif r.status_code == 404 or r.status_code == 400:
flash('An error occurred when trying to sign in.', 'danger')
return render_template('auth/signin.html', form=form)
return render_template('auth/signin.html', form=form)
def signin(request):
signin_form = SignInForm
form = signin_form(data=request.POST or None)
if request.method == 'POST':
form = SignInForm(request.POST)
if form.is_valid():
data = form.cleaned_data
username = data['username']
password = data['password']
#print username
#print password
cnx = mysql.connector.connect(user='******', password='******', database='watermeter')
cursor = cnx.cursor()
print "SELECT password FROM logins WHERE username = '******';"
query = ("SELECT password FROM logins WHERE username = '******';")
cursor.execute(query)
result=cursor.fetchall()
print cursor
success = 0
#print result[0] + '...' + result[1]
for passw in result:
print "Entered loop..."
print passw,password
if(password=='password'):
success = 1
break
cnx.commit()
cursor.close()
cnx.close()
if(success==1):
return HttpResponseRedirect('/profilepage')
else:
return HttpResponseRedirect('/signin')
else:
return render(request, 'signin.html', {'form': form})
def sign_in():
form = SignInForm(request.form)
if request.method == 'POST' and form.validate():
if (form.nickname.data == 'admin' and form.password.data == 'admin'):
var = {}
session["admin"] = True
var['title'] = 'FSecurity | Admin'
return redirect(url_for('show_all_files'))
db = get_db()
query = db.cursor().execute("select * from profile where login = ? and password =? ;", \
[form.nickname.data, form.password.data]).fetchall()
if (len(query)==1):
session["sign_in"] = True
session["nickname"] = form.nickname.data
session["id"] = query[0][0]
flash("Hello {user}!".format(user=session["nickname"]))
return redirect(url_for('index'))
else:
flash("Wrong user")
db = get_db()
db.cursor().execute('insert into log(profile_id, description, warning_level, data) values(?, ?, ?, ?);', \
[None, "{user} try to enter with {password}"\
.format(user=form.nickname.data, password=form.password.data), 2, time()])
db.commit()
var = {}
var['title'] = 'FSecurity | Sign in'
var['form'] = form
return render_template('sign_in.html', **var)
def sign_in(action=None):
form = SignInForm()
other_text = action
if form.validate_on_submit():
try:
user = User.get(User.username**form.name_email.data)
except DoesNotExist:
try:
user = User.get(User.email**form.name_email.data)
except DoesNotExist:
flash(
'Could not find a user with that username/email and password combination'
)
return render_template('signin.html', form=form)
else:
user_exists = True
else:
user_exists = True
if user_exists:
if check_password_hash(user.password, form.password.data):
if action:
try:
return redirect(url_for(action))
except BuildError:
flash('Could not find the action to verify')
return redirect(url_for('index')), 404
login_user(user, remember=form.remember.data)
flash('You have been logged in! Go ahead, explore!')
return redirect(url_for('index'))
else:
flash(
'Could not find a user with that username/email and password combination'
)
return render_template('signin.html', form=form, text=other_text)
def signup():
"""
This function is used to
validate user's entrance
"""
sign_in_form = SignInForm(request.form)
if request.method == 'POST' and sign_in_form.validate_on_submit():
data = request.form
doc = get_doctor_by_email(data['email'], connection)
if not doc:
flash('There are no doctor with \
such an email in our database.')
return render_template('index.html', form=sign_in_form)
elif doc[4] != data['password']:
flash('Entered password is incorect.')
