def signin(): """ Sign in an existing user """ form = SignInForm(request.form) next = request.args.get('next', '/') if request.method == 'POST' and form.validate(): email = form.email.data password = form.password.data if email: user = Users.get_one(email=email) if not user: form.email.errors = ['No such user or password'] else: if not user.check_password(password.encode()): form.email.errors = ['No such user or password'] else: login_user(user, remember=True) return redirect(form.next.data) # Not a POST or errors form.next.data = next context = {'form': form} content = render_template('signin.html', **context) return content
def signin(): if not flask_login.current_user.is_anonymous: return redirect(url_for('index')) form = SignInForm(request.form) if form.validate_on_submit(): username = form.username.data password = form.password.data r = requests.post(url+':4900/v1/users/authenticate', json={'username': username, 'password': password}) json = r.json() if r.status_code == 200: id = json['_id'] access_token = json['accessToken'] user = login_manager.User() user.id = id + ';' + access_token flask_login.login_user(user) next = request.args.get('next') if not next or urlparse(next).netloc != '': next = url_for('dashboard') return redirect(next) elif r.status_code == 404 or r.status_code == 400: flash('An error occurred when trying to sign in.', 'danger') return render_template('auth/signin.html', form=form) return render_template('auth/signin.html', form=form)
def signin(request): signin_form = SignInForm form = signin_form(data=request.POST or None) if request.method == 'POST': form = SignInForm(request.POST) if form.is_valid(): data = form.cleaned_data username = data['username'] password = data['password'] #print username #print password cnx = mysql.connector.connect(user='******', password='******', database='watermeter') cursor = cnx.cursor() print "SELECT password FROM logins WHERE username = '******';" query = ("SELECT password FROM logins WHERE username = '******';") cursor.execute(query) result=cursor.fetchall() print cursor success = 0 #print result[0] + '...' + result[1] for passw in result: print "Entered loop..." print passw,password if(password=='password'): success = 1 break cnx.commit() cursor.close() cnx.close() if(success==1): return HttpResponseRedirect('/profilepage') else: return HttpResponseRedirect('/signin') else: return render(request, 'signin.html', {'form': form})
def sign_in(): form = SignInForm(request.form) if request.method == 'POST' and form.validate(): if (form.nickname.data == 'admin' and form.password.data == 'admin'): var = {} session["admin"] = True var['title'] = 'FSecurity | Admin' return redirect(url_for('show_all_files')) db = get_db() query = db.cursor().execute("select * from profile where login = ? and password =? ;", \ [form.nickname.data, form.password.data]).fetchall() if (len(query)==1): session["sign_in"] = True session["nickname"] = form.nickname.data session["id"] = query[0][0] flash("Hello {user}!".format(user=session["nickname"])) return redirect(url_for('index')) else: flash("Wrong user") db = get_db() db.cursor().execute('insert into log(profile_id, description, warning_level, data) values(?, ?, ?, ?);', \ [None, "{user} try to enter with {password}"\ .format(user=form.nickname.data, password=form.password.data), 2, time()]) db.commit() var = {} var['title'] = 'FSecurity | Sign in' var['form'] = form return render_template('sign_in.html', **var)
def sign_in(action=None): form = SignInForm() other_text = action if form.validate_on_submit(): try: user = User.get(User.username**form.name_email.data) except DoesNotExist: try: user = User.get(User.email**form.name_email.data) except DoesNotExist: flash( 'Could not find a user with that username/email and password combination' ) return render_template('signin.html', form=form) else: user_exists = True else: user_exists = True if user_exists: if check_password_hash(user.password, form.password.data): if action: try: return redirect(url_for(action)) except BuildError: flash('Could not find the action to verify') return redirect(url_for('index')), 404 login_user(user, remember=form.remember.data) flash('You have been logged in! Go ahead, explore!') return redirect(url_for('index')) else: flash( 'Could not find a user with that username/email and password combination' ) return render_template('signin.html', form=form, text=other_text)
