Ejemplo n.º 1
0
def admin_login():
    """
    logs admins in the session and redirects to their own interface
    """
    if current_user.is_anonymous:
        pass
    else:
        if current_user.is_admin:
            return redirect(url_for("admin_page"))
    form = AdminLoginForm()
    if form.validate_on_submit():
        nickname = form.data["username"]
        user = get_user(user_id=nickname)
        if user is not None:
            password = form.data["password"]
            if hasher.verify(password, user.password):
                i_am_in = login_user(user, force=True, fresh=False)
                if i_am_in:
                    flash("You have logged in.")
                    next_page = request.args.get("next", url_for("admin_page"))
                return redirect(next_page)
        flash("Invalid credentials.")
    return render_template("admin_login.html",
                           title='Sign In as Admin',
                           form=form)
Ejemplo n.º 2
0
def adminlogin():
    form = AdminLoginForm()
    if form.validate_on_submit():
        if form.admin_id.data == '090078601' and form.password.data == 'niggachu':
            flash('Welcome Admin', 'success')
            return redirect('/admin')
        else:
            flash('Login Unsuccessful. Please check Admin ID or password', 'danger')
    return render_template('adminlogin.html', form=form)
Ejemplo n.º 3
0
def admin_login():
    form = AdminLoginForm()
    if form.validate_on_submit():
        # temporary 'test'/'test'
        if form.login.data == 'test' and form.pswd.data == 'test':
            authorize_admin()
            return redirect(url_for('homepage'))
        else:
            flash('NOPE')
    flash_errors(form)
    return render_template('admin_login.html', form=form)
Ejemplo n.º 4
0
def admin_login():
    form = AdminLoginForm()
    if form.validate_on_submit():
        admin = Admin.query.filter_by(username=form.username.data).first()
        if admin and admin.check_password(password=form.password.data):
            login_user(admin)
            next_page = request.args.get('next')
            return redirect(next_page or url_for("web_admin.view_users"))
        flash("Invalid username and password")
        return redirect(url_for("web_admin.admin_login"))
    return render_template("user_login.html", form=form)
Ejemplo n.º 5
0
def admin_login_page():
    admin_form = AdminLoginForm()
    if admin_form.validate_on_submit():
        username = admin_form.username.data
        password = admin_form.password.data
        if password == 'pass':
            session['logged_in'] = True
            session['role'] = 'admin'
            return redirect(url_for('admin_ui.admin_page', username=username))

    return render_template('roles/admin/admin_login_page.html',
                           form=admin_form)
Ejemplo n.º 6
0
def login():
    #在template文件夹下创建auth文件夹
    form = AdminLoginForm()
    if form.validate_on_submit():
        user = User.query.filter_by(username=form.username.data).first()
        if user is not None and user.verify_password(form.password.data):
            #成功
            login_user(user, form.remember_me.data)
            if user.role.id == 1:
                return redirect(url_for('admin.post'))
            else:
                return redirect(url_for('main.index'))
    return render_template('auth/login.html', form=form), 200
Ejemplo n.º 7
0
def login():
    errors = None
    form = AdminLoginForm(request.form)
    if request.method == 'POST' and form.validate():
        admin = get_admin(g.db, form.email.data)
        if valid_login(admin, form.email.data, form.password.data):
            login_user(admin)
            return redirect(url_for('hunts'))
        flash('Invalid email and password combination')
    else:
        errors = form.errors
    return make_response(render_template(
        'homepage.html', form=form, display_login_link=True))
Ejemplo n.º 8
0
def adminlogin():
    form = AdminLoginForm()
    if form.validate_on_submit():
        if request.method == 'POST':
            name1 = form.name.data
            pass1 = form.password.data
            if name1 == "admin" and pass1 == "admin":
                session['user'] = True
                return redirect(url_for('adminprofile'))
            else:
                flash('Invalid username or password', 'danger')
                return redirect(url_for('adminlogin'))
    return render_template('adminlogin.html', form=form)
Ejemplo n.º 9
0
def login():
	#在template文件夹下创建auth文件夹
	form = AdminLoginForm()
	if form.validate_on_submit():
		user = User.query.filter_by(username = form.username.data).first()
		if user is not None and user.verify_password(form.password.data):
			#成功
			login_user(user,form.remember_me.data)
			if user.role.id == 1:
				return redirect(url_for('admin.post'))
			else:
				return redirect(url_for('main.index'))
	return render_template('auth/login.html',form = form),200
Ejemplo n.º 10
0
def login():
    errors = None
    form = AdminLoginForm(request.form)
    if request.method == 'POST' and form.validate():
        admin = get_admin(g.db, form.email.data)
        if valid_login(admin, form.email.data, form.password.data):
            login_user(admin)
            return redirect(url_for('hunts'))
        flash('Invalid email and password combination')
    else:
        errors = form.errors
    return make_response(
        render_template('homepage.html', form=form, display_login_link=True))
Ejemplo n.º 11
0
def adminlogin(): 
    form=AdminLoginForm()
    if form.validate_on_submit():
        reg_password = engine.execute("select Password from Admin_Tab where Name = :a",{'a':form.name.data})
        for row in reg_password:
            reg_details=row
        print(reg_details)
        if bcrypt.check_password_hash(reg_details[0] , form.password.data) :
            flash('Login successful.', 'success')
            current_user = form.name.data
            return redirect(url_for('profile',current_user= current_user,Type_of_User="******"))
        else:
            flash('Login Unsuccessful. Please check EnrollNo and password', 'danger')  
    return render_template('adminlogin.html',title='adminLogin', form=form)
Ejemplo n.º 12
0
def adminlogin():