return render_template('index.html', form=sign_in_form)
# Session starts for doctor here
session.pop('doctor_id', None)
session['doctor_id'] = doc[0]
return redirect(url_for('cabinet'))
return render_template('index.html', form=sign_in_form)
def sign_in():
form = SignInForm(csrf_enabled=False)
if request.method == "GET":
return render_template("signin.html", form=form)
elif request.method == "POST":
if not form.validate():
return render_template("signin.html", form=form)
else:
result = g.conn.execute('''SELECT EXISTS (SELECT * FROM people
WHERE email = '%s' AND password = '******')''' %
(form.email.data, form.password.data))
row = result.fetchone()
if row[0]:
person = g.conn.execute(
'''(SELECT * FROM people WHERE email = '%s' AND password = '******' LIMIT 1)'''
% (form.email.data, form.password.data))
person_id = (person.fetchone()[0])
peeps = g.conn.execute(
'''(SELECT * FROM people WHERE email = '%s' AND password = '******' LIMIT 1)'''
% (form.email.data, form.password.data))
person_name = (peeps.fetchone()[9])
session['email'] = form.email.data
session['person_id'] = person_id
session['person_name'] = person_name
return render_template("dashboard.html", form=form)
else:
return render_template("signin.html",
form=form,
session=session)
def signin():
""" Sign in an existing user
"""
form = SignInForm(request.form)
if request.method == 'POST' and form.validate():
username = form.username.data
password = form.password.data
if username:
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
form.username.errors = ['No such user or password']
else:
if not user.check_password(password.encode()):
form.username.errors = ['No such user or password']
else:
login_user(user)
return redirect('/')
else:
form.username.errors = ['Enter an email address']
# Not a POST or errors
context = {'form': form}
content = render_template('signin.html', **context)
return content
def signin():
form = SignInForm()
if form.validate_on_submit():
if auth_manager.signin(form):
flash_success("Signed in successfully!")
else:
flash_error()
return redirect("/")
def signInPage():
form = SignInForm()
errorCode = None
if form.validate_on_submit():
errorCode = insertCustomer()
return render_template('signIn.html', signInForm=form, errorCode=errorCode,
isAdmin=config.adminLoggedIn)
def homePage():
print("Hello")
login_url = sp_oauth.get_authorize_url()
return redirect(login_url)
# results = sp.current_user_top_tracks(limit=50, time_range='medium_term')
print("World")
form = SignInForm()
if form.validate_on_submit():
return redirect(url_for('userInfo'))
return render_template('HomePage.html', form=form)
def sign_in(request):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
email = password = ''
if request.method == 'POST':
form = SignInForm(request.POST)
if form.is_valid():
email = form.cleaned_data['signin_email']
password = form.cleaned_data['password']
# hack to use emails only
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/')
else:
form.addError(
"Your account is not active, please contact the site admin."
)
else:
form.addError("Your email and/or password were incorrect.")
else:
# register
form = SignInForm()
return render_to_response('sign_in.html', {
'form': form,
'user': request.user
},
context_instance=RequestContext(request))
def sign_in(request):
if request.method == 'POST':
form = SignInForm(request.POST)
if form.is_valid():
results = User.objects.filter(email=form.cleaned_data['email'])
if len(results) == 1:
if results[0].check_password(form.cleaned_data['password']):
request.session['user'] = results[0].pk
email = request.POST['email']
password = request.POST['password']
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/company_profile/')
else :
form.addError('Account Disabled')
else:
form.addError('Incorrect email address or password')
else:
form.addError('Incorrect email address or password')
else:
form = SignInForm()
return render_to_response('sign_in.html',{'form': form,},RequestContext(request) )
def sign_in():
sign_in_form = SignInForm(request.form)
if sign_in_form.validate():
login = sign_in_form.login.data
password = sign_in_form.password.data
session['login'] = login
return redirect(url_for('shortener'))
else:
errors = sign_in_form.login.errors +\
sign_in_form.password.errors
return render_template('errors.html', errors=errors)
def signin():
form = SignInForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None and user.verify_password(form.password.data):
# log in
login_user(user)
return redirect(url_for('main.dashboard'))
else:
flash('Invalid username or password.', 'danger')
return render_template('auth/signin.html', form=form, title='Sign In')
def sign_in():
sign_in_form = SignInForm(request.form)
if sign_in_form.validate():
login = sign_in_form.login.data
password = sign_in_form.password.data
session['login'] = login
return redirect(url_for('shortener'))
else:
errors = sign_in_form.login.errors +\
sign_in_form.password.errors
return render_template('errors.html', errors=errors)
def index():
form = SignInForm()
if form.validate_on_submit():
if form.check_login_credentials():
return redirect(
url_for('user_timeline',
username=form.username.data,
tweets=tweets))
else:
flash("Invalid username or password")
return render_template('index.html', form=form)
def admin():
form = SignInForm()
if form.validate_on_submit():
if check_pass(form.username.data, form.password.data):
login_user(User(form.username.data))
flash('Logged in successfully.')
