def login():
if current_user.is_authenticated: #User already signed in -> shouldn't be able to login again
return redirect(url_for('index'))
form=LoginForm()
if form.validate_on_submit():
form.validate()
user =User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash("Error: Invalid credentials")
return render_template('login.html', form=form)
login_user(user, remember=form.remember_me.data)
flash("Login successful!")
return redirect(url_for('index'))
return render_template('login.html', form=form)
def login():
login_form = LoginForm()
ctx = {'login_form': login_form}
if request.method == 'POST' and login_form.validate():
username = login_form.username.data
password = login_form.password.data
user_doc = get_user(username)
if user_doc.to_dict() is not None:
password_from_db = user_doc.to_dict()['password']
if check_password_hash(password_from_db, password):
user_data = UserData(username, password)
user = UserModel(user_data)
login_user(user)
flash('Bienvenido de nuevo')
return redirect(url_for('hello'))
else:
flash('La información no coincide')
else:
flash('El usuario no existe')
return render_template('login.html', **ctx)
def login_view(self):
form = LoginForm()
# For Post Request: Submitting the login form
if request.method == "POST" and form.validate():
try:
username = request.form["username"]
password = request.form["password"]
# get that admin from db if exists
user = models.Admin.query.filter(
models.Admin.username == username).one()
# check credentials
authenticated = bcrypt.check_password_hash(
user.password_hash, password)
if not authenticated:
raise Exception(f"Wrong Password From <{username}>")
session["username"] = username # keep logged in
add_log(f"{username} has successfully logged in.")
return redirect(url_for(".index"))
except Exception as e:
add_log(
f"There has been a failed attempt of login with the exception {e}."
)
flash("Wrong username or password!")
return redirect(url_for('.login_view'))
# For Get Request: Opening login form
return render_template("admin/login.html", form=form)
def sign_up():
#print(request.cookies.get('user', 'нету'))
form = LoginForm(request.form)
user = get_user_from_session_and_cookies()
if user:
return redirect(url_for('index'))
if request.method == 'POST' and form.validate():
try:
user_md5 = md5()
user_md5.update(bytearray(form.password.data, 'utf8'))
user_password = user_md5.hexdigest()
user = User(form.login.data, user_password, None)
session_db.add(user)
session_db.commit()
flash('Login requested by login="******", remember me=' + str(form.remember_me.data))
session['user'] = {'login':user.login, 'e_mail':user.e_mail, 'role':user.role}
response = make_response(redirect(url_for('get_user', username=user.login)))
if form.remember_me.data:
response.set_cookie('user', user.login, max_age=157680000)
response.set_cookie('password', user.password, max_age=157680000)
return response
except:
session_db.rollback()
flash('The user is already exists, ' + str(session_db.query(User).filter(User.role == 1).all()))
return redirect(url_for('sign_up'))
return render_template('login.html',
method=request.method,
title='Sign Up',
form=form,
page = '/signup')
def login():
if (current_user.is_authenticated):
return redirect(url_for('index'))
form = LoginForm()
if (form.is_submitted()):
if (form.validate()):
uname = form.username.data
pword = form.password.data
mfaid = form.mfacode.data
#print(uname+":"+pword+":"+mfaid)
#grab the user field, and perform a query by it, and grab the first result
user = User.query.filter_by(username=uname).first()
#if we get no user (username mismatch) or password is wrong, say invalid
if (user == None or not user.checkpw(pword)):
return render_template(
'login_results.html',
title='Login Failed',
form=form,
results="Login failure: Incorrect username or password")
if (not user.checkmfaid(mfaid)):
return render_template(
'login_results.html',
title='Login Failed',
form=form,
results="Login failure: Two-factor auth failure")
login_user(user)
return render_template('login_results.html',
title='Login Success',
form=form,
results="Login success")
return render_template('login.html', title='Sign In', form=form)
def login():
form = LoginForm()
pageTitle = "login"
if request.method == 'POST':
if form.validate() is False:
return render_template('users/login.html',
form=form,
pageTitle=pageTitle)
else:
# user = User.get(email=form.email.data.lower().strip())
user = User.get(email=form.email.data.lower().strip())
if user and user.roles.can_login is True:
#add remember_me
user.last_seen = DATE_TIME_NOW
user.save()
login_user(user)
return redirect(request.args.get('next') or
url_for('.profile',
user_id=user.get_id())
)
else:
flash("Please confirm your email address.")
