def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = UserLoginForm() search_form = SearchForm() if form.validate_on_submit(): user = mongo.db.users.find_one({'username': form.username.data}) if user and User.check_password(user['password'], form.password.data): user_obj = User(user['username'], user['email'], user['_id'], user['is_admin']) login_user(user_obj) # accesses the 'next page' query string to determine which url user wanted to visit # before being redirected to the login page. If no next page was given then redirects user # to the index page. 'url_parse.netloc' prevents malicious redirect attacks. This prevents #redirects by ensuring that the url is relative to the page. next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index') return redirect(next_page) else: flash('Wrong username or password', 'warning') return render_template('loginform.html', form=form, search_form=search_form, title='Login')
def login(): form = UserLoginForm() if request.method == 'GET': return render_template('login.html', form=form) if request.method == 'POST': if form.validate_on_submit(): username = form.username.data password = form.password.data user = User.query.filter(User.username == username).first() # 验证用户是否存在 if user: # 验证密码 if check_password_hash(user.password, password): # 密码正确 # 实现登录, django中auth.login(request, user) login_user(user) return redirect(url_for('app.index')) else: error = '密码错误' return render_template('login.html', error=error, form=form) else: # 账号不存在 error = '账号不存在!' return render_template('login.html', error=error, form=form) else: return render_template('login.html', form=form)
def login_view(request): print(request.user.is_authenticated()) title = "Login" form = UserLoginForm(request.POST or None) if form.is_valid(): username = form.cleaned_data.get("username") password = form.cleaned_data.get("password") user = authenticate(username=username, password=password) login(request, user) return render(request, 'index.html') return render(request, "login.html", {"form": form, "title": title})
def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = UserLoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash("""Invalid username or password. Please try again.""") return redirect(url_for('login')) login_user(user, remember=form.remember_me.data) return redirect(url_for('index')) return render_template('login.html', title='Sign In', form=form)
def users_login(): form = UserLoginForm() error = None if request.method == "POST" and form.validate(): user = dbusers.user.find_one({"email": form.email.data}) session["email"] = form.email.data return redirect(request.args.get("next") or url_for("users.users_index")) else: flash_errors(form) return render_template("/users/login.html", form=form)
def login(): form = UserLoginForm() if request.method == 'POST' and form.validate_on_submit(): error = None user = User.query.filter_by(username=form.username.data).first() if not user: error = "존재하지 않는 사용자입니다." elif not check_password_hash(user.password, form.password.data): error = "비밀번호가 올바르지 않습니다." if error is None: session.clear() session['user_id'] = user.id return redirect(url_for('main.index')) flash(error) return render_template('auth/login.html', form=form)
def login_view(request): next = request.GET.get('next') form = UserLoginForm(request.POST or None) if form.is_valid(): username = form.cleaned_data.get('login') password = form.cleaned_data.get('password') user = authenticate(username=username, password=password) login(request, user) if next: return redirect(next) return redirect('/') context = { 'form': form, } return render(request, "login.html", context)
def login(): form = UserLoginForm() if request.method == 'POST' and form.validate_on_submit(): error = None user = User.query.filter_by(email=form.email.data).first() if not user: error = "There are no matching emails." elif not check_password_hash(user.password, form.password.data): error = "incorrect password." if error is None: session.clear() session['user_id'] = user.email if user.authority_type == 1: session['admin_mode'] = True return redirect('/') flash(error, 'danger') return render_template('main/auth/login.html', form=form)
def user_login(): # If user is already logged in, redirect to home page if current_user.is_authenticated: return redirect(url_for("home")) # UserLoginForm object from forms.py user_login_form = UserLoginForm() if user_login_form.validate_on_submit(): user = User.query.filter_by( username=user_login_form.username.data).first() # Checks validity of username and if provided password matches username if (user is None) or (not user.check_password( user_login_form.password.data)): flash("Invalid username or password") return redirect(url_for("user_login")) else: # Login function from flask_login UserLoginForm().login_user(user, user_login_form.remember_me.data) return redirect(url_for("user_profile", username=user.username)) return render_template("user_login_form.html", title="Login", form=user_login_form)
