def route_login():
if request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
login_info = data_manager.get_user_login_info(username)
if login_info and hash.verify_password(password,
login_info['password']):
session['username'] = username
session['users_id'] = data_manager.identify_user(username)
else:
session['username'] = '******'
return redirect('/list')
def login():
if request.method == 'POST':
login_data = request.form.to_dict()
user_data_from_database = data_manager.get_user_data(login_data)
if user_data_from_database:
is_correct_password = hash.verify_password(
login_data["password"], user_data_from_database["password"])
if is_correct_password:
session["username"] = login_data["username"]
session["user_id"] = user_data_from_database["id"]
return redirect(url_for('index'))
return render_template('login.html', failed_login=True)
return render_template('login.html')
def validate_user(name, password):
user_name = data_manager.select_query(table='users',
column='password',
clause='WHERE',
condition=['name', '=', name])
try:
return {
"name":
name,
"password_legit":
hash.verify_password(password, user_name[0]['password'])
}
except IndexError:
return {"name": name, "password_legit": False}
def check_login(cursor, username, password):
cursor.execute(
"""
SELECT username, pw_hash FROM users
WHERE username = '******'
""".format(username)
)
data = cursor.fetchone()
if data is None:
return False
if data['username'] == username and hash.verify_password(password, data['pw_hash']):
return True
else:
return False
def login():
if request.method == 'POST':
if request.method == 'POST':
user_info = request.form.to_dict()
username = user_info['username']
unhashed_pass = user_info['password']
retrieve_password = data_manager.check_login_data(username)
actual_password = retrieve_password[0]['password']
hashed_pass = hash.verify_password(unhashed_pass, actual_password)
if hashed_pass is True:
session['username'] = request.form['username']
return redirect(url_for('list_5_questions'))
else:
return redirect(url_for('list_5_questions'))
else:
return render_template('list_questions.html')
def login() -> dict:
"""
Login / Set cookie and generate token
:return: res
"""
if not request.form or ('username' not in request.form or 'password' not in request.form):
return make_response({'Error': 'Bad Request'}, 400)
user_data = request.form
user = user_data['username']
password = user_data['password']
query_user = database.query_one(f'SELECT * FROM users WHERE username="******"')
if not query_user:
return make_response({'Error': 'Invalid login'}, 401)
verify_password = hash.verify_password(query_user['password'], password)
# Must be TRUE
if verify_password != True:
return make_response({'Error': 'Password does not match'}, 401)
refresh_token = generate_refresh_token({'id': query_user['id']})
token = generate_token({'id': query_user['id']})
payload = {
'token': token.decode(),
'refresh_token': refresh_token.decode()
}
res = make_response(payload)
res.set_cookie(key='refresh_token', value=payload['refresh_token'], httponly=True, domain='127.0.0.1',
path='/refresh-token')
# samesite = 'Lax'
return res
def search_user(self, email, password):
self.connect_db()
try:
with self._conn:
result = self._cursor.execute(
"""
SELECT * FROM user WHERE email=?
""", (email, ))
stored_password = self.return_password(result.fetchall())
if stored_password is not None and verify_password(
stored_password, password):
data = {
'status': 'ok',
'message': "success",
}
return data
data = {
'status': None,
'message': "Cliente não encontrado",
}
return data
data = {
'status':
None,
'message':
"Não foi possível estabelecer uma conexão com o servidor",
}
return data
finally:
self._conn.close()
import connect
from hash import verify_password
un = input("Username: "******"Password: "******"SELECT password FROM users WHERE username = %s"
adr = (un, )
connect.mycursor.execute(sql, adr)
myresult = connect.mycursor.fetchall()
#will get the hashed passord as a string from the database
#print(myresult[0][0])
#checks the hashed pw from the db against the one entered by the user
#print(verify_password(myresult[0][0], pw))
verified = verify_password(myresult[0][0], pw)
if verified == True:
print("you're in")
else:
print("please try again")
