def user(): ''' route read user ''' if request.method == 'GET': query = request.args data = db.users.find_one({'email': query['email']}, {"_id": 0}) if bool(data): user = {} # for i in data: user['name'] = data['name'] user['email'] = data['email'] # data = list(db.users.find()) # data = {'data': data} return jsonify({'ok': True, 'data': user}), 200 else: return jsonify({'ok': False, 'message': 'No user exist with this mail'}), 400 data = request.get_json() if request.method == 'DELETE': if data.get('email', None) is not None: db_response = db.users.delete_one({'email': data['email']}) if db_response.deleted_count == 1: response = {'ok': True, 'message': 'record deleted'} else: response = {'ok': True, 'message': 'no record found'} return jsonify(response), 200 else: return jsonify({'ok': False, 'message': 'Bad request parameters!'}), 400 if request.method == 'PATCH': # if data.get('query', {}) != {}: data = request.get_json() user = db.users.find_one({'email': data['email']}, {"_id": 0}) if 'password' in data.keys() and 'name' in data.keys(): data['password'] = flask_bcrypt.generate_password_hash( data['password']) newvalues = { "$set": {"name": data['name'], "password": data['password']}} else: if 'password' in data.keys(): data['password'] = flask_bcrypt.generate_password_hash( data['password']) newvalues = {"$set": {"password": data['password']}} if 'name' in data.keys(): newvalues = {"$set": {"name": data['name']}} if bool(user): db.users.update_one(user, newvalues) return jsonify({'ok': True, 'message': 'User updated successfully!'}), 200 else: response = {'ok': True, 'message': 'no record found'} return jsonify(response) else: return jsonify({'ok': False, 'message': 'Bad request parameters: {}'.format(data['message'])}), 400
def register(): form = RegisterForm(request.form) current_app.logger.info(request.form) if request.method == "POST" and form.validate() == False: current_app.logger.info(form.errors) return "Registration Error" elif request.method == "POST" and form.validate(): email = request.form['email'] username = request.form['username'] # generate password hash password_hash = flask_bcrypt.generate_password_hash(request.form['password']) user = User(email, password_hash, True, username) try: user.save() if login_user(user, remember="no"): flash("Logged in!") return redirect(request.args.get('next') or '/jobs') else: flash("Unable to log you in") except: flash("Unable to register with that email address") current_app.logger.error("Error on registration - possible duplicate emails") return render_template('forms/register.html', form = form)
def register(): register_form = forms.SignupForm(request.form) current_app.logger.info(request.form) if request.method == 'POST' and not register_form.validate(): current_app.logger.info(register_form.errors) return '注册失败!' elif request.method == 'POST' and register_form.validate(): email = request.form['email'] password_hash = flask_bcrypt.generate_password_hash( request.form['password'], ) # Prepare User with register info from form user = User(email, password_hash) try: user.save() if login_user(user, remember='no'): flash('登录成功!') return redirect('/game') else: flash('登录失败!') except: flash('无法注册此电子邮箱地址!') current_app.logger.error( 'Error on Registration - possible duplicate emails.' ) # Prepare registration form template_data = {'form': register_form} return render_template('/auth/register.html', **template_data)
def signup_user(): from app.data.user_roles import get_role_by_code rolecode = request.values.get('rolecode') user_role = get_role_by_code(rolecode) if (user_role[0]): #check if its a valid code username = request.values.get('username').lower() password = request.values.get('password') password_hash = flask_bcrypt.generate_password_hash(password) new_id = User.query[-1].id + 1 u = User(username=username, password_hash=password_hash, id=new_id, role=user_role[1]) try: db_session_login.add(u) db_session_login.commit() except: return ('That username seems to already exist.') return ('success') else: return ('Failed: Invalid code')
def register(): form = SignupForm() if form.validate_on_submit(): email = request.form['email'] password = request.form['password'] # create password hash password_hash = flask_bcrypt.generate_password_hash(password) # prepare user user = Users(email=email, password=password_hash) try: db.session.add(user) db.session.commit() if login_user(user, remember='no'): flash('Account Created & Logged in') return redirect('/') else: flash('Unable to login') except: flash('Unable to register with given email address') current_app.logger.error('Error on registeration - possible duplicate emails') return render_template('/auth/register.html', form=form)
def register(): register_form = forms.SignupForm(request.form) current_app.logger.info(request.form) error = '' if request.method == 'POST' and False == register_form.validate(): error = "Registration error" elif request.method == 'POST' and register_form.validate(): email = request.form['email'] if u'CREATOR' in request.form['user_role']: isAdmin = True else: isAdmin = False password_hash = flask_bcrypt.generate_password_hash(request.form['password']) user = User(email=email, password=password_hash, admin=isAdmin) try: user.save() if login_user(user, remember=False): return redirect('/') else: error = "Unable to log in" except: error = "Error on registration - possible duplicate emails" data = { 'form': register_form, 'error': error } return render_template("/auth/register.html", **data)
def register(): register_form = forms.SignupForm(request.form) current_app.logger.info(request.form) error = '' if request.method == 'POST' and not register_form.validate(): error = "Registration error" elif request.method == 'POST' and register_form.validate(): username = request.form['username'] if u'CREATOR' in request.form['user_role']: isAdmin = True else: isAdmin = False password_hash = flask_bcrypt.generate_password_hash( request.form['password']) user = User(username=username, password=password_hash, admin=isAdmin) try: user.save() if login_user(user, remember=False): return redirect('/') else: error = "Unable to log in" except: error = "Error on registration - possible duplicate logins" data = {'form': register_form, 'error': error} return render_template("auth/register.html", **data)