    form = AdminLoginForm()
    if form.validate_on_submit():
        user = Admin.query.filter_by(email=form.email.data).first()
        if user.check_password(form.password.data) and user is not None:
            login_user(user)
            next = request.args.get('next')
            if next == None or not next[0] == '/':
                next = url_for('welcome_admin')
                global admin
                admin = True
            return redirect(next)

    return render_template('adminlogin.html', form=form, admin=admin)
Ejemplo n.º 13
0
def login(request):
    from forms import AdminLoginForm

    if request.method == 'POST':
        post = request.POST.copy()
        admin_form = AdminLoginForm(post)
        if admin_form.is_valid():
            usuario = auth.authenticate(username=post['usuario'], password=post['password'])
            if usuario is not None:
                if usuario.is_staff():
                    auth.login(request, usuario)
    else:
        admin_form = AdminLoginForm()

    return 'admin.html', { 'admin': admin_form }
def admin_login(request):

    if request.method == 'POST':
        form = AdminLoginForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data
            username = data["id"]
            password = data["password"]
            user = authenticate(username=username, password=password)
            if user is not None:
                login(request, user)
                return HttpResponseRedirect(reverse("admin"))

    form = AdminLoginForm()

    return render(request, "scanner/admin_login.html", {"form": form})
Ejemplo n.º 15
0
def admin_login():
    form = AdminLoginForm()

    if "admin" in session:
        return redirect(url_for("admin"))

    if request.method == "POST":
        if form.validate() == False:
            flash("invalid credentials")
            return render_template("admin/login.html", form=form)
        else:
            session["admin"] = form.email.data
            flash("Anda sudah berhasil masuk, selamat!", category="info")
            return redirect(request.args.get("next") or url_for("admin"))
    elif request.method == "GET":
        return render_template("/admin/login.html", form=form)
Ejemplo n.º 16
0
def login():
    if current_user.is_authenticated:
        flash('Already logged in', 'info')

        return redirect(url_for('landing_page'))

    cur = conn.cursor()
    form = AdminLoginForm()

    if form.validate_on_submit():
        cpf = form.cpf.data
        input_password = form.password.data

        cur.execute(f"""SELECT administrator.cpf, person_name, admin_password
                    FROM administrator, person
                    WHERE administrator.cpf = '{cpf}'
                    AND administrator.cpf = person.cpf;""")
        query_results = cur.fetchall()

        conn.commit()
        cur.close()

        if len(query_results) == 0:
            flash(f'Invalid CPF', 'error')
        else:
            cpf, name, password = query_results[0]

            if input_password == password:
                login_user(admin(cpf, name, password))
                flash(f'You are logged as admin', 'success')

                return redirect(url_for('landing_page'))
            else:
                flash(f'Wrong password', 'error')
    else:
        if form.errors:
            errors = list(form.errors.keys())
            error = errors[0]
            flash(f'Error in {error}: {form.errors[error][0]}', 'error')

    return render_template('login.html', form=form)
Ejemplo n.º 17
0
def admin(request):
  unconfirmedSongVideos = Video.objects.filter(
    is_confirmed__exact=False
  ).prefetch_related(
    'songs', 'songs__composers', 'songs__styles', 'groups'
  ).order_by('title')