return render_template('users/login.html',
form=form,
pageTitle=pageTitle)
elif request.method == 'GET':
if request.args.get('next'):
session['next'] = (request.args.get('next') or
request.referrer or None)
return render_template('users/login.html',
form=form,
pageTitle=pageTitle)
def login():
if current_user.is_authenticated:
flash('You are already logged in.')
return redirect(url_for('auth.home'))
form = LoginForm()
if request.method == 'POST' and form.validate():
username = request.form.get('username')
password = request.form.get('password')
try:
User.try_login(username, password)
except ldap.INVALID_CREDENTIALS:
flash('Invalid username or password. Please try again.', 'danger')
return render_template('login.html', form=form)
user = User.query.filter_by(username=username).first()
if not user:
user = User(username, password)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('auth.home'))
if form.errors:
flash(form.errors, 'danger')
return render_template('login.html', form=form)
def login_user():
""" The user login method"""
page_title = "Login"
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
email = form.email.data
password = form.password.data
if User.user_exists(email) is True:
if User.user_login_verify(email, password) is True:
user = User.current_user(email)
session['logged_in'] = True
session['username'] = user['username']
session['email'] = email
session['password'] = user['password']
session['id'] = user['_id']
flash('You have successfully logged in!!', 'success')
print(session['id'])
return redirect(url_for('dashboard'))
else:
flash('Invalid Login!! Password or Email incorrect', 'error')
return redirect(url_for('login_user'))
else:
flash("Email do not exist!! first register")
return redirect(url_for('register_user'))
return render_template('login.html', form=form, title=page_title)
def index():
login_form = LoginForm()
reg_form = RegistrationForm()
# Check if already logged in
if current_user.is_authenticated:
return redirect(url_for('user', username=current_user.username))
# If submitting login form, validate form
if login_form.submit_login.data and login_form.validate():
user = User.query.filter_by(username=login_form.username.data).first()
# If user does not exist or password doesnt work
if user is None or not user.check_password(login_form.password.data):
flash('Invalid username or password')
return redirect(url_for('index'))
# Login existing user
login_user(user, remember=login_form.remember_me.data)
return redirect(url_for('user', username=current_user.username))
# If submitting registration form, check that validators and if data is there
if reg_form.submit_reg.data and reg_form.validate():
user = User(username=reg_form.username.data, email=reg_form.email.data)
user.set_password(reg_form.password.data)
db.session.add(user)
db.session.commit()
flash('YOU REGISTERED DUMB SHIT')
return redirect(url_for('index'))
return render_template('index.html',
login_form=login_form,
reg_form=reg_form,
title='Home Page')
def login():
if checkLogin():
return redirect(url_for('.home'))
else:
form = LoginForm(request.form)
if request.method == 'POST':
messages = []
if form.validate():
username = form.username.data
password = form.password.data
user = User.query.filter_by(username=username).first()
if user != None and user.password == password:
user.logincount += 1
db.session.add(user)
db.session.commit()
response = make_response(redirect(url_for('.home')))
response.set_cookie('username',
value=username,
expires=time.time() + 24 * 60 * 60)
return response
else:
messages.append('账号或密码错误')
else:
messages = [r for k, v in form.errors.items() for r in v]
return render_template('/user/login.html',
form=form,
messages=messages)
return render_template('/user/login.html', form=form)
def user_login():
"""User login page."""