def signup(): """ This function is used to validate user's entrance """ sign_in_form = SignInForm(request.form) if request.method == 'POST' and sign_in_form.validate_on_submit(): data = request.form doc = get_doctor_by_email(data['email'], connection) if not doc: flash('There are no doctor with \ such an email in our database.') return render_template('index.html', form=sign_in_form) elif doc[4] != data['password']: flash('Entered password is incorect.') return render_template('index.html', form=sign_in_form) # Session starts for doctor here session.pop('doctor_id', None) session['doctor_id'] = doc[0] return redirect(url_for('cabinet')) return render_template('index.html', form=sign_in_form)
def sign_in(): form = SignInForm(csrf_enabled=False) if request.method == "GET": return render_template("signin.html", form=form) elif request.method == "POST": if not form.validate(): return render_template("signin.html", form=form) else: result = g.conn.execute('''SELECT EXISTS (SELECT * FROM people WHERE email = '%s' AND password = '******')''' % (form.email.data, form.password.data)) row = result.fetchone() if row[0]: person = g.conn.execute( '''(SELECT * FROM people WHERE email = '%s' AND password = '******' LIMIT 1)''' % (form.email.data, form.password.data)) person_id = (person.fetchone()[0]) peeps = g.conn.execute( '''(SELECT * FROM people WHERE email = '%s' AND password = '******' LIMIT 1)''' % (form.email.data, form.password.data)) person_name = (peeps.fetchone()[9]) session['email'] = form.email.data session['person_id'] = person_id session['person_name'] = person_name return render_template("dashboard.html", form=form) else: return render_template("signin.html", form=form, session=session)
def signin(): """ Sign in an existing user """ form = SignInForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data password = form.password.data if username: try: user = User.objects.get(username=username) except User.DoesNotExist: form.username.errors = ['No such user or password'] else: if not user.check_password(password.encode()): form.username.errors = ['No such user or password'] else: login_user(user) return redirect('/') else: form.username.errors = ['Enter an email address'] # Not a POST or errors context = {'form': form} content = render_template('signin.html', **context) return content
def signin(): form = SignInForm() if form.validate_on_submit(): if auth_manager.signin(form): flash_success("Signed in successfully!") else: flash_error() return redirect("/")
def signInPage(): form = SignInForm() errorCode = None if form.validate_on_submit(): errorCode = insertCustomer() return render_template('signIn.html', signInForm=form, errorCode=errorCode, isAdmin=config.adminLoggedIn)
def homePage(): print("Hello") login_url = sp_oauth.get_authorize_url() return redirect(login_url) # results = sp.current_user_top_tracks(limit=50, time_range='medium_term') print("World") form = SignInForm() if form.validate_on_submit(): return redirect(url_for('userInfo')) return render_template('HomePage.html', form=form)
def sign_in(request): if request.user.is_authenticated(): return HttpResponseRedirect('/') email = password = '' if request.method == 'POST': form = SignInForm(request.POST) if form.is_valid(): email = form.cleaned_data['signin_email'] password = form.cleaned_data['password'] # hack to use emails only user = authenticate(username=email, password=password) if user is not None: if user.is_active: login(request, user) return HttpResponseRedirect('/') else: form.addError( "Your account is not active, please contact the site admin." ) else: form.addError("Your email and/or password were incorrect.") else: # register form = SignInForm() return render_to_response('sign_in.html', { 'form': form, 'user': request.user }, context_instance=RequestContext(request))
def sign_in(request): if request.method == 'POST': form = SignInForm(request.POST) if form.is_valid(): results = User.objects.filter(email=form.cleaned_data['email']) if len(results) == 1: if results[0].check_password(form.cleaned_data['password']): request.session['user'] = results[0].pk email = request.POST['email'] password = request.POST['password'] user = authenticate(username=email, password=password) if user is not None: if user.is_active: login(request, user) return HttpResponseRedirect('/company_profile/') else : form.addError('Account Disabled') else: form.addError('Incorrect email address or password') else: form.addError('Incorrect email address or password') else: form = SignInForm() return render_to_response('sign_in.html',{'form': form,},RequestContext(request) )
