def login():
# login form class from forms.py
form = LoginForm()
# if no validation errors search for user
if request.method == 'POST':
if form.validate_on_submit():
user = User.objects.filter(
username=form.username.data.lower().strip()).first()
# if user exist check password
if user:
if bcrypt.hashpw(form.password.data,
user.password) == user.password:
session[
'username'] = form.username.data # set the session variables
return redirect(url_for('general_app.index'))
else:
return render_template(
'user/login.html',
error='Incorrect username or password')
# user does not exist
else:
return render_template('user/login.html',
error='Not a valid username. Register?')
return render_template('user/login.html', form=form)
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(username=form.username.data).first()
if user:
if bcrypt.hashpw(form.password.data.encode('utf-8'),
user.password.encode(
'utf-8')) == user.password.encode('utf-8'):
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
message = 'Login efetuado com sucesso.'
return redirect(
url_for('user_app.profile', username=user.username))
else:
user = None
if not user:
error = 'Senha ou nome de usuário incorreto'
return render_template('user/login.html', form=form, error=error)
def login():
if 'id' in session.keys():
flash("Already logged in!")
return redirect(url_for('home_app.index'))
form = LoginForm()
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next', None)
# this variable will be stored with a database query result row
valid_user_entry = form.validate_on_submit()
if (valid_user_entry):
#Add check for 2FA
if (valid_user_entry.user_status == 'TEMP'):
session['email'] = valid_user_entry.email
return redirect(url_for('user_app.verify_birthday'))
elif (valid_user_entry.otp_type == 'EMAIL'):
#Email is unique so use this to query the user in 2FA w/o logging user in
session['email'] = valid_user_entry.email
return redirect(url_for('user_app.two_factor_verification'))
#Redirect to the 2FA page
session['id'] = valid_user_entry.id
session['lname'] = valid_user_entry.lname
session['user_type'] = valid_user_entry.user_type
return redirect(
url_for('user_app.successful_login',
user_type=valid_user_entry.user_type))
return render_template('user/login.html', form=form)
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(
username=form.username.data
).first()
if user:
if bcrypt.hashpw(form.password.data, user.password) == user.password:
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
return redirect(url_for('home_app.home'))
else:
user = None
if not user:
error = 'Incorrect credentials'
return render_template('user/login.html', form=form, error=error)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter(
func.lower(User.username) == form.username.data).first()
if user:
if not user.is_approved:
flash('Account is not approved yet!', 'error')
flash(
'Please contact the admin to be be approve your account to login!',
'error')
flash('Admin info is found in the Contact tab!', 'error')
return render_template('user/login.html', form=form)
if bcrypt.hashpw(form.password.data,
user.password) == user.password:
login_user(user)
session['username'] = user.username
session['id'] = user.id
session['is_admin'] = user.is_admin
session['is_approved'] = user.is_approved
session['is_contributor'] = user.is_contributor
return redirect(request.args.get('next') or url_for('index'))
else:
error = 'Incorrect username or password'
flash(error, 'error')
else:
error = 'Incorrect username or password'
flash(error, 'error')
return render_template('user/login.html', form=form)
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(username=form.username.data).first()
if user:
pw_in = form.password.data
pw_check = maxx_encode(pw_in)
if user.password == pw_check:
# if bcrypt.hashpw(form.password.data, user.password) == user.password:
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
return redirect(url_for('home_app.home'))
# return "<h3 style='color:#CB4154'>Successful login</h3><h4 >Waiting to implement 'home_app.home'</h4>"
else:
user = None
if not user:
error = 'Incorrect credentials'
return render_template('user/login.html', form=form, error=error)
def login():
"""The login function allow the user entry into the application
depending on whether their password is correct or not.