def login_view(request): template = 'registration/login.html' if request.method == 'POST': username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) return redirect('home') else: form = UserLoginForm() error = 'Такого аккаунта нет' return render(request, template, context={ 'form': form, 'error': error }) else: form = UserLoginForm() error = 'Не верный Пароль или Логин' return render(request, template, context={ 'form': form, 'error': error }) form = UserLoginForm() return render( request, template, context={ 'form': form, 'errors': False }, )
def user_login(): form = UserLoginForm() # POST: Process the PowerToken login form. if form.validate_on_submit(): username = form.username.data user = User.query.filter_by(username=username).first() # If the user has not been added to the database, add the user to the # database and redirect to the WEconnect login. if user is None: user = User(username=username) db.session.add(user) db.session.commit() return redirect(url_for("user_wc_login", username=username)) # If the user exists in the database, but the WEconnect (or Fitbit) # info isn't filled out, redirect to the WEconnect login. if any([not user.wc_id, not user.wc_token, not user.fb_token]): return redirect(url_for("user_wc_login", username=username)) #TODO Add token expiry check here # If user exists in the db, but token returns an error, then login again to refresh if not check_wc_token_status(user.wc_id, user.wc_token): return redirect(url_for("user_wc_login", username=username)) # If the user exists in the database, and the WEconnect and Fitbit info # is already filled out, bypass the login process. return redirect(url_for("user_home", username=username)) # GET: Render the PowerToken login page. error = request.args.get("error") if error: return render_template("user_login.html", form=form, error=error) else: return render_template("user_login.html", form=form)
def login_usuario(): if current_user.is_authenticated: return redirect(url_for('home')) form = UserLoginForm() if form.validate_on_submit(): usuario = Usuario.query.filter_by(nombre=form.nombre.data).first() if usuario is None or not usuario.check_password(form.password.data): flash('Nombre de usuario o contraseña es incorrecto', 'danger') return redirect(url_for('login_usuario')) login_user(usuario, remember=form.remember_me.data) app.logger.info(f'{datetime.now()}: {usuario} logged in') flash(f'Bienvenido {usuario.nombre}!', 'success') next_page = request.args.get('next') if next_page: try: next_page = my_utils.get_last_dir_url(next_page) return redirect(url_for(next_page)) except BuildError: app.logger.info( f'{datetime.now()}: Wierd redirect: {next_page} from {current_user} - {request.remote_addr}' ) return redirect(url_for('home')) else: return redirect(url_for('home')) return render_template('login.html', barra_busqueda=True, titulo='Login', form=form, debug=app.config['DEBUG'])
def login(request): if request.method == 'GET': return render(request, 'login.html') if request.method == 'POST': #1.表单验证 form = UserLoginForm(request.POST) #使用is_valid()进行表单验证 if form.is_valid(): #form表单验证成功 user = auth.authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password']) if user: #如果验证通过,进行登录 #request.user默认AnonyMouseUser auth.login(request, user) return HttpResponseRedirect(reverse('app:index')) else: #用户名和密码错误 return render(request, 'login.html', {'form': form}) #2.auth模块验证 #3.auth.login登录 else: #form验证失败,则返回错误信息到页面 return render(request, 'login.html', {'form': form})
def account_activation(code): form = UserLoginForm() check_activation = User.check_activation_code(code) if not check_activation: return redirect(url_for('auth_bp.user_login')) login_user(check_activation, remember=True) session['logged-in'] = True if current_user.get_role() == 'SELLER': return redirect(url_for('seller_bp.dashboard')) elif current_user.get_role() == 'BUYER': return redirect(url_for('buyer_bp.dashboard')) else: logout_user() session.clear() return redirect(url_for('auth_bp.user_login'))
def login(): error = '' form = UserLoginForm(request.form) try: if request.method == 'POST': user = UserModel.query.filter_by(username=form.username.data).first() if user.password == request.form['password']: session['logged_in'] = True session['username'] = request.form['username'] flash("You are logged in as {}".format(session['username'])) return redirect('/') else: error = 'Invalid credentials, try again' gc.collect() return render_template('login.html', error=error, form=form) except Exception as e: error = 'Invalid credentials, try again' return render_template('login.html', error=error, form=form)