next_page = session.get('next', '/POSTS')
session['next'] = '/POSTS'
return redirect(next_page)
else:
flash('Invalid Admin username/password')
return render_template('MyAdmin.html', form=form)
def signin():
form = SignInForm()
if form.validate_on_submit():
user = User.query.filter_by(email = form.email.data).first()
if user is None:
return render_template("signin.html",message="Email not found",form=form)
elif user.password != form.password.data:
return render_template("signin.html",message="Wrong password",form=form)
else:
session["USERID"] = user.id
return redirect(url_for('home'))
return render_template("signin.html",form=form)
def signin(request):
if request.method == "POST":
form = SignInForm(request.POST)
if form.is_valid():
user = form.cleaned_data["user"]
if form.cleaned_data["remember"]:
request.session.set_expiry(9999999)
login(request, user)
return HttpResponseRedirect("/accounts/")
else:
form = SignInForm()
return render_to_response("accounts/login.html", {"form": form}, context_instance=RequestContext(request))
def signin(request):
logout(request)
if request.method == 'POST':
form = SignInForm(data=request.POST)
if form.is_valid():
# login_user = authenticate(username=request.POST['username'],password=request.POST['password'])
login_user = form.get_user()
login(request, login_user)
return redirect('/dashboard')
else:
form = SignInForm()
return render(request, 'SignIn.html', {'form': form, 'isLoggedIn': 'False'})
def sign_in():
form = SignInForm()
if request.method == 'POST':
form = SignInForm(request.form)
if form.validate():
user = User.objects().get(email=form.email.data)
if login_user(user, remember='yes'):
current_app.logger.info('Signed In')
flash({'type': 'success', 'text': 'Signed In'})
return redirect('/')
else:
current_app.logger.info('login failed')
flash({'type': 'error', 'text': 'Failed'})
return render_template("/auth/sign-in.html", **locals())
def sign_in():
form = SignInForm()
if request.method == 'POST':
form = SignInForm(request.form)
if form.validate():
user = User.objects().get(email=form.email.data)
if login_user(user, remember='yes'):
current_app.logger.info('Signed In')
flash({'type':'success', 'text':'Signed In'})
return redirect('/')
else:
current_app.logger.info('login failed')
flash({'type':'error', 'text':'Failed'})
return render_template("/auth/sign-in.html", **locals())
def signin():
if current_user.is_authenticated:
return redirect(url_for('account'))
form = SignInForm()
if form.validate_on_submit():
user = Users.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
if next_page:
return redirect(next_page)
else:
return redirect(url_for('account'))
return render_template('signin.html', title='Sign In', form=form)
def signin():
form = SignInForm()
if g.is_logged_in == True:
return redirect(url_for('profile'))
if request.method == 'POST':
if form.validate() == False:
return render_template('signin.html', form=form)
else:
session['email'] = form.email.data
return redirect(url_for('profile'))
elif request.method == 'GET':
return render_template ('signin.html', form=form)
def signIn(request):
"""Login page form"""
context = {}
if (request.method == "GET"):
context['form'] = SignInForm()
return render(request, 'login.html', context)
form = SignInForm(request.POST)
if (not form.is_valid()):
context['form'] = form
return render(request, 'login.html', context)
login(request, form.user)
return redirect(reverse('main'))
def signIn(request):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
if request.method == 'POST':
form = SignInForm(request.POST)
if form.is_valid():
if form.get_user():
login(request, form.get_user())
return HttpResponseRedirect('/settings')
else:
form = SignInForm()
return render_to_response('sign_in.html', {'form': form}, RequestContext(request))
def signin():
form = SignInForm()
if request.method == 'POST':
if form.validate() == False:
return render_template('signin.html', form=form)
else:
session['username'] = form.username.data
# also store the userID
user = User.query.filter_by(username = form.username.data.lower()).first()