"""
form = LoginForm()
error = None
_set_next_variable_to_session_if_found()
if form.validate_on_submit():
user = User.objects.filter(email=form.email.data).first()
if not user:
error = errors.INCORRECT_CREDENTIALS
else:
if not _is_email_address_confirmed(user):
error = errors.EMAIL_VERIFICATION
elif Password.check_password(form.password.data, user.password):
Session.add(session_name="username",
session_value=user.username.lower())
return redirect(url_for("home_app.home"))
else:
error = errors.INCORRECT_CREDENTIALS
return render_template("users/login/login.html", error=error, form=form)
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(
username=form.username.data
).first()
if user:
if bcrypt.hashpw(form.password.data, user.password) == user.password:
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
return 'User logged in'
else:
user = None
if not user:
error = 'Incorrect credentials'
return render_template('user/login.html', form=form, error=error)
def login():
invalid_msg = "Invalid Username or Password"
success_msg = "Successfully logged in."
form = LoginForm()
if form.validate_on_submit():
# Authentication check happens in form validators; if validation succeeded, log user in
return success_msg
return render_template('user/login.html', form=form)
def get_posts():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
return redirect(request.args.get('next') or url_for('main.index'))
flash('请输入正确的账号和密码')
return render_template('users/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
return redirect(request.args.get('next') or url_for('index'))
else:
flash("Invalid email or password!")
return render_template('user/login.html', form=form)
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password,
request.form['password']):
login_user(user)
flash('Welcome ' + user.email, 'success')
return redirect(url_for('main.home'))
else:
flash('Invalid email and/or password.', 'danger')
return render_template('user/login.html', form=form)
return render_template('user/login.html', form=form)
def login():
form = LoginForm()
error = None
if form.validate_on_submit():
user = User.getByName(form.username.data)
if user.email_confirmation:
if user and bcrypt.hashpw(form.password.data, user.password) == user.password:
session['username'] = user.username
return redirect(url_for('.profile', username=user.username))
error = "Incorrect Credentials"
else:
error = "Check you email to complete your registration"
return render_template("user/login.html", form=form, error=error)
def login():
form = LoginForm()
error = None
##check if user already logged in###
if session.get('email') or session.get('username'):
return redirect(url_for('user_app.home'))
####get next####
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
#login
if form.validate_on_submit():
user = User.objects.filter(email=form.email.data).first()
#only local user
#this is to prevent user login without password
if user and user.provider == 'local':
#check if email has been confirmed
if user.email_confirmed is False:
error = "คุณยังไม่ได้ยืนยันอีเมล์ เช็คที่กล่องอีเมล์ของคุณดูสิ ลองดูในกล่อง spam ถ้าหาไม่เจอนะ"
else:
#if everything checked out
if check_password_hash(user.password, form.password.data):
#put user type in session
session['who'] = 'user'
session['username'] = user.username
session['email'] = user.email
#go to home after login with username in session
#check if there is temp_storecode
if session.get('temp_storecode'):
storecode = session.get('temp_storecode')
session.pop('temp_storecode')
return redirect(
url_for('store_app.store_front',
storecode=storecode))
#redirect to next if any
elif 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
return redirect(url_for('user_app.home'))
else:
user = None
#if no user or useris not local
else:
error = 'Wrong username or password'
return render_template('user/login.html', form=form, error=error)
def login():
form = LoginForm()
error = None
if form.validate_on_submit():
user = User.objects.filter(username=form.username.data).first()
if user:
if bcrypt.hashpw(form.password.data,
user.password) == user.password:
session['username'] = form.username.data
else:
user = None
if not user:
error = 'Incorrect credentials'
return render_template('user/login.html', form=form, error=error)
def login():
form = LoginForm()
error = None
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user:
password_check = bcrypt.checkpw(form.password.data.encode('utf8'),
user.password)
if password_check:
session['username'] = form.username.data
return 'User Logged In'
else:
user = None #if password fails overwrite previous user
if not user: # this structure necessary to avoid username guessing
error = 'Invalid credentials'
return render_template('user/login.html', form=form, error=error)
def login():
"""Login view."""
