def login():
if current_user.is_authenticated: #current user from flask-login, if it is authenticated not then its anonymous.
flash("user already logged in")
return redirect(url_for("main.index"))
form = LoginForm()
if form.validate_on_submit(
): #fails if user do get request to login page like without clicking submit / or any validation on field fails
user = User.query.filter_by(name=form.name.data).first(
) #first return uer obj only when entry is present
if user is None or not user.check_password(form.password.data):
flash("login failed")
return redirect(url_for("auth.login"))
login_user(
user, remember=form.remember.data
) #flask login function -> taking user object from db -> saves it in its session
#now current_user variable will point to this user -> and its authenticated
print("--------CURRENT USER-- ", current_user)
flash("user logged in")
return redirect(url_for("main.index"))
return render_template("authentication/login.html",
title="sign in form",
form=form) #login failed -> try again
def signin():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
flash('Welcome %s' % user.name)
return redirect(url_for('auth.home'))
flash('Wrong email or password', 'error-message')
return render_template("authentication/signin.html", form=form)
def do_the_login():
if current_user.is_authenticated:
flash('you are already logged-in')
return redirect(url_for('main.display_books'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(user_email=form.email.data).first()
if not user or not user.check_password(form.password.data):
flash('Invalid Credentials, Please try again')
return redirect(url_for('authentication.do_the_login'))
login_user(user, form.stay_loggedin.data)
return redirect(url_for('main.display_books'))
return render_template('login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if not user:
flash('Who are you ?')
if not user.confirmed:
flash('Confirm your account before logging in')
return redirect(url_for('login'))
if user.locked:
flash(
"Your account has been locked.\n Please wait for the asministrator to unlock your account"
)
return redirect(url_for('login'))
if user.id != 1 and not user.activated:
flash("Please wait for the administrator to activate your account")
return redirect(url_for("login"))
if not user.check_password(form.password.data):
user.failedLogin += 1
if user.failedLogin >= 3:
user.locked = True
db.session.add(user)
db.session.commit()
flash('Invalid username or password')
return redirect(url_for('login'))
if not user.verify_totp(form.token.data):
user.failedLogin += 1
if user.failedLogin >= 3:
user.locked = True
db.session.add(user)
db.session.commit()
flash('Invalid token')
return redirect(url_for('login'))
user.failedLogin = 0
db.session.add(user)
db.session.commit()
login_user(user, remember=form.remember_me.data)
session['logged_in'] = True
session['number'] = str(uuid4())
session.permanent = True
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('authentication/login.html',
title='Sign In',
form=form)
def signin():
form = LoginForm(request.form)
if 'token' in session:
user = User.verify_token(session['token'])
if user:
return redirect(url_for('auth.profile'))
if request.method == 'POST':
if form.validate():
user = User.query.filter_by(email=form.email.data).first()
session['user_id'] = user.id
session['token'] = user.generate_token()
session['email'] = user.email
session['user_name'] = user.username
return redirect(url_for('auth.profile'))
return render_template("authentication/signin.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('videoapp.videolist'))
form = LoginForm()
if form.validate_on_submit():
user = User.find_user(form.username.data)
if user is None or not user.check_password(
form.password.data) or not user.enabled:
flash('Incorrect user or password')
return redirect(url_for('videoapp.videolist'))
login_user(user, form.remember_me.data)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('videoapp.index')
return redirect(next_page)
return render_template('authentication/login.html',
title='Login',
form=form)
def get(self):
form = LoginForm(request.form)
try:
session, discharge = get_session_and_discharge(request)
valid_session = UserSessionValidator().verify(session, discharge)
if valid_session:
return render_template("auth/logged_in.html")
except Exception as e:
self.logger.exception(e)
return render_template("auth/login.html", form=form)
def post(self):
form = LoginForm(request.form)
if form.validate_on_submit():
try:
self._authenticate_credentials(form.email.data,
form.password.data)
session_macaroon, session_signature, auth_discharge = (
UserSessionFactory(
username=form.email.data).create_tokens())
response = make_response(
render_template("auth/logged_in.html", form=form))
self._set_session_cookie(response, session_macaroon,
session_signature, auth_discharge)
return response
except Exception as e:
self.logger.exception(e)
return render_template("auth/login.html", form=form)