session['userID'] = user.userID
return redirect(url_for('profile'))
elif request.method == 'GET':
return render_template('signin.html', form=form,communityform=CreateCommunityForm())
def signin():
form = SignInForm(request.form)
if 'email' in session:
redirect(url_for('profile'))
if request.method == 'POST':
if form.validate() == False:
return render_template('signin.html', form=form)
else:
session['email'] = form.email.data
return redirect(url_for('profile'))
return render_template('signin.html', form=form)
def signin():
form = SignInForm()
if 'rollno' in session:
return redirect(url_for('profile'))
if request.method == 'POST':
if form.validate() == False:
return render_template('signin.html',form = form)
else:
session['rollno'] = form.rollno.data
return redirect(url_for('profile'))
elif request.method == 'GET':
return render_template('signin.html',form = form)
def signin():
form = SignInForm()
if form.validate_on_submit():
user_email = form.email.data
user_password = form.password.data
remember_me = form.remember_me.data
this_user = User.query.filter_by(email=user_email).first()
if this_user is not None or this_user.check_password(user_password) is True:
login_user(this_user, remember=remember_me)
flash('Successfully Logged In')
return redirect(request.args.get('next') or '/')
else:
return "Login Failed"
else:
return "Login"
def sign_in():
sign_in_form = SignInForm()
if sign_in_form.validate_on_submit():
user_name = sign_in_form.username.data
password = generate_password_hash(sign_in_form.password.data)
users_model = UsersModel(db.get_connection())
if not users_model.get(user_name=user_name):
user_id = users_model.insert(user_name, password)
session['username'] = user_name
session['user_id'] = user_id
return redirect("/index")
return render_template("sign_in.html",
title="Зарегестрироваться",
form=sign_in_form)
def signin(request):
context = {}
context['form'] = SignInForm()
if request.method == 'POST':
form = SignInForm(request.POST)
context['form'] == form
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
try:
auth_user = authenticate(username=username , password=password)
login(request, auth_user)
return redirect('/countrylist/')
except Exception, e:
return HttpResponse('')
def sign_in():
if current_user.is_authenticated:
return redirect(url_for('doctor.questions'))
from utils import verify_email, verify_password
form = SignInForm()
if form.validate_on_submit():
doctor = verify_email(form.email.data)
if doctor is not None and verify_password(doctor, form.password.data):
login_user(doctor, form.remember_me.data)
flash('Welcome, Dr. %s' % doctor.first_name)
return redirect(
request.args.get('next') or url_for('doctor.questions'))
else:
flash('Invalid username or password!')
redirect(url_for(request.endpoint))
form.email.data = request.form.get('email')
return render_template('doctor/signin.html', form=form)
def signin():
form = SignInForm()
if form.validate_on_submit():
flash(f'{form.fullname.data} has been signed in!', 'success')
cursor = connect.cursor()
cursor.execute(
''' INSERT INTO patient VALUES (%s, %s, %s, %s, %s, %s, %s)''',
(form.ssn.data, form.fullname.data, form.gender.data,
form.date_of_birth.data, form.address.data,
form.phone_number.data, form.emergency_contact_number.data))
connect.commit()
cursor.execute(''' INSERT INTO emergencycontact VALUES(%s, %s, %s)''',
(form.ssn.data, form.emergency_contact_name.data,
form.emergency_contact_number.data))
connect.commit()
return redirect(url_for('hello'))
return render_template('signin.html', form=form)
def sign_in(request):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
email = password = ''
if request.method == 'POST':
form = SignInForm(request.POST)
if form.is_valid():
email = form.cleaned_data['signin_email']
password = form.cleaned_data['password']
# hack to use emails only
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/')
else:
form.addError(
"Your account is not active, please contact the site admin.")