def sign_in(): sign_in_form = SignInForm(request.form) if sign_in_form.validate(): login = sign_in_form.login.data password = sign_in_form.password.data session['login'] = login return redirect(url_for('shortener')) else: errors = sign_in_form.login.errors +\ sign_in_form.password.errors return render_template('errors.html', errors=errors)
def signin(): form = SignInForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is not None and user.verify_password(form.password.data): # log in login_user(user) return redirect(url_for('main.dashboard')) else: flash('Invalid username or password.', 'danger') return render_template('auth/signin.html', form=form, title='Sign In')
def index(): form = SignInForm() if form.validate_on_submit(): if form.check_login_credentials(): return redirect( url_for('user_timeline', username=form.username.data, tweets=tweets)) else: flash("Invalid username or password") return render_template('index.html', form=form)
def admin(): form = SignInForm() if form.validate_on_submit(): if check_pass(form.username.data, form.password.data): login_user(User(form.username.data)) flash('Logged in successfully.') next_page = session.get('next', '/POSTS') session['next'] = '/POSTS' return redirect(next_page) else: flash('Invalid Admin username/password') return render_template('MyAdmin.html', form=form)
def signin(): form = SignInForm() if form.validate_on_submit(): user = User.query.filter_by(email = form.email.data).first() if user is None: return render_template("signin.html",message="Email not found",form=form) elif user.password != form.password.data: return render_template("signin.html",message="Wrong password",form=form) else: session["USERID"] = user.id return redirect(url_for('home')) return render_template("signin.html",form=form)
def signin(request): if request.method == "POST": form = SignInForm(request.POST) if form.is_valid(): user = form.cleaned_data["user"] if form.cleaned_data["remember"]: request.session.set_expiry(9999999) login(request, user) return HttpResponseRedirect("/accounts/") else: form = SignInForm() return render_to_response("accounts/login.html", {"form": form}, context_instance=RequestContext(request))
def signin(request): logout(request) if request.method == 'POST': form = SignInForm(data=request.POST) if form.is_valid(): # login_user = authenticate(username=request.POST['username'],password=request.POST['password']) login_user = form.get_user() login(request, login_user) return redirect('/dashboard') else: form = SignInForm() return render(request, 'SignIn.html', {'form': form, 'isLoggedIn': 'False'})
def sign_in(): form = SignInForm() if request.method == 'POST': form = SignInForm(request.form) if form.validate(): user = User.objects().get(email=form.email.data) if login_user(user, remember='yes'): current_app.logger.info('Signed In') flash({'type': 'success', 'text': 'Signed In'}) return redirect('/') else: current_app.logger.info('login failed') flash({'type': 'error', 'text': 'Failed'}) return render_template("/auth/sign-in.html", **locals())
def sign_in(): form = SignInForm() if request.method == 'POST': form = SignInForm(request.form) if form.validate(): user = User.objects().get(email=form.email.data) if login_user(user, remember='yes'): current_app.logger.info('Signed In') flash({'type':'success', 'text':'Signed In'}) return redirect('/') else: current_app.logger.info('login failed') flash({'type':'error', 'text':'Failed'}) return render_template("/auth/sign-in.html", **locals())
def signin(): if current_user.is_authenticated: return redirect(url_for('account')) form = SignInForm() if form.validate_on_submit(): user = Users.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user, remember=form.remember.data) next_page = request.args.get('next') if next_page: return redirect(next_page) else: return redirect(url_for('account')) return render_template('signin.html', title='Sign In', form=form)
def signin(): form = SignInForm() if g.is_logged_in == True: return redirect(url_for('profile')) if request.method == 'POST': if form.validate() == False: return render_template('signin.html', form=form) else: session['email'] = form.email.data return redirect(url_for('profile')) elif request.method == 'GET': return render_template ('signin.html', form=form)
