def login():
'''
Function Type: View Function, Form handler
Template: accounts/login.html
Purpose: Handle the login of a user and provide feedback when login fails.
Inputs: None
Template Parameters:
form: A form of the class SignInForm. This takes the username and password
of the user.
active_pate: A string naming the active page. This is for higlighting the
active page in the nav-bar.
Forms Handled:
SignInForm: Uses this form to determine if the user has the credentials to
access the account. If an error occurs the appropriate error fields are
filled in and the form is sent back to the template.
'''
#If the user is already authenticated we are done here just go to the index
if g.user is not None and g.user.is_authenticated():
flash("User is alread logged in", "warning")
return redirect(url_for('index'))
#If the form is being submitted (we get a POST request) handle the login
if request.method == 'POST':
form = SignInForm(request.form)
if form.validate():
try:
user = User.objects.get(username=form.username.data)
passMatch = user.checkPassword(form.password.data)
#Check for matching password hashes
if not passMatch:
flash(LOGIN_ERROR_MSG, "error")
return render_template("accounts/login.html", form=form, \
active_page="login")
#Validated so login the user (If the asked to be remembered tell
#flask-login to handle that)
login_user(user, remember=form.remember.data)
#set the session global user variable
g.user = current_user
return redirect(url_for('index'))
except User.DoesNotExist:
flash(LOGIN_ERROR_MSG, "error")
return render_template("accounts/login.html", form=form, \
active_page="login")
#If it wasn't a form submission just render a blank form
return render_template("accounts/login.html", form=SignInForm(), \
active_page="login")
def login():
'''
Function Type: View Function, Form handler
Template: accounts/login.html
Purpose: Handle the login of a user and provide feedback when login fails.
Inputs: None
Template Parameters:
form: A form of the class SignInForm. This takes the username and password
of the user.
active_pate: A string naming the active page. This is for higlighting the
active page in the nav-bar.
Forms Handled:
SignInForm: Uses this form to determine if the user has the credentials to
access the account. If an error occurs the appropriate error fields are
filled in and the form is sent back to the template.
'''
#If the user is already authenticated we are done here just go to the index
if g.user is not None and g.user.is_authenticated:
flash("User is alread logged in", "warning")
return redirect(url_for('index'))
#If the form is being submitted (we get a POST request) handle the login
if request.method == 'POST':
form = SignInForm(request.form)
if form.validate():
try:
user = User.objects.get(username=form.username.data)
passMatch = user.checkPassword(form.password.data)
#Check for matching password hashes
if not passMatch:
flash(LOGIN_ERROR_MSG, "error")
return render_template("accounts/login.html", form=form, \
active_page="login")
#Validated so login the user (If the asked to be remembered tell
#flask-login to handle that)
login_user(user, remember=form.remember.data)
#set the session global user variable
g.user = current_user
return redirect(url_for('index'))
except User.DoesNotExist:
flash(LOGIN_ERROR_MSG, "error")
return render_template("accounts/login.html", form=form, \
active_page="login")
#If it wasn't a form submission just render a blank form
return render_template("accounts/login.html", form=SignInForm(), \
active_page="login")
def requestRecovery():
if request.method == 'POST':
form = SignInForm(request.form)
if form.validate():
try:
user = User.objects.get(username=form.username.data)
if user.email == None or len(user.email) == 0:
flash("No email address on file for this user", "error")
return redirect(url_for('login'))
rec = RecoverAccount()
rec.user = user
rec.requestIP = str(request.environ['REMOTE_ADDR'])
rec.save()
#Send an email to recover the password
import smtplib
from email.mime.text import MIMEText
messageText = """\
<html>
<head></head>
<body>
<p>It looks like you requested a link to reset your password. <a href='
"""
messageText += url_for('recovery', rid=rec.id, _external=True)
messageText += """'>Here</a> is the link. If you didn't request this link
and you think this has been recieved in error please contact your system
administrator.</p>
</body>
</html>"""
msg = MIMEText(messageText,'html')
msg['Subject'] = 'Password reset request'
msg['From'] = app.config['SYSTEM_EMAIL_ADDRESS']
msg['To'] = user.email
s = smtplib.SMTP(app.config['SMTP_SERVER'])
s.sendmail(app.config['SYSTEM_EMAIL_ADDRESS'], [user.email], msg.as_string())
flash("Password reset request sent", "success")
return redirect(url_for('login'))
except User.DoesNotExist:
flash("The user you specified could not be found.", "error")
return redirect(url_for('login'))
else:
for v in form.errors.values():
flash(v[0], "error")
return redirect(url_for('login'))
def requestRecovery():
if request.method == 'POST':
form = SignInForm(request.form)
if form.validate():
try:
user = User.objects.get(username=form.username.data)
if user.email == None or len(user.email) == 0:
flash("No email address on file for this user", "error")
return redirect(url_for('login'))
rec = RecoverAccount()
rec.user = user
rec.requestIP = str(request.environ['REMOTE_ADDR'])
rec.save()
#Send an email to recover the password
import smtplib
from email.mime.text import MIMEText
messageText = render_template('accounts/passResetEmail.html',
recoveryURL=url_for(
'recovery',
rid=rec.id,
_external=True))
msg = MIMEText(messageText, 'html')
msg['Subject'] = 'Password reset request'
msg['From'] = app.config['SYSTEM_EMAIL_ADDRESS']
msg['To'] = user.email
import os
SENDMAIL = "/usr/sbin/sendmail" # sendmail location
p = os.popen("%s -t -i" % SENDMAIL, "w")
p.write(msg.as_string())
status = p.close()
if status:
print "Sendmail exit status", status
flash("Password reset request sent", "success")
return redirect(url_for('login'))
except User.DoesNotExist:
flash("The user you specified could not be found.", "error")
return redirect(url_for('login'))
else:
for v in form.errors.values():
flash(v[0], "error")
print request.method
return render_template("accounts/login.html", form=SignInForm(), \
active_page="login")
def requestRecovery():
if request.method == 'POST':
form = SignInForm(request.form)
if form.validate():
try:
user = User.objects.get(username=form.username.data)
if user.email == None or len(user.email) == 0:
flash("No email address on file for this user", "error")
return redirect(url_for('login'))
rec = RecoverAccount()
rec.user = user
rec.requestIP = str(request.environ['REMOTE_ADDR'])
rec.save()
#Send an email to recover the password
import smtplib
from email.mime.text import MIMEText
messageText = render_template('accounts/passResetEmail.html',
recoveryURL= url_for('recovery', rid=rec.id, _external=True))
msg = MIMEText(messageText,'html')
msg['Subject'] = 'Password reset request'
msg['From'] = app.config['SYSTEM_EMAIL_ADDRESS']
msg['To'] = user.email
import os
SENDMAIL = "/usr/sbin/sendmail" # sendmail location
p = os.popen("%s -t -i" % SENDMAIL, "w")
p.write(msg.as_string())
status = p.close()
if status:
print "Sendmail exit status", status
flash("Password reset request sent", "success")
return redirect(url_for('login'))
except User.DoesNotExist:
flash("The user you specified could not be found.", "error")
return redirect(url_for('login'))
else:
for v in form.errors.values():
flash(v[0], "error")
print request.method
return render_template("accounts/login.html", form=SignInForm(), \
active_page="login")