else:
form.addError("Your email and/or password were incorrect.")
else:
# register
form = SignInForm()
return render_to_response(
'sign_in.html',
{
'form': form,
'user': request.user
},
context_instance=RequestContext(request)
)
def login_user():
form = SignInForm()
if form.validate_on_submit():
email = form.email.data
password = form.password.data
user = User.authenticate(email, password)
if user:
flash('Welcome!!', "success")
session['username'] = user.username
return redirect(f"/users/{user.username}")
else:
form.email.errors = ['Invalid username/password.']
return render_template('login.html', form=form)
def sign_out():
form = SignInForm()
return render_template(
"form.html",
is_sign_in=False,
form=form,
is_invited=is_invited(session.get("email")),
autocomplete_data=get_autocomplete_data(),
)
def login():
if (current_user.is_authenticated):
return redirect(url_for('index'))
form = SignInForm()
if (form.validate_on_submit()):
user = User.query.filter_by(username=form.username.data).first()
if (user is None or not check_password_hash(user.hashed_password,
form.password.data)):
flash("Invalid credentials", "error-message")
return redirect(url_for('login'))
login_user(user)
flash("You have been successfully logged in", "success-message")
return redirect(url_for('index'))
return render_template('login.html', form=form)
def sign_in():
form = SignInForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data, password=password_hash(form.password.data)).first()
if user is None:
flash(_('Wrong email or password'))
elif user.active is False:
flash(_('Your account is deactivated'))
elif user.confirmed is False:
flash(_('Your account is not confirmed'))
else:
session['user_id'] = user.id
user.signed_in = datetime.datetime.utcnow()
db.session.commit()
flash(_('Successfully signed in'))
return redirect('')
return render_template('sign_in.html', form=form)
def home():
"""Render website's home page."""
form = SignInForm(request.form)
if request.method == 'POST':
# Pass this to the Consumer Notebook API
session['username'] = request.form['username']
session['api_key'] = request.form['api_key']
return redirect('/products/')
return render_template('home.html', form=form)
def signin():
form = SignInForm(request.form)
if request.method == "POST":
if form.validate():
username = form.username.data
password = form.password.data
remember = form.remember.data
connection = pymongo.Connection(CONNECTION_STRING,
safe=True)
response = None
try:
username = user.validate_login(connection[DATABASE],
username, password)
except DoesNotExist:
pigeon.error("You haven't registered yet!")
response = app.make_response(redirect_back("signup"))
except UserPasswordNotMatch:
pigeon.error("Wrong username/password combination!")
response = app.make_response(render_template("signin.html",
form=form))
if not response:
session_id = user.start_session(connection[DATABASE],
username)
if session_id == -1:
pigeon.error("Internal error!")
else:
cookie = user.make_secure_val(session_id)
# Set cookies to client.
session_id = user.start_session(connection[DATABASE],
username)
cookie = user.make_secure_val(session_id)
redirect_to_home = redirect_back("index")
response = app.make_response(redirect_to_home)
response.set_cookie(COOKIE, value=cookie)
# Mark this user has logged in.
session["logged_in"] = True
session["username"] = username
return response
else:
return response
return render_template("signin.html", form=form, status="signin")
def sign_in():
form = SignInForm()
return render_template(
"form.html",
is_sign_in=True,
form_url=url_for("sign_in"),
form=form,
is_invited=is_invited(session.get("email")),
autocomplete_data=get_autocomplete_data(),
)
def adminsignin():
form = SignInForm()
if request.method == "POST":
if form.validate() == False:
return render_template("adminsignin.html", form=form)
else:
email = form.email.data
password = form.password.data
admin = Admin.query.filter_by(email=email).first()
if admin is not None and admin.check_password(password):
return "Admin Login Success!"