  formattedUnconfirmedVideos = []
  for video in unconfirmedSongVideos :
    formattedUnconfirmedVideos.append(formattedVideoData(video))

  response = render(
    request, 
    'unconfirmed-list.html',
    {"data": json.dumps({
      "unconfirmed_songs": {
        "videos" : {
          "items" : formattedUnconfirmedVideos,
          "metadata" : rekeyAndFormatVideoData(unconfirmedSongVideos),
        },
      },
    })}
  )

  if request.COOKIES.get(ADMIN_COOKIE, False):
    return response
  elif request.method == 'POST':
    form = AdminLoginForm(request.POST)
    if form.is_valid():
      if form.cleaned_data['password'] == ADMIN_PASSWORD:
        response.set_cookie(
          key=ADMIN_COOKIE, 
          value=True, 
          max_age=ADMIN_COOKIE_EXPIRE
        )
        return response
  else:
    form = AdminLoginForm()

  return render(request, 'admin-login.html', {'form': form})
Ejemplo n.º 18
0
def admin_login():
    form = AdminLoginForm(request.form)
    if request.method == 'POST':        
        if form.validate():
            username = form.name.data.title()
            password = form.password.data
            user = User.query.filter_by(name=username).first()
            if current_user.name == username:
                if password == 'adminuser':
                    if user.is_admin is False or user.is_admin is None:
                        user.is_admin = True
                        db.session.commit()
                    login_user(user)
                    return redirect(url_for('admin'))
                else:
                    # TODO: ERROR MESSAGE
                    return 'admin password fail'
                # TODO: ERROR MESSAGE
            return 'please logout and try again'
        else:
            return 'invalid data, please retry'
    name = current_user.name
    return render_template('adminLogin.html', form=form, name=name)
Ejemplo n.º 19
0
def AdLogin():
    form=AdminLoginForm()
    if request.method=='POST':
        adminId=request.form.get("adminId")
        password=request.form.get("password")
        adIddata=db.execute("SELECT adminId FROM admins WHERE adminId=:adminId",{"adminId":adminId}).fetchone()
        passworddata=db.execute("SELECT password FROM admins WHERE adminId=:adminId",{"adminId":adminId}).fetchone()[0]
        #for applied
        data=db.execute("SELECT jobId,count(jobId) FROM candid GROUP BY jobId;")
        fetchData=data.fetchall()
        graphdata=[]
        for ele in fetchData:
            graphdata.append([str(ele[0]),ele[1]])
            
        #for vacancy
        data1=db.execute("SELECT jobId,job,noOfVac FROM jobVac;")
        fetchData1=data1.fetchall()
        graphdata1=[]
        for ele in fetchData1:
            graphdata1.append(['('+str(ele[0])+')'+ele[1],ele[2]])
        #for source
        graphdata2=[]
        fetchData2=db.execute("SELECT source,count(source) FROM candid GROUP BY source;").fetchall()
        for ele in fetchData2:
            graphdata2.append([ele[0],ele[1]])
            
        if adIddata is None:
            flash("No adminId","danger")
            return render_template("adminlogin.html",form=form)
        else:
            if sha256_crypt.verify(password,passworddata):
                session['loggedin']=True
                session['admin']=request.form['adminId']
                flash("You are now logged in",'success')
                return render_template("mainDashboard.html",graphdata=json.dumps(graphdata),graphdata1=json.dumps(graphdata1),graphdata2=json.dumps(graphdata2))
            else:
                flash("incorrect password","danger")
                return render_template("adminlogin.html",form=form)
    return render_template('adminlogin.html',title='Login',form=form)
Ejemplo n.º 20
0
def login(request):
    """
	Page for admins to login to for competition management
	"""
    c = {}
    c["messages"] = UserMessages()
    c = getAuthValues(request, c)
    c["form"] = {'login': AdminLoginForm()}