def signIn(request): """Login page form""" context = {} if (request.method == "GET"): context['form'] = SignInForm() return render(request, 'login.html', context) form = SignInForm(request.POST) if (not form.is_valid()): context['form'] = form return render(request, 'login.html', context) login(request, form.user) return redirect(reverse('main'))
def signIn(request): if request.user.is_authenticated(): return HttpResponseRedirect('/') if request.method == 'POST': form = SignInForm(request.POST) if form.is_valid(): if form.get_user(): login(request, form.get_user()) return HttpResponseRedirect('/settings') else: form = SignInForm() return render_to_response('sign_in.html', {'form': form}, RequestContext(request))
def signin(): form = SignInForm() if request.method == 'POST': if form.validate() == False: return render_template('signin.html', form=form) else: session['username'] = form.username.data # also store the userID user = User.query.filter_by(username = form.username.data.lower()).first() session['userID'] = user.userID return redirect(url_for('profile')) elif request.method == 'GET': return render_template('signin.html', form=form,communityform=CreateCommunityForm())
def signin(): form = SignInForm(request.form) if 'email' in session: redirect(url_for('profile')) if request.method == 'POST': if form.validate() == False: return render_template('signin.html', form=form) else: session['email'] = form.email.data return redirect(url_for('profile')) return render_template('signin.html', form=form)
def signin(): form = SignInForm() if 'rollno' in session: return redirect(url_for('profile')) if request.method == 'POST': if form.validate() == False: return render_template('signin.html',form = form) else: session['rollno'] = form.rollno.data return redirect(url_for('profile')) elif request.method == 'GET': return render_template('signin.html',form = form)
def signin(): form = SignInForm() if form.validate_on_submit(): user_email = form.email.data user_password = form.password.data remember_me = form.remember_me.data this_user = User.query.filter_by(email=user_email).first() if this_user is not None or this_user.check_password(user_password) is True: login_user(this_user, remember=remember_me) flash('Successfully Logged In') return redirect(request.args.get('next') or '/') else: return "Login Failed" else: return "Login"
def sign_in(): sign_in_form = SignInForm() if sign_in_form.validate_on_submit(): user_name = sign_in_form.username.data password = generate_password_hash(sign_in_form.password.data) users_model = UsersModel(db.get_connection()) if not users_model.get(user_name=user_name): user_id = users_model.insert(user_name, password) session['username'] = user_name session['user_id'] = user_id return redirect("/index") return render_template("sign_in.html", title="Зарегестрироваться", form=sign_in_form)
def signin(request): context = {} context['form'] = SignInForm() if request.method == 'POST': form = SignInForm(request.POST) context['form'] == form if form.is_valid(): username = form.cleaned_data['username'] password = form.cleaned_data['password'] try: auth_user = authenticate(username=username , password=password) login(request, auth_user) return redirect('/countrylist/') except Exception, e: return HttpResponse('')
def sign_in(): if current_user.is_authenticated: return redirect(url_for('doctor.questions')) from utils import verify_email, verify_password form = SignInForm() if form.validate_on_submit(): doctor = verify_email(form.email.data) if doctor is not None and verify_password(doctor, form.password.data): login_user(doctor, form.remember_me.data) flash('Welcome, Dr. %s' % doctor.first_name) return redirect( request.args.get('next') or url_for('doctor.questions')) else: flash('Invalid username or password!') redirect(url_for(request.endpoint)) form.email.data = request.form.get('email') return render_template('doctor/signin.html', form=form)
def signin(): form = SignInForm() if form.validate_on_submit(): flash(f'{form.fullname.data} has been signed in!', 'success') cursor = connect.cursor() cursor.execute( ''' INSERT INTO patient VALUES (%s, %s, %s, %s, %s, %s, %s)''', (form.ssn.data, form.fullname.data, form.gender.data, form.date_of_birth.data, form.address.data, form.phone_number.data, form.emergency_contact_number.data)) connect.commit() cursor.execute(''' INSERT INTO emergencycontact VALUES(%s, %s, %s)''', (form.ssn.data, form.emergency_contact_name.data, form.emergency_contact_number.data)) connect.commit() return redirect(url_for('hello')) return render_template('signin.html', form=form)