# Bypass Login screen if user is logged in
if current_user.is_authenticated:
return redirect(url_for('profile.user_profile'))
login_form = LoginForm(request.form)
# POST: Create user and redirect them to the app
if request.method == 'POST':
if login_form.validate():
# Get Form Fields
email = request.form.get('email')
password = request.form.get('password')
# Validate Login Attempt
user = User.query.filter_by(email=email).first()
if user:
if user.check_password(password=password):
login_user(user)
next = request.args.get('next')
return redirect(next or url_for('profile.user_profile'))
flash('Invalid username/password combination')
return redirect(url_for('auth.user_login'))
# GET: Serve Log-in page
return render_template('auth/user_login.html',
form=LoginForm(),
title='Log in | Flask-Login Tutorial.',
template='login-page',
body="Log in with your User account.")
def login():
if current_user.is_authenticated:
return redirect(url_for('main.show_first_page'))
login_form = LoginForm(request.form)
if request.method == 'POST' and login_form.validate():
email = login_form.email.data
password = login_form.password.data
remember_me = login_form.remember_me.data
user = get_user(email)
if not user:
flash(gettext(MESSAGE_USER_NOT_EXIST))
return render_template('auth/login.html', form=login_form)
elif check_password_hash(user.password, password):
login_user(user, remember=remember_me)
return redirect(request.args.get("next") or url_for('main.show_first_page'))
else:
flash(gettext(MESSAGE_PASSWORD_IS_INCORRECT))
return render_template('auth/login.html', form=login_form,
PASSWORD=PASSWORD,
EMAIL=EMAIL,
AUTHORIZATION=AUTHORIZATION,
LOGIN=LOGIN,
YOU_ALREADY_REGISTER=YOU_ALREADY_REGISTER)
def sign():
if current_user.is_authenticated:
return redirect('index')
reg_form = RegistrationForm()
log_form = LoginForm()
if reg_form.reg_submit.data and reg_form.validate():
email = reg_form.email.data
password = reg_form.password.data
user = User(email=email)
user.set_password(password)
db.session.add(user)
db.session.commit()
user_status = UserStatuses(status_id=1, user_id=User.query.filter_by(email=email).first().id)
db.session.add(user_status)
db.session.commit()
login_user(user)
user = User.query.filter_by(id=current_user.id).first()
user.nickname = 'User_'+str(user.id)
db.session.commit()
return redirect(url_for('edit_profile'))
if log_form.log_submit.data and log_form.validate():
email = log_form.email.data
user = User.query.filter_by(email=email).first()
if not user or not user.check_password(log_form.password.data):
return render_template('registr-exit.htm', title='Авторизация', log_form=log_form, reg_form=reg_form,
log_error=True)
login_user(user)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('registr-exit.htm', title='Авторизация', log_form=log_form, reg_form=reg_form)
def login():
form = LoginForm(request.form, meta={'csrf_context': session})
error = None
if request.method == 'POST' and form.validate():
email = form.email.data
password = form.password.data
user = db.users.find_one({'email': email})
if user and bcrypt.verify(password, user['password'],):
session['email'] = email
if user['role'] == 'manager':
return redirect(url_for('manage'))
else:
return redirect(url_for('profile'))
else:
error = "Wrong email password combination"
return render_template("login.html", error=error, form=form)
def login(referrer=None):
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if request.method == 'POST' and form.validate():
user = User.objects(email=form.email.data).first()
if user is None:
flash('Invalid Email or Password')
return redirect(url_for('index'))
else:
if user.check_password(form.password.data):
login_user(user)
user.last_seen = datetime.utcnow()
user.save()
if not current_user.is_active:
flash("Disabled account")
if referrer:
referrer = decode_uri(referrer)
else:
referrer = request.referrer
return redirect(referrer)
else:
flash('Invalid Email or Password')
return redirect(url_for('index'))
flash_form_errors(form)
return redirect(url_for('index'))
async def login(request):
page = dict()
lform = LoginForm(request)
if request.method == 'POST' and lform.validate():
fuser = lform.username.data
fpass = lform.password.data
data = (f'SELECT * FROM "blog_users" WHERE `username`="{fuser}" AND `password`="{fpass}";', 1)
fetch = await sql_master(data)
if fetch is not None:
user = User(id=1, name=fuser)
auth.login_user(request, user)
page['title'] = 'Login'
page['header'] = 'Thank you for logging in!'