    c.update(csrf(request))
    # Checks if the user is submitting the form, or requesting the form
    if request.method != "POST":
        return render_to_response('AdminConfig/login.html', c)
    username = request.POST.get('username')
    password = request.POST.get('password')
    # TODO: The following line can throw a MultiValueDictKeyError
    admin = auth.authenticate(username=username, password=password)
    if admin == None:
        c["messages"].new_info("Incorrect credentials.", 4321)
        return render_to_response('AdminConfig/login.html', c)
    # Checks that the submitted form data is valid
    auth.login(request, admin)
    return HttpResponseRedirect("/admin/home")
def schedule(request):
    schedule=[]
    today = date.today()
    while today.weekday() >= 5 or ScheduleDay.objects.filter(date=today).count() > 0 and ScheduleDay.objects.get(date=today).day_off:
        today += timedelta(1)
    schedule_day = None
    if ScheduleDay.objects.filter(date=today).count() > 0:
        schedule_day = ScheduleDay.objects.get(date=today)
    else:
        done = False
        one_day = timedelta(1)
        today_dt = datetime.combine(today, time())
        today_dt -= one_day
        new_date = today_dt.date()
        days_ellapsed = 0
        day = 0
        while not done:
            if new_date.weekday() < 5 and ScheduleDay.objects.filter(date=new_date).count() == 0:
                days_ellapsed += 1
            elif new_date.weekday() < 5 and not ScheduleDay.objects.get(date=new_date).day_off:
                done = True
                day = (ScheduleDay.objects.get(date=new_date).day + days_ellapsed) % 7
            new_dt = datetime.combine(new_date, time())
            new_dt -= one_day
            new_date = new_dt.date()
        schedule_day = ScheduleDay(date=today, day_off=False, day=day, schedule="")
        schedule_day.save()
    print(schedule_day.day)
    if (schedule_day.schedule == ""
        schedule_day.schedule = master_schedule[schedule_day.day]
        s
        
    if len(schedule_day.period_set.all()) == 0:
        for i in range(len(schedule_day.schedule)):
            period = Period(day=schedule_day, period_number=i, period_letter=schedule_day.schedule[i:i + 1])
            period.save()
    
    schedule.append([["Day " + str(schedule_day.day + 1)]])
    for period in schedule_day.schedule:
        schedule.append([[period]])
    
    
    return render(request, "scanner/schedule.html", {'schedule_table': schedule})

@not_login_required
def checkin (request):
    
    messages = []
    
    if request.method == 'POST':
        form = ScanForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data
            idnum = data["scan"]
            if len(Person.objects.filter(id=idnum)) != 0:
                person = Person.objects.get(id=idnum)
                checkins = Checkin.objects.filter(person=person, completed=False)
                if len(checkins) == 0:
                    messages.append("Successfully checked in " + person.first_name + " " + person.last_name)
                    new_checkin = Checkin(person=person, checkin=datetime.now(), checkout=datetime.now())
                    new_checkin.save()
                else:
                    for obj in checkins:
                        obj.checkout = datetime.now()
                        obj.completed = True
                        obj.save()
                        person.hours += float((obj.checkout - obj.checkin).total_seconds()) / 3600
                        person.save()
                    messages.append("Successfully checked out " + person.first_name + " " + person.last_name)
        
    form = ScanForm()
    return render(request, "scanner/checkin.html", {"form": form, "messages": messages})

@not_login_required
def scan (request, idnum):
    idnum = int(idnum)
    if idnum < 10000 or idnum > 20000:
        return user(request, idnum)
    if idnum > 10000 and idnum < 20000:
        return checkout_item(request, idnum)
    return render(request, "scanner/item.html", {"idnum": idnum})

@not_login_required
def user (request, idnum):
    if len(Person.objects.filter(id=idnum)) == 0:
        if request.method == 'POST':
            form = NewUserForm(request.POST)
            if form.is_valid():
                person = form.save(commit=False)
                person.id = idnum
                person.save()
        else:
            form = NewUserForm()
            return render(request, "scanner/newuser.html", {"idnum": idnum, "form": form})
    
    person = Person.objects.get(id=idnum)
    messages = []
    
    if request.method == 'POST':
        form = ScanForm(request.POST)
        if form.is_valid():
            if len(CheckoutItem.objects.filter(id=form.cleaned_data["scan"])) > 0:
                item = CheckoutItem.objects.get(id=form.cleaned_data["scan"])
                if len(Checkout.objects.filter(person=person, item=item, checked_in=False)) > 0:
                    for checkout in Checkout.objects.filter(person=person, item=item, checked_in=False):
                        checkout.checked_in = True
                        checkout.date_returned = datetime.now()
                        checkout.save()
                        messages.append(item.name + " successfully checked in.")
                else:
                    new_checkout = Checkout(person=person, item=CheckoutItem.objects.get(id=form.cleaned_data["scan"]), date_checked_out=datetime.now() , date_due=datetime.now() + timedelta(CheckoutItem.objects.get(id=form.cleaned_data["scan"]).default_checkout_time))
                    new_checkout.save()
                    messages.append(item.name + " successfully checked out.")
            else:
                messages.append("That item is not in the database.")
    form = ScanForm()
    return render(request, "scanner/user.html", {"person": person, "form": form, "checkouts": Checkout.objects.filter(person=person, checked_in=False), "messages": messages})