form = LoginForm()
if form.validate_on_submit():
try:
log_user = models.User.get(models.User.username == form.username.data)
except models.DoesNotExist:
flash("Your username or password doesn't match!", "error")
else:
if check_password_hash(log_user.password, form.password.data):
login_user(log_user)
flash("You've been logged in!", "success")
return redirect(url_for('index'))
else:
flash("Your username or password doesn't match!", "error")
return render_template('user/login.html', form=form)
def login():
# Login form in login view
login_form = LoginForm()
if not flask_login.current_user.is_authenticated():
if login_form.validate_on_submit():
username = login_form.username.data
try:
current_user = models.User.get(
models.User.username == username)
except models.DoesNotExist:
flash("Your username or password doesn't match!", "error")
return redirect(url_for('login'))
# TODO: Check this logic in the next try catch statement maybe no need it.
if current_user.active:
try:
log_user = models.User.get(
models.User.username == username)
except models.DoesNotExist:
flash("Your username or password doesn't match!", "error")
else:
if check_password_hash(log_user.password,
login_form.password.data):
login_user(log_user)
flash("You've been logged in!", "success")
_next = request.args.get('next')
if _next:
return redirect(_next)
else:
return redirect(url_for('dashboard'))
else:
flash("Your username or password doesn't match!",
"error")
else:
flash("You account is not active yet, please check you email.",
"no-active")
return render_template('user/login.html',
section="user",
title="Login",
log_form=login_form,
register_form=RegisterForm(),
forgot_form=ForgotCredentialReset(),
resend_from=ResendActivationEmailForm())
# TODO: Find why this has been printing twice!
flash("You are logged in already.", "success")
return redirect(url_for('dashboard'))
def login():
form = LoginForm()
error = None
# Require a method that if the login page is accwssed from anoher page
# say the profile, then a re-direct back to the page of origin will be necessary
# this is handled by the 'next' method
# first check that the method accesing the login page was a GET and that
# the GET request contains a next
if request.method == 'GET' and request.args.get('next'):
# store that next in a session so that it can redirect back
session['next'] = request.args.get('next')
if form.validate_on_submit(): # Valid entry in the form
# Examine database to see if the user exists
# Find the first occurance because only unique usernames should be
# present
user = User.objects.filter(username=form.username.data).first()
# If found
if user:
# Check password is correct by comparing the hashed passwords
if bcrypt.hashpw(form.password.data,
user.password) == user.password:
# if a next session exists. A next session is created when
# the login is accessed from another page
if 'next' in session:
# get that session url and store as next
next = session.get('next')
# delete the session[next] so that further redirects will not happen
session.pop('next')
# rediect back to the page of origin
return redirect(next)
else:
# if there was no next
# set the session to the username and return to user logged in/user
session['username'] = form.username.data
return 'User logged in'
else:
user = None
# Use 'if not user' here rather than else bc the user may be correct but the password not
# so with the user set to None the if statemment is correct
if not user:
error = 'Incorrect username / password'
return render_template('user/login.html', form=form, error=error)
def login():
form = LoginForm()
error = None
if form.validate_on_submit():
user = User.query.filter_by(
username = form.username.data
).first()
if user:
if user.password == form.password.data:
session['username'] = form.username.data
session['is_admin'] = user.is_admin
flash("Hello %s -- login successful!" % form.username.data)
if user.is_admin:
return redirect(url_for('admin'))
else:
return redirect(url_for('member'))
else:
error = "Incorrect username or password"
else:
error = "Incorrect username or password"
return render_template("user/login.html", form = form, error = error)
def login():
""" This is a login route. It validates the login form and checks the user
if it exists or not and also checks for the correct username and password"""
error = ""
# Initialzing the login form
form = LoginForm()
# Checking if redirect url is present after login
if request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
if Signup.query.filter_by(username=form.username.data).first():
user = Signup.query.filter_by(username=form.username.data).first()