else:
return redirect(url_for('adminsignin'))
elif request.method == "GET":
return render_template('adminsignin.html', form=form)
def usersignin():
form = SignInForm()
if request.method == "POST":
if form.validate() == False:
return render_template("usersignin.html", form=form)
else:
email = form.email.data
password = form.password.data
user = Users.query.filter_by(email=email).first()
if user is not None and user.check_password(password):
return "User Login Success!"
else:
return redirect(url_for('usersignin'))
elif request.method == "GET":
return render_template('usersignin.html', form=form)
def signin():
"""
Handle requests to the /signin route.
:return:
"""
form = SignInForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.verify_password(form.password.data):
signin_user(user)
if user.is_admin:
return redirect(url_for('home.admin'))
else:
return redirect(url_for('home.start'))
else:
flash('Invalid email or password.')
return render_template('auth/signin.html',
title='Sign In',
form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = SignInForm()
if form.validate_on_submit():
user = session.query(User).filter_by(email=form.email.data).first()
if user is None:
flash('Email is not registred')
return redirect(url_for('login'))
elif not user.check_password(form.password.data):
flash('Wrong password')
return redirect(url_for('login'))
elif not user.is_active:
flash('You have to confirm your account. Check your email')
send_email(user.email)
return redirect(url_for('login'))
login_user(user)
return redirect(url_for('index'))
return render_template('login.html', title='Sign in', form=form)
def sign_in(request):
error = False
if request.method == 'POST':
form = SignInForm(request.POST)
if form.is_valid():
cd = form.cleaned_data
email_address = cd['email']
given_password = cd['password']
try:
user = JadeBusemUser.objects.get(email=email_address)
except JadeBusemUser.DoesNotExist:
error = True
if error is False and check_password(given_password, user.password):
request.session['email'] = user.email
request.session['name'] = user.first_name
request.session['user_id'] = user.user_id
return HttpResponseRedirect('/', Context({'user': request.session, 'login': True}))
else:
error = True
else:
form = SignInForm()
return render(request, 'user/sign_in.html', Context({'form': form, 'error': error}))
def sign_in(request):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
if request.method == 'POST':
form = SignInForm(request.POST)
if form.is_valid():
result, request = utils.sign_in(request)
if result:
return HttpResponseRedirect('/')
else:
return render(request, 'general_form.html', {'form_id': 'sign-in',
'form_submit': 'sign in',
'form': form})
else:
return render(request, 'general_form.html', {'form_id': 'sign-in',
'form_submit': 'sign in',
'form': form})
else:
form = SignInForm()
return render(request, 'general_form.html', {'form_id': 'sign-in',
'form_submit': 'sign in',
'form': form})
def signin():
"""
Note: Using 'signin' rather than 'login' to emphasize that users use this
app to sign in to a space (currently without authentication) rather than
log in to a system.
"""
signin_form = SignInForm()
# validate and store form data
if signin_form.validate_on_submit():
# find this user in db
# TODO: find by either user_name OR email - currently just user name,
# but changing the name of the field in this form because otherwise
# would have two fields called user_name in the template, filled in
# with same thing
user = User.query.filter_by(user_name=signin_form.user_name_or_email.data).first()
# TODO: log in with either email or user_name
if user is None:
# TODO: account for user name OR email
# right now, just for the sake of this working, setting:
messg = 'User {} not found, pls try again or [insert link to sign up/create account tab]'.format(
signin_form.user_name_or_email.data)
flash(messg, category='error')
else:
if user.is_signed_in():