@not_login_required
def checkout_item (request, idnum):
    if len(CheckoutItem.objects.filter(id=idnum)) == 0:
        if request.method == 'POST':
            form = NewItemForm(request.POST)
            if form.is_valid():
                item = form.save(commit=False)
                item.id = idnum
                item.save()
            else:
                form = NewItemForm()
                return render(request, "scanner/newitem.html", {"idnum": idnum, "form": form})
        else:
            form = NewItemForm()
            return render(request, "scanner/newitem.html", {"idnum": idnum, "form": form})
            
    return render(request, "scanner/item.html", {"item": CheckoutItem.objects.get(id=idnum)})

@not_login_required
def checkout(request, personid, itemid):
    return render(request, "scanner/item.html", {"item": CheckoutItem.objects.get(id=itemid)})
    
@login_required
def admin(request):
    person = request.user.leadershipmember
    return render(request, "scanner/admin.html", {"person": person})

@not_login_required
def admin_login(request):
    
    if request.method == 'POST':
        form = AdminLoginForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data
            username = data["id"]
            password = data["password"]
            user = authenticate(username=username, password=password)
            if user is not None:
                login(request, user)
                return HttpResponseRedirect(reverse("admin"))
    
    form = AdminLoginForm()
        
    return render(request, "scanner/admin_login.html", {"form": form})
    
@login_required
def admin_add_leadership(request):
    if not request.user.leadershipmember.can_add_leadership_members:
        return HttpResponseRedirect(reverse("admin"))
    if request.method == 'POST':
        form = NewLeadershipMemberForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data
            person = Person.objects.get(id=data["id"])
            
            if len(User.objects.filter(username=data["id"])) == 0:
                print(data["password"])
                user = User.objects.create_user(data["id"], data["email"], data["password"])
                user.save()
            user = User.objects.get(username=data["id"])
            leadershipmember = LeadershipMember(first_name=person.first_name, last_name=person.last_name, id=person.id, hours=person.hours, periods=data["periods"], user=user)
            person.delete()
            leadershipmember.save()
            return HttpResponseRedirect(reverse("admin"))
    
    form = NewLeadershipMemberForm()
    return render(request, "scanner/admin_add_leadership.html", {"form": form})

@login_required
def admin_change_permissions(request):
    if not request.user.leadershipmember.can_change_leadership_permissions:
        return HttpResponseRedirect(reverse("admin"))
    leadershipmembers = LeadershipMember.objects.exclude(id=request.user.leadershipmember.id)
    return render(request, "scanner/admin_change_permissions.html", {'leadershipmembers': leadershipmembers})
    
@login_required
def admin_edit_info(request):
    if request.method == 'POST':
        form = LeadershipEditInfoForm(request.POST, instance=request.user.leadershipmember)
        if form.is_valid():
            form.save()
            return HttpResponseRedirect(reverse("admin"))
    form = LeadershipEditInfoForm(instance=request.user.leadershipmember)        
    return render(request, "scanner/admin_edit_info.html", {"form": form})
  
@login_required  
def admin_change_user_permissions(request, id):
    if not request.user.leadershipmember.can_change_leadership_permissions:
        return HttpResponseRedirect(reverse("admin"))
    if request.method == 'POST':
        form = ChangePermissionsForm(request.POST)
        if form.is_valid():
            print("1")
            data = form.cleaned_data
            lm = LeadershipMember.objects.get(id=id)
            lm.can_add_leadership_members = data["can_add_leadership_members"]
            lm.can_change_leadership_permissions = data["can_change_leadership_permissions"]
            lm.save()
            return HttpResponseRedirect(reverse("admin change permissions"))
    person = request.user.leadershipmember
    form = ChangePermissionsForm(instance=LeadershipMember.objects.get(id=id))
    return render(request, "scanner/admin_change_user_permissions.html", {"form": form, "person": person, "id": id})
def admin_login(request):
    
    if request.method == 'POST':
        form = AdminLoginForm(request.POST)
        if form.is_valid():