# Matching the password and logging user
if check_password_hash(user.password, form.password.data):
if 'next' in session and session['next'] != None and session[
'next'] != '/logout':
next = session['next']
if form.remember.data:
login_user(user, remember=True)
return redirect(next)
else:
login_user(user, remember=False)
return redirect(next)
else:
if form.remember.data:
login_user(user, remember=True)
return redirect(
url_for('timeline', username=user.username))
else:
login_user(user, remember=False)
return redirect(
url_for('timeline', username=user.username))
else:
error = 'Wrong username or password'
else:
error = 'Wrong username or password'
return render_template('user/login.html', form=form, error=error)
def login():
form = LoginForm()
error = None
if request.method == "GET" and request.args.get("next"):
session["next"] = request.args.get("next")
if form.validate_on_submit():
user = User.objects.filter(
username=form.username.data).first()
if user:
if bcrypt.hashpw(form.password.data, user.password) == user.password:
session["username"] = form.username.data
if "next" in session:
next = session.get("next")
session.pop("next")
return redirect(next)
return redirect(url_for("home_app.home"))
else:
user = None
if not user:
error = "Incorrect credentials"
return render_template("user/login.html", form=form, error=error)
def login():
form = LoginForm()
error = None
# Keeps track of requested url if redirected to login from another page
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next', None)
if form.validate_on_submit():
user = User.query.filter_by(
username=form.username.data,
password=form.password.data
).first()
if user: # if user is found
session['username'] = form.username.data
session['userID'] = user.id
# if they were redirect to login then send to original requested url
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else: # otherwise send to login_success page
app.logger.info('%s: Successful login for: %s', datetime.datetime.utcnow(), form.username.data)
show_records = app.config['DEFAULT_ENTRIES_PER_PAGE']
records_per_page = app.config['DEFAULT_ENTRIES_PER_PAGE']
feed = getFeedData(session['userID'])
return render_template('gardenDiary/dashboard.html', feed=feed, show_records=show_records, records_per_page=records_per_page)
else: # bad username or password
error = "Incorrect username and/or password"
app.logger.warning('%s: Incorrect username and/or password: username:%s ', datetime.datetime.utcnow(), form.username.data)
return render_template('user/login.html', form=form, error=error)
def login():
login_form = LoginForm()
if get_current_user().is_anonymous():
if login_form.validate_on_submit():
username = login_form.username.data
try:
current_user = models.User.get(models.User.username == username)
except models.DoesNotExist:
flash("Your username or password is wrong!", "error")
return redirect(url_for('login'))
else:
if check_password_hash(current_user.password, login_form.password.data):
login_user(current_user)
flash("You have logged in!", "success")
return redirect(url_for('dashboard'))
else:
flash("Your username or password is wrong!", "error")
return redirect(url_for('login'))
return render_template('login.html',
login_form=login_form,
title="Login")
else:
flash("You are logged in already.", "success")
return redirect(url_for('dashboard'))
def login():
if request.method == "POST":
flag = 1
else:
flag = 0
print(session)
if current_user.is_authenticated:
print("Da log in roi ")
return redirect(url_for("home_app.home"))
else:
form = home_form()
login_form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if login_form.validate_on_submit():
user = User.objects.filter(
username=login_form.username.data).first()
if user:
if user.email_confirmed == False:
flash(" Vui lòng kích hoạt tài khoản qua email !")
flag = 0
return render_template("user/login.html",
form=form,
error=error,
login_form=login_form,
flag=flag)
if bcrypt.hashpw(
login_form.password.data.encode("utf-8"),
user.password.encode("utf-8")) == user.password.encode(
"utf-8"):
login_user(user,
remember=True,
duration=timedelta(days=60))
flash("Login successfully !")
#session['username'] = login_form.username.data
"""
if 'next' in session:
next = session.get('next')
session.pop('next')
if not is_safe_url(next):
return abort(400)
return redirect(next)
else:
"""
return redirect(url_for("home_app.valuation"))
else:
print("Khong dung mat khau")
user = None
if not user:
error = 'Incorrect credentials !'
else:
#error = ""
for i, val in login_form.errors.items():
print(i, " || ", val)
return render_template("user/login.html",
form=form,
error=error,
login_form=login_form,
flag=flag)