page['text'] = 'Redirecting in 3 seconds...'
return jrender('page.html', request, page=page,
js_head_end='<script defer>window.setTimeout(function(){ window.location = "admin"; },3000);'
'</script>')
else:
page['error'] = 'Login Failed. Please Try Again.'
login_check = request['session'].get('username')
if login_check is None:
page['title'] = 'Login'
page['header'] = 'Restricted Area - Login Required'
return jrender('page.html', request, page=page, form=lform,
css_head_end='<style>.mdl-layout{align-items: center;justify-content: center;}'
'.mdl-layout__content {padding: 24px;flex: none;}</style>')
page['title'] = 'Login'
page['header'] = 'You\'re already logged in!'
page['text'] = 'Redirecting in 3 seconds...'
return jrender('page.html', request, page=page,
js_head_end='<script defer>window.setTimeout(function(){ window.location = "admin"; },3000);'
'</script>')
def login():
title = ddb + 'login'
form = LoginForm()
if request.method == 'POST' and form.validate():
username = form.username.data
password = form.password.data
user = User.query.filter_by(username=username).first()
if user is None or not check_password_hash(user.password, password):
flash("Incorrect Username or Password. Please try again", 'danger')
return redirect(url_for('login'))
login_user(user, remember=form.remember_me.data)
flash(f"Welcome back {username}!")
next_page = request.args.get('next')
if next_page:
return redirect(url_for(next_page.lstrip('/')))
return redirect(url_for('index'))
return render_template('login.html', title=title, form=form)
def login_user():
utente = Utente.def_utente()
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
#prendo i dati dal form
username = form.username.data
password = form.password.data
# apro connessione con il database
user = mongo.db.utenti
# cerco l'utente nel database
login_user = user.find_one({'username': username})
# se ho trovato l'username, verifico la password
if login_user:
if check_password_hash(login_user['password'], password):
session.clear()
# verifica utente/admin
if login_user['admin']:
session['admin'] = True
else:
session['admin'] = False
session['username'] = username
session['logged_in'] = True
return home()
# altrimenti gli notifico che il login è fallito
return render_template('login.html', titolo='Login', utente=utente, form=form, error='Invalid username/password combination')
return render_template('login.html', titolo="Login", utente=utente, form=form)
def login():
#login_manager = LoginManager()
#login_manager.init_app()
form = LoginForm(request.form)
#form = LoginForm()
#if form.validate_on_submit():
if request.method == 'POST' and form.validate():
#want to find the user with the username or email address as enterred
user = session.query(User).filter(
(User.email == form.username_or_email.data) |
(User.username == form.username_or_email.data)
).first()
#want to check to see if the user is registered and password info is correct.
if user is None or not check_password_hash(user.password,
form.password.data):
flash("Your login information is incorrect. Please try again.")
return redirect(url_for('login'))
#check to see if the password is correct.
#then log in the user
login_user(user)
flash("Logged in successfully.")
return redirect(url_for('food_log_get'))
return render_template(
'login.html',
title='Sign In',
form=form
#providers=app.config['OPENID_PROVIDERS'])
)
def login():
""" Starting page with login.
For Log in: take email, password from user and check if credentials exist in the database
by checking if email is in the users table. If email in table, redirect to the children overview.
If not: redirect to sign up page. WTForms validates the form.