# TODO: account for user name OR email..
# if already signed in, tell them so
messg = 'User {} already signed in on {}'.format(user.user_name,
user.get_time_in())
flash(messg, category='warning')
else:
# determine which project(s) exactly, if one was chosen
# TODO: a more elegant way to do that
chosen_projects = []
if signin_form.project.data:
for project in [signin_form.project_art,
signin_form.project_business,
signin_form.project_research,
signin_form.project_other
]:
if project.data: # if was checked or filled out
chosen_projects.append(str(project.data))
chosen_proj_str = '; '.join(chosen_projects)
# if not already signed, create and save Visit instance
new_visit = Visit(signin_timestamp=datetime.now(),
user_id=user.id,
hangout=signin_form.hangout.data,
get_help=signin_form.get_help.data,
computer=signin_form.computer.data,
volunteer=signin_form.volunteer.data,
dont_know=signin_form.dont_know.data,
electronics_room=signin_form.electronics_room.data,
laser_engraver=signin_form.laser_engraver.data,
milling_machine=signin_form.milling_machine.data,
three_d_printing=signin_form.three_d_printing.data,
tour=signin_form.tour.data,
vinyl_cutter=signin_form.vinyl_cutter.data,
project = signin_form.project.data,
project_art = signin_form.project_art.data,
project_business = signin_form.project_business.data,
project_research = signin_form.project_research.data,
project_other = signin_form.project_other.data,
projects = chosen_proj_str,
for_class=signin_form.for_class.data,
which_class=signin_form.which_class.data,
other=signin_form.other.data,
other_text=signin_form.other_text.data,
)
db.session.add(new_visit)
db.session.commit()
messg = '{} is signed in'.format(user.user_name)
flash(messg, category='info')
# did not validate, so return with the same signin form (otherwise won't be
# able to see the errors)
else:
return render_template('base.html', anchor='signin',
signin_form=signin_form,
signup_form=SignUpForm(),
signed_in_users=get_signed_in_users())
return redirect(url_for('.index'))
def signin(request):
message = request.messages.get_message('security')
if request.method == 'POST':
form = SignInForm(
request.POST,
show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
request=request
)
if form.is_valid():
try:
# Configure correct auth and redirect links
if request.firewall.admin:
auth_method = auth_admin
success_redirect = reverse(site.get_admin_index())
else:
auth_method = auth_forum
success_redirect = reverse('index')
# Authenticate user
user = auth_method(
request,
form.cleaned_data['user_email'],
form.cleaned_data['user_password'],
)
if not request.firewall.admin and request.settings['sessions_hidden'] and form.cleaned_data['user_stay_hidden']:
request.session.hidden = True
sign_user_in(request, user, request.session.hidden)
remember_me_token = False
if not request.firewall.admin and request.settings['remember_me_allow'] and form.cleaned_data['user_remember_me']:
remember_me_token = get_random_string(42)
remember_me = Token(
id=remember_me_token,
user=user,
created=timezone.now(),
accessed=timezone.now(),
hidden=request.session.hidden
)
remember_me.save()
if remember_me_token:
request.cookie_jar.set('TOKEN', remember_me_token, True)
request.messages.set_flash(Message(request, 'security/signed_in', extra={'user': user}), 'success', 'security')
return redirect(success_redirect)
except AuthException as e:
message = Message(request, e.type, extra={'user':e.user, 'ban':e.ban})
message.type = 'error'
# If not in Admin, register failed attempt
if not request.firewall.admin and e.type == auth.CREDENTIALS:
SignInAttempt.objects.register_attempt(request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse('sign_in'))
else:
message = Message(request, form.non_field_errors()[0])
message.type = 'error'
else:
form = SignInForm(
show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
request=request
)
return request.theme.render_to_response('signin.html',
{
'message': message,
'form': FormLayout(form, [
(
None,
[('user_email', {'attrs': {'placeholder': _("Enter your e-mail")}}), ('user_password', {'has_value': False, 'placeholder': _("Enter your password")})]
),
(
None,
['user_remember_me', 'user_stay_hidden'],
),
]),
'hide_signin': True,
},
context_instance=RequestContext(request));