def sign_in(request): if request.user.is_authenticated(): return HttpResponseRedirect('/') email = password = '' if request.method == 'POST': form = SignInForm(request.POST) if form.is_valid(): email = form.cleaned_data['signin_email'] password = form.cleaned_data['password'] # hack to use emails only user = authenticate(username=email, password=password) if user is not None: if user.is_active: login(request, user) return HttpResponseRedirect('/') else: form.addError( "Your account is not active, please contact the site admin.") else: form.addError("Your email and/or password were incorrect.") else: # register form = SignInForm() return render_to_response( 'sign_in.html', { 'form': form, 'user': request.user }, context_instance=RequestContext(request) )
def login_user(): form = SignInForm() if form.validate_on_submit(): email = form.email.data password = form.password.data user = User.authenticate(email, password) if user: flash('Welcome!!', "success") session['username'] = user.username return redirect(f"/users/{user.username}") else: form.email.errors = ['Invalid username/password.'] return render_template('login.html', form=form)
def sign_out(): form = SignInForm() return render_template( "form.html", is_sign_in=False, form=form, is_invited=is_invited(session.get("email")), autocomplete_data=get_autocomplete_data(), )
def login(): if (current_user.is_authenticated): return redirect(url_for('index')) form = SignInForm() if (form.validate_on_submit()): user = User.query.filter_by(username=form.username.data).first() if (user is None or not check_password_hash(user.hashed_password, form.password.data)): flash("Invalid credentials", "error-message") return redirect(url_for('login')) login_user(user) flash("You have been successfully logged in", "success-message") return redirect(url_for('index')) return render_template('login.html', form=form)
def sign_in(): form = SignInForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data, password=password_hash(form.password.data)).first() if user is None: flash(_('Wrong email or password')) elif user.active is False: flash(_('Your account is deactivated')) elif user.confirmed is False: flash(_('Your account is not confirmed')) else: session['user_id'] = user.id user.signed_in = datetime.datetime.utcnow() db.session.commit() flash(_('Successfully signed in')) return redirect('') return render_template('sign_in.html', form=form)
def home(): """Render website's home page.""" form = SignInForm(request.form) if request.method == 'POST': # Pass this to the Consumer Notebook API session['username'] = request.form['username'] session['api_key'] = request.form['api_key'] return redirect('/products/') return render_template('home.html', form=form)
def signin(): form = SignInForm(request.form) if request.method == "POST": if form.validate(): username = form.username.data password = form.password.data remember = form.remember.data connection = pymongo.Connection(CONNECTION_STRING, safe=True) response = None try: username = user.validate_login(connection[DATABASE], username, password) except DoesNotExist: pigeon.error("You haven't registered yet!") response = app.make_response(redirect_back("signup")) except UserPasswordNotMatch: pigeon.error("Wrong username/password combination!") response = app.make_response(render_template("signin.html", form=form)) if not response: session_id = user.start_session(connection[DATABASE], username) if session_id == -1: pigeon.error("Internal error!") else: cookie = user.make_secure_val(session_id) # Set cookies to client. session_id = user.start_session(connection[DATABASE], username) cookie = user.make_secure_val(session_id) redirect_to_home = redirect_back("index") response = app.make_response(redirect_to_home) response.set_cookie(COOKIE, value=cookie) # Mark this user has logged in. session["logged_in"] = True session["username"] = username return response else: return response return render_template("signin.html", form=form, status="signin")
def sign_in(): form = SignInForm() return render_template( "form.html", is_sign_in=True, form_url=url_for("sign_in"), form=form, is_invited=is_invited(session.get("email")), autocomplete_data=get_autocomplete_data(), )