"""
form = LoginForm(request.form)
next_url = request.args.get('next', '/overview')
if request.method == 'POST' and form.validate(): # Process form if route gets POST request from /index
next_url = request.form.get('next', '/overview')
user = User.query.filter_by(email=form.data['email']).first()
if user and user.check_password(form.data['password']):
login_user(user)
if not auth.is_safe_url(next_url):
return abort(400)
app.logger.debug(next_url)
return redirect(next_url or '/overview')
if not user:
return redirect('/signup')
# Show error message ('Incorrect password.')
form.errors["password"] = ["Incorrect password"]
status_code = 400 if form.errors else 200
return render_template("login.html", form=form, next=next_url), status_code
def index():
Lform = LoginForm()
if Lform.submit1.data and Lform.validate():
login(Lform)
if current_user.is_authenticated:
print('пользователь', current_user, 'вошёл в сеть')
return redirect(url_for('main',username=current_user))
return render_template('signin.html', Lform=Lform)
def test_login_form_is_okay():
form_data = MultiDict(
username='******',
password='******'
)
form = LoginForm(form_data)
expect(form.validate()).to.be.true()
expect(form.errors).to.eq({})
def post(self):
form = LoginForm()
# print(form.validate())
if not form.validate():
return render_template(self.template, form=form)
login_user(form.user, form.remember_me.data)
flash('Login success')
return redirect(request.args.get('next') or url_for('admin.index'))
def login():
form = LoginForm(
request.form) # instanciamos form y lo enviamos al template
if request.method == 'POST' and form.validate():
print('Nueva sesion creada')
print(form.username.data, form.password.data)
return render_template('auth/login.html', title='Login', form=form)
def login_post():
form = LoginForm(request.form)
if form.validate():
user = find_user_by_name(form.username.data)
if user and User.validate_login(user.password, form.password.data):
login_user_(user)
return redirect(request.args.get('next') or url_for('site.home'))
flash('Wrong username or password!', category='danger')
return render_template('login.html', title='Log in', form=form)
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
user = User.query.filter(User.username == form.username.data).first()
if user:
login_user(user)
if (user.password == form.password.data):
return redirect(url_for('get_users_flags'))
return render_template('login.html', form=form)
def POST(self):
web.header('Content-Type', 'text/html; charset=UTF-8')
form = LoginForm(None, web.input())
if form.validate():
flag = self.do_login(form.username.data, form.password.data)
if not flag:
return render.index(form)
raise web.seeother('/done?true')
return render.index(form)
def test_login_form_requires_password():
form_data = MultiDict(
username='******'
)
form = LoginForm(form_data)
expect(form.validate()).to.be.false()
expect(form.errors).to.eq({
'password': ['This field is required.']
})
def test_login_form_requires_username():
form_data = MultiDict(
password='******'
)
form = LoginForm(form_data)
expect(form.validate()).to.be.false()
expect(form.errors).to.eq({
'username': ['This field is required.']
})
def login_page():
if not current_user.is_anonymous:
return redirect(url_for('homepage'))
form = LoginForm(request.form)
if request.method == "POST" and form.validate():
user_submit = request.form['email']
password = request.form['password']
user = session.query(User).filter_by(email=user_submit).first()
return log_in(user, password)
return render_template('login.html', form=form)
def login():
form = LoginForm(request.form)
if form.validate():
user = User.query.filter_by(email=form.login_email.data).first()
if not user.check_password(form.login_password.data):
return jsonify({'login_password': ['Wrong password.']})
login_user(user)
return jsonify({'login_response_status': 'login_success'})
else:
return jsonify(form.errors)
def login():
if request.method == "GET":
return render_template("login.html", login_form = LoginForm(), referrer = request.referrer or url_for("index"))
form = LoginForm(request.form)
if not form.validate():
return render_template("login.html", login_form = form, referrer = request.form["referrer"] or url_for("index"))