def user_login(request): #usuário está autenticado e quer acessar a página de login; #O usuário será redirecionado para a página index.; #A página de login só pode ser acessada se o usuário não estiver autenticado no sistema ou #se ele fizer o logout no sistema. if request.user.is_authenticated: return HttpResponseRedirect(reverse('app:index')) #Usuário não está autenticado e solicita seus dados para a realização do acesso if request.method == 'POST': #referente ao campo de usuario presente no formulário HTML username = request.POST.get('usuario') #referente ao campo de senha presente no formulário HTML password = request.POST.get('senha') #Inicialização de valores do objeto UserLoginForm form_login = UserLoginForm(data=request.POST) #Verificar se os dados informados no formúlário de login são válidos. valid = form_login.is_valid() if not valid: #Usuário informou dados que não definem um acesso no sistema #usuario e senha errados #continua na página de login e as mensagem de erros são impressas na tela return render(request, 'app/login.html', {'form_login': form_login}) else: #Testa se os dados informados pelo usuário correspondem a um acesso válido user = form_login.verificar_acesso() #Se os dados forem válidos e o usuário é ativo no sistema, o usuário é autenticado no sistema e #é redirecionado para a página de medidas. if user is not None: if user.is_active: #Autenticando usuário login(request, user) #redirecionamento return HttpResponseRedirect(reverse('app:index')) else: #Acesso não é válido e a página de login juntamentente à mensagens de erros #são renderizadas para o usuário return render(request, 'app/login.html', {'form_login': form_login}) else: form_login = UserLoginForm() return render(request, 'app/login.html', {'form_login': form_login})
def tdinfo(): dbSession = db.Session() userLoginForm = UserLoginForm() takedownTradeForm = TakedownTradeForm() stats = dbSession.getTDStats() def tdPage(userEmail): if userEmail is None: user = [None] else: uid = dbSession.getUid(userEmail) pname = dbSession.getPname(uid) tdScore = dbSession.getTakedownScore(uid) penaltyScore = dbSession.getPenaltyBalance(uid) userPenalties = dbSession.getPenalties(uid) userAssignments = dbSession.getUserAssignments(uid) assignments = [] if userAssignments: for dateId in userAssignments: tid = dbSession.getTid(dateId[0]) date = dbSession.getIsoDate(dateId[0]) meal = ["Lunch", "Dinner"][tid % 2] day = [ "Monday", "Tuesday", "Wednesday", "Thursday", "Friday" ][int((tid - tid % 2) / 2)] assignments.append([day + " " + meal, date, dateId[0]]) user = [pname, tdScore, penaltyScore, userPenalties, assignments] resp = make_response( render_template("tdinfo.html", user=user, userLoginForm=userLoginForm, takedownTradeForm=takedownTradeForm, stats=stats)) if userEmail: resp.set_cookie("userEmail", userEmail) dbSession.close() return resp if userLoginForm.submit.data and userLoginForm.validate_on_submit(): userEmail = userLoginForm.email.data dbSession.close() return tdPage(userEmail) if takedownTradeForm.submitData.data and takedownTradeForm.validate_on_submit( ): userEmail = takedownTradeForm.email.data uid = dbSession.getUid(userEmail) dateId = takedownTradeForm.dateId.data tid = dbSession.getTid(dateId) traders = dbSession.getAvailibility(tid) mail.TakedownTradeMessage(uid, dateId, traders) dbSession.close() return tdPage(userEmail) try: userEmail = request.cookies.get("userEmail") # dbSession.close() return tdPage(userEmail) except Exception: # dbSession.close() return tdPage(None)
def user_login(): form = UserLoginForm() return render_template('auth/login.html', form=form, title="Login")
def user_login_attempt(): form = UserLoginForm() email = request.form.get('email') login_ip = User.userIP() if form.validate_on_submit(): if not User.check_email(email): message = 'Incorrect login details' return render_template('auth/login.html', message=message, form=form, title="Login") if not User.check_hashed_password(request.form.get('password'), User.get_hashed_password(email)): User().verificationFail(email) message = 'Incorrect login details' return render_template('auth/login.html', message=message, form=form, title="Login") if not User.check_account_status(email): generate_new_verfication_code = EmailVerification(email).verifyAccountLink() Emails(request.form.get('email')).newUserVerification(generate_new_verfication_code) User().updateCodeinDB(request.form.get('email'), generate_new_verfication_code, 'activation_link') message = 'Your account has not been verified. Another email has been sent' return render_template('auth/login.html', form=form, message=message, title="Login") if User.(email): if User.check_ifcheck_account_lock_lock_is_expired(email): pass else: account_locked = Emails(email).accountLocked() message = 'Account Locked' return render_template('/auth/login.html', form=form, message=message, title="Login") if User.check_login_ip(email, login_ip): user_to_login = User.query.filter_by(email=email).first() login_user(user_to_login, remember=True) session['logged-in'] = True if current_user.get_role() == 'BUYER': return redirect(url_for('buyer_bp.dashboard')) elif current_user.get_role() == 'SELLER': return redirect(url_for('seller_bp.dashboard')) else: logout_user() return redirect('auth_bp.user_login') else: session['email'] = email session['ip'] = login_ip generate_verification_code = EmailVerification(email).emailVerificationCode() Emails(request.form.get('email')).sendVerificationEmail(User().userIP(), generate_verification_code) User.updateCodeinDB(session['email'], generate_verification_code, 'email_verification') return redirect(url_for('auth_bp.verify_new_ip')) else: if not User().check_form_email_validation(request.form.get('email')): message = 'Invalid Login Details' return render_template('auth/login.html', message=message, form=form, title="Login") message = 'Unknown Error Occured' return render_template('auth/login.html', message=message, form=form, title="Login")