def adminsignin(): form = SignInForm() if request.method == "POST": if form.validate() == False: return render_template("adminsignin.html", form=form) else: email = form.email.data password = form.password.data admin = Admin.query.filter_by(email=email).first() if admin is not None and admin.check_password(password): return "Admin Login Success!" else: return redirect(url_for('adminsignin')) elif request.method == "GET": return render_template('adminsignin.html', form=form)
def usersignin(): form = SignInForm() if request.method == "POST": if form.validate() == False: return render_template("usersignin.html", form=form) else: email = form.email.data password = form.password.data user = Users.query.filter_by(email=email).first() if user is not None and user.check_password(password): return "User Login Success!" else: return redirect(url_for('usersignin')) elif request.method == "GET": return render_template('usersignin.html', form=form)
def signin(): """ Handle requests to the /signin route. :return: """ form = SignInForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is not None and user.verify_password(form.password.data): signin_user(user) if user.is_admin: return redirect(url_for('home.admin')) else: return redirect(url_for('home.start')) else: flash('Invalid email or password.') return render_template('auth/signin.html', title='Sign In', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = SignInForm() if form.validate_on_submit(): user = session.query(User).filter_by(email=form.email.data).first() if user is None: flash('Email is not registred') return redirect(url_for('login')) elif not user.check_password(form.password.data): flash('Wrong password') return redirect(url_for('login')) elif not user.is_active: flash('You have to confirm your account. Check your email') send_email(user.email) return redirect(url_for('login')) login_user(user) return redirect(url_for('index')) return render_template('login.html', title='Sign in', form=form)
def sign_in(request): error = False if request.method == 'POST': form = SignInForm(request.POST) if form.is_valid(): cd = form.cleaned_data email_address = cd['email'] given_password = cd['password'] try: user = JadeBusemUser.objects.get(email=email_address) except JadeBusemUser.DoesNotExist: error = True if error is False and check_password(given_password, user.password): request.session['email'] = user.email request.session['name'] = user.first_name request.session['user_id'] = user.user_id return HttpResponseRedirect('/', Context({'user': request.session, 'login': True})) else: error = True else: form = SignInForm() return render(request, 'user/sign_in.html', Context({'form': form, 'error': error}))
def sign_in(request): if request.user.is_authenticated(): return HttpResponseRedirect('/') if request.method == 'POST': form = SignInForm(request.POST) if form.is_valid(): result, request = utils.sign_in(request) if result: return HttpResponseRedirect('/') else: return render(request, 'general_form.html', {'form_id': 'sign-in', 'form_submit': 'sign in', 'form': form}) else: return render(request, 'general_form.html', {'form_id': 'sign-in', 'form_submit': 'sign in', 'form': form}) else: form = SignInForm() return render(request, 'general_form.html', {'form_id': 'sign-in', 'form_submit': 'sign in', 'form': form})
def signin(): """ Note: Using 'signin' rather than 'login' to emphasize that users use this app to sign in to a space (currently without authentication) rather than log in to a system. """ signin_form = SignInForm() # validate and store form data if signin_form.validate_on_submit(): # find this user in db # TODO: find by either user_name OR email - currently just user name, # but changing the name of the field in this form because otherwise # would have two fields called user_name in the template, filled in # with same thing user = User.query.filter_by(user_name=signin_form.user_name_or_email.data).first() # TODO: log in with either email or user_name if user is None: # TODO: account for user name OR email # right now, just for the sake of this working, setting: messg = 'User {} not found, pls try again or [insert link to sign up/create account tab]'.format( signin_form.user_name_or_email.data) flash(messg, category='error') else: if user.is_signed_in(): # TODO: account for user name OR email.. # if already signed in, tell them so messg = 'User {} already signed in on {}'.format(user.user_name, user.get_time_in()) flash(messg, category='warning') else: # determine which project(s) exactly, if one was chosen # TODO: a more elegant way to do that chosen_projects = [] if signin_form.project.data: for project in [signin_form.project_art, signin_form.project_business, signin_form.project_research, signin_form.project_other ]: if project.data: # if was checked or filled out chosen_projects.append(str(project.data)) chosen_proj_str = '; '.join(chosen_projects) # if not already signed, create and save Visit instance new_visit = Visit(signin_timestamp=datetime.now(), user_id=user.id, hangout=signin_form.hangout.data, get_help=signin_form.get_help.data, computer=signin_form.computer.data, volunteer=signin_form.volunteer.data, dont_know=signin_form.dont_know.data, electronics_room=signin_form.electronics_room.data, laser_engraver=signin_form.laser_engraver.data, milling_machine=signin_form.milling_machine.data, three_d_printing=signin_form.three_d_printing.data, tour=signin_form.tour.data, vinyl_cutter=signin_form.vinyl_cutter.data, project = signin_form.project.data, project_art = signin_form.project_art.data, project_business = signin_form.project_business.data, project_research = signin_form.project_research.data, project_other = signin_form.project_other.data, projects = chosen_proj_str, for_class=signin_form.for_class.data, which_class=signin_form.which_class.data, other=signin_form.other.data, other_text=signin_form.other_text.data, ) db.session.add(new_visit) db.session.commit() messg = '{} is signed in'.format(user.user_name) flash(messg, category='info') # did not validate, so return with the same signin form (otherwise won't be # able to see the errors) else: return render_template('base.html', anchor='signin', signin_form=signin_form, signup_form=SignUpForm(), signed_in_users=get_signed_in_users()) return redirect(url_for('.index'))
def signin(request): message = request.messages.get_message('security') if request.method == 'POST': form = SignInForm( request.POST, show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'], show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'], request=request ) if form.is_valid(): try: # Configure correct auth and redirect links if request.firewall.admin: auth_method = auth_admin success_redirect = reverse(site.get_admin_index()) else: auth_method = auth_forum success_redirect = reverse('index') # Authenticate user user = auth_method( request, form.cleaned_data['user_email'], form.cleaned_data['user_password'], ) if not request.firewall.admin and request.settings['sessions_hidden'] and form.cleaned_data['user_stay_hidden']: request.session.hidden = True sign_user_in(request, user, request.session.hidden) remember_me_token = False if not request.firewall.admin and request.settings['remember_me_allow'] and form.cleaned_data['user_remember_me']: remember_me_token = get_random_string(42) remember_me = Token( id=remember_me_token, user=user, created=timezone.now(), accessed=timezone.now(), hidden=request.session.hidden ) remember_me.save() if remember_me_token: request.cookie_jar.set('TOKEN', remember_me_token, True) request.messages.set_flash(Message(request, 'security/signed_in', extra={'user': user}), 'success', 'security') return redirect(success_redirect) except AuthException as e: message = Message(request, e.type, extra={'user':e.user, 'ban':e.ban}) message.type = 'error' # If not in Admin, register failed attempt if not request.firewall.admin and e.type == auth.CREDENTIALS: SignInAttempt.objects.register_attempt(request.session.get_ip(request)) # Have we jammed our account? if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)): request.jam.expires = timezone.now() return redirect(reverse('sign_in')) else: message = Message(request, form.non_field_errors()[0]) message.type = 'error' else: form = SignInForm( show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'], show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'], request=request ) return request.theme.render_to_response('signin.html', { 'message': message, 'form': FormLayout(form, [ ( None, [('user_email', {'attrs': {'placeholder': _("Enter your e-mail")}}), ('user_password', {'has_value': False, 'placeholder': _("Enter your password")})] ), ( None, ['user_remember_me', 'user_stay_hidden'], ), ]), 'hide_signin': True, }, context_instance=RequestContext(request));