session["user"] = form.login.data
return redirect(request.form["referrer"] or url_for("index"))
def login(self):
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
user = form.get_user()
login_user(user)
print "login_user"
redirect(url_for('.index'))
self._template_args['form'] = form
return super(MyIndexView, self).index()
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
data = dict(request.form)
del data['login']
user = UserModel.query.filter_by(email=data['email']).first()
if user and user.password == data['password']:
login_user(user)
return redirect(url_for('home'))
return redirect(url_for('login'))
return render_template('login.html', form=form)
def login(self):
if current_user.is_authenticated:
return redirect('/')
if request.method == "POST":
form = LoginForm(request.form)
if form.validate():
login_user(form.user, remember=form.remember_me.data)
return redirect('admin')
else:
form = LoginForm()
return render_template("login.html", form=form)
def admin_login():
login_form = LoginForm(request.form)
if request.method == 'POST' and login_form.validate():
result = user.admin_login(request.form)
if result is None:
flash('Username or Password is invalid', 'error')
return redirect(url_for('admin_login'))
flash('Logged in successfully')
return redirect(url_for('dashboard'))
return render_template('admin/login.html', form=login_form)
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('index'))
form = LoginForm(request.form)
if request.method == "POST" and form.validate():
session['remember_me'] = form.remember_me.data
return auth(form.username.data,
form.passwd.data)
return render_template('login.html',
title = 'Sign In',
form = form)
def login():
form = LoginForm()
if request.method == 'POST' and form.validate():
new_username = form.username.data
user['username'] = new_username
flash(f'Successfully logged-in as {new_username}')
return redirect(url_for('home'))
return render_template(
'login.html',
form=form,
)
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
user = UserModel.find_email(form.email.data)
if user.check_hash(request.form['password']) and user:
#guardando na session
login_user(user)
return redirect(url_for('list_publication'))
return render_template('users/login.html', form=form)
def login():
""" Login page to access admin pages """
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
fusername = request.form['username']
fpassword = request.form['password']
admin_user = check_credentials(fusername, fpassword)
if admin_user is not None:
login_user(admin_user)
return redirect(url_for('admin'))
else:
render_template('login.html', form=form)
return render_template('login.html', form=form)
def login():
f = LoginForm(data=request.form)
if f.validate():
#Login user
login_user(f.valid_user, remember=f.remember.data)
return redirect(url_for('room_list_page'))
else:
#put login errors in flash
flash('show form', 'show_form_login')
for field in f:
for error in field.errors:
flash(str(error), 'login_' + field.name)
return redirect(url_for('auth_page'))
def login():
form = LoginForm()
if request.method == 'POST' and form.validate():
email = form.email.data
password = form.password.data
logged_user = User.query.filter(User.email == email).first()
if logged_user and check_password_hash(logged_user.password, password):
login_user(logged_user)
return redirect(url_for('home'))
else:
return redirect(url_for('login'))
return render_template('login.html', form=form)
def post_login(self):
form = LoginForm(self.request.POST)
errors = form.errors
if form.validate():
user = User.get_by_password(form.username.data, form.password.data)
if user is None:
errors = {'username': ['Invalid username or password.']}
else:
self.start_user_session(user)
return self.redirect('/game/')
self.session.add_flash(errors, key='login_errors')
self.redirect('/')
def login(self):
form = LoginForm(data=request.get_json(force=True))
if form.validate():
try:
user = User.query.filter_by(username=form.username.data).first()
except SQLAlchemyError as e:
# TODO: loging exeption e
return return_response(500, jsonify(error='Произошлка ошибка во время запроса.'))
if user is None:
return return_response(404, jsonify(error='Пользователь не найден'))
if bcrypt.check_password_hash(user.password, form.password.data):
login_user(user)
return '', 200
return return_response(404, jsonify(error='Не правильно введен логин или пароль'))
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('index'))
form = LoginForm(request.form)
if request.method == "POST" and form.validate() : #form.validate_on_submit() :
session['remember_me'] = form.remember_me.data
return oid.try_login(form.openid.data, ask_for = ['nickname', 'email'])
"""
flash('Login requested for OpenID="' + str(form.openid.data) + '", remember_me=' + str(form.remember_me.data))
return redirect('/index')
"""
return render_template('login.html',
title = 'Sign In',
form = form,
providers = app.config['OPENID_PROVIDERS'])
def login():
if current_user.get_id():
flash('You are already logged in')
return redirect(url_for('list_posts'))
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
admin = Admin.query.filter_by(email=form.email.data).first()
if admin and admin.password == form.password.data:
login_user(admin, remember=form.remember_me.data)
flash('Successfully authenticated')
return redirect(request.args.get('next') or url_for('list_posts'))
else:
form.email.errors.append('Wrong email or password')
return render_template('login.html',
form=form)
def login():
if session.get('logged_in'):
return render_template('index.html')
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
db = get_db()
success = db.do_login(form.username.data, form.password.data)
if success:
session['logged_in'] = True
session['user'] = form.username.data
flash("You are logged in!")
return render_template('index.html')
else:
print "Login failed"
flash("Login information incorrect.")
return render_template('login.html', form=form)
def login(self):
# Redirect to index if user is already logged in.
if g.user is not None:
return redirect(url_for('GenericView:index'))
# Call our login form
form = LoginForm(request.form)
# Check if form is submitted and valid
if request.method == 'POST' and form.validate():
# Fetch user with username provided
user = User.query.filter(User.username.like(
form.username.data)).first()
# Check if username exists
if user is None:
g.error = not None
flash('0No user ' + form.username.data + ' exists')
# Check if passwords match
elif user.check_password(form.password.data) is False:
g.error = not None
flash('0Password was incorrect.')
# Check for errors
if g.error is None:
# Store the user's id in the session for look-up in
# before_request(), make the user active, and redirect.
session['user_id'] = user.id
user.active = True
try:
db.session.commit()
except Exception:
flash('0Trouble making you act')
if request.args.get('next') is None:
return redirect(request.referrer)
return redirect(request.args.get('next'))
helpers.flash_errors(form)
# Render default login page
return render_template('login.html',
title='::Login',
form=form)
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
username = form.username.data
password = form.password.data
# check credentials
if creds_validator(username, password):
session['username'] = username
flash('Login successful')
return redirect(request.form['next_url'])
else:
form.password.errors.append("Invalid username or password")
else:
flash('Invalid credentials')
return render_template('login.html',
title = 'Sign In',
form = form)
def login():
form = LoginForm()
if g.user.is_authenticated():
return redirect(url_for('main_page'))
if request.method == 'POST':
# login and validate the user...
if form.validate():
name = request.form['name']
password = request.form['password']
user = User.query.filter_by(name=name, password=password).first()
if user is None:
flash('Wrong data, try again')
return redirect(url_for('login'))
login_user(user)
flash("Logged in successfully.")
return redirect(url_for('main_page'))
return render_template("login_form.html", form=form, title='Sign In')
def authorize_form():
try:
client_id = int(request.args.get('client_id'))
redirect_uri = request.args.get('redirect_uri')
state = request.args.get('state', None)
except:
abort(400, 'invalid_request')
q = App.query.filter_by(id=client_id).first()
if q is None:
p = '?error=unknown_app'
if state is not None:
p += '&state=' + state
return redirect(redirect_uri + p, code=302)
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
login = form.login.data
pass_hash = sha256(form.password.data.encode('UTF-8')).digest()
user = User.query.filter_by(login=login, pass_hash=pass_hash).first()
if user is not None:
code = Code(
u_id = user.id,
code = sha256(str(uuid4()).encode('UTF-8')).hexdigest(),
exp_time = datetime.now() + timedelta(minutes=30)
)
dcodes = Code.query.filter_by(u_id=user.id).first()
db.session.delete(dcodes)
db.session.commit()
db.session.add(code)
db.session.commit()
p = "/?code=" + str(code.code)
if state is not None:
p += '&state=' + state
return redirect(redirect_uri+p)
flash("Логин или пароль неверны!")
return render_template('login.html',
form = form)
def login_page():
error = None
login_form = LoginForm(request.form)
if request.method == "POST":
if login_form.validate() is False:
return render_template('login.html',
login_form=login_form,
error=error)
else:
session['logged_in'] = True
session['username'] = login_form.username.data
flash('Welcome %s!' % login_form.username.data)
return redirect(url_for('dashboard'))
elif request.method == "GET":
return render_template('login.html',
login_form=login_form,
error=error)
def register():
form = LoginForm()
if g.user.is_authenticated():
return redirect(url_for('main_page'))
if request.method == 'POST' and form.validate():
name = request.form['name']
password = request.form['password']
if not User.query.filter_by(name=name).first():
user = User(name, password)
db_session.add(user)
db_session.commit()
flash("You have successfully registered. Now you can log in.")
return redirect(url_for('login'))
else:
flash('This name already used. Please try again.')
return render_template('login_form.html',
form=form,
title='Sign up')
return render_template('login_form.html', form=form, title='Sign up')
def login_bootstrap():
form = LoginForm(request.form)
if request.method == "POST":
if form.validate():
#到数据库中查询,返回错误
db.connect()
logging.error('username = %s,psw = %s',form.username.data,form.password.data)
db_password = db.c.execute("SELECT password FROM users WHERE username = ?",(form.username.data,)).fetchone()
if db_password:
if hashlib.md5(KEY + form.password.data).hexdigest() != db_password[0]:
# print 'db_password =%s,input_psw = %s' %(db_password , hashlib.md5(KEY+form.password.data).hexdigest() )
# logging.error('db_password = '******'密码错误')
else:
flash(u'登陆成功')
else:
logging.error(db_password)
flash(u'用户名不存在')
return render_template('login_bootstrap.html',form = form)
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
user = User.objects.filter(username=form.username.data).first()
if user:
good_password = user.check_password(form.password.data)
if good_password:
user.authenticated = True
user.save()
remember = request.form.get("remember", "n") == "y"
if login_user(user, remember=remember):
flash("You logged in successfully.")
return redirect(url_for('views.index'))
else:
flash("Your account is marked as inactive.")
else:
flash("There was an error logging in, password incorrect.")
else:
flash("There was an error logging in, user not found.")
return render_template('login.html', form=form, session=session)
def login():
errors = []
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
username = form.username.data
password = form.password.data
users = list(User.view('users/by_username', key = username))
if not users:
errors.append('Wrong username')
else:
user = users[0]
if make_passwd_hash(user.salt, password) != user.password:
errors.append('Wrong password')
else:
session['logged_in'] = True
session['uid'] = user._id
session['username'] = user.username
flash('You were logged in')
return redirect(url_for('index.index'))
errors.extend(format_form_errors(form.errors.items()))
return render_template('login.html', form = form, errors = errors)
def post(self):
user = self.validate_user()
if user is not None:
self.redirect('/')
return
form = LoginForm(self.request.params)
# validate form
if not form.validate():
self.r(form)
return
# validate csrf
if not self.validate_csrf(form.csrf_token.data):
form.csrf_token.data = self.generate_csrf()
self.r(form, flashes=flash('Please submit the form again'))
return
# check whether user account exists
username = form.username.data
try:
user = Key("User", lower(username)).get()
except:
user = None
if user is None:
self.r(form, flashes=flash('Could not sign in. Verify username and password are correct and try again.'))
return
# check whether passwords are correct or not
if not pw.is_pw(form.password.data, user.password):
self.r(form, flashes=flash('Could not sign in. Verify username and password are correct and try again.'))
return
# create a hash with our secret so we know the cookie is legit later
self.generate_sig(user.username)
self.redirect('/?welcome=%s' % user.username)
return
def test_login_form_no_data():
form = LoginForm(None)
expect(form.validate()).to.be.false()
form = LoginForm(MultiDict())
expect(form.validate()).to.be.false()
def test_validate_invalid_email_format(self):
"""Test that the incorrect email format is not validated"""
login_form = LoginForm(email="unknown", password="******")
self.assertFalse(login_form.validate())