def register(): first_name = request.get_json()['first_name'] last_name = request.get_json()['last_name'] email = request.get_json()['email'] password = flask_bcrypt.generate_password_hash( request.get_json()['password']).decode('utf-8') created = datetime.utcnow() user = Users.query.filter_by(email=email).first() if not user: data_user = Users(first_name=first_name, last_name=last_name, email=email, password=password, created=created) db.session.add(data_user) db.session.commit() user = Users.query.filter_by(email=email).first() result = { 'first_name': user.first_name, 'last_name': user.last_name, 'email': user.email, 'password': user.password, 'created': user.created } return jsonify({'result': result})
def register(): data = validate_user(request.get_json()) if data['ok']: data = data['data'] data['password'] = flask_bcrypt.generate_password_hash( data['password']).decode('utf-8') user = Users(login=data['login'], email=data['email'], password=data['password'], role=data['role']) db.session.add(user) db.session.commit() access_token = create_access_token(identity=user.json()) refresh_token = create_refresh_token( identity=user.json()) # Why it set return jsonify({ 'ok': True, 'access_token': access_token, 'refresh_token': refresh_token, 'user': user.json() }), 200 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def register(): ''' register user endpoint ''' data = request.get_json() if 'password' in data: data['password'] = flask_bcrypt.generate_password_hash( data['password']).decode('utf-8') del data['netId'] if db.put(data): return jsonify({ 'ok': True, 'message': 'User created successfully!' }), 200 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def register(): ''' register user endpoint ''' data = validate_user(request.get_json()) if data['ok']: data = data['data'] password = data['password'] data['password'] = flask_bcrypt.generate_password_hash( data['password']) user = db.users.find_one({'email': data['email']}, {"_id": 0}) # LOG.debug(user) if bool(user): return jsonify({'ok': False, 'message': 'User already exist with same email'}), 400 else: db.users.insert_one(data) user = {} user['name'] = data['name'] del data['name'] del data['_id'] data['password'] = password access_token = create_access_token(identity=data) refresh_token = create_refresh_token(identity=data) data['token'] = access_token data['refresh'] = refresh_token del data['password'] data['name'] = user['name'] # LOG.debug(data) return jsonify({'ok': True, 'data': data, 'message': 'User created successfully!'}), 200 else: return jsonify({'ok': False, 'message': 'Bad request parameters: {}'.format(data['message'])}), 400
def __init__(self, email, first_name, last_name, password, admin=False): self.email = email self.first_name = first_name self.last_name = last_name self.password = flask_bcrypt.generate_password_hash(password).decode( 'utf-8') self.registered_on = datetime.datetime.now() self.admin = admin
def register(): data = validate_user(request.get_json()) if data['ok']: data = data['data'] data['password'] = flask_bcrypt.generate_password_hash( data['password']) mongo.db.users.insert_one(data) return jsonify({'ok': True, 'message': 'User created successfully!'}), 200 else: return jsonify({'ok': False, 'message': 'Bad request parameters: {}'.format(data['message'])}), 400
def register(): register_form = forms.SignupForm(request.form) current_app.logger.debug(request.form) error_message = '' if request.method == 'POST': if not register_form.validate(): current_app.logger.debug(register_form.errors) error_message = '密码不一致' current_app.logger.debug('密码不一致!') else: #if not recaptchaCheck(request.form['g-recaptcha-response']): #return '请点击人机身份验证!' # Prepare User with register info from form access_code_obj = AccessCode.from_access_code( request.form['access_code'], ) if access_code_obj is None: error_message = '邀请码不正确' current_app.logger.debug('邀请码不正确!') current_app.logger.debug('wrong access code!') else: # If we get access code correctly reg_timestamp = datetime.datetime.now() user = User( user_id=str(uuid.uuid4()), # generate unique user id email=request.form['email'], username=request.form['username'], password=flask_bcrypt.generate_password_hash( request.form['password'], ), role=access_code_obj.role, register_t=reg_timestamp, expire_t=reg_timestamp + datetime.timedelta(days=access_code_obj.expiration, ), last_active_t=reg_timestamp, ) current_app.logger.debug('Try to save and login!') #try: user.save_register() current_app.logger.debug('Save new user completed!') if login_user(user, remember=True): current_app.logger.debug('Login successful!') current_app.logger.debug('user %s' % user.user_id) return redirect('/userGameStatuses') else: error_message = '登录失败' current_app.logger.debug('Login successful!') current_app.logger.debug('登录失败!') #except: # current_app.logger.error( # 'Error on Registration - possible duplicate emails.' # ) # Prepare registration form template_data = {'form': register_form, 'error_message': error_message} return render_template('/auth/register.html', **template_data)
def login(): if current_user.is_authenticated: return redirect(url_for("main.index")) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() sample_password = flask_bcrypt.generate_password_hash(b"aaaa") if user is None: user = User(password_hash=sample_password) if not user.check_password(form.password.data): flash(_("Invalid username or password")) return redirect(url_for("auth.login")) user_otp = OTP.query.filter_by(user_id=user.did).first() remember_me = form.remember_me.data webauthn = Webauthn.query.filter_by(user_id=user.did).first() if webauthn and webauthn.is_enabled is True: token = user.set_valid_credentials(remember_me) response = make_response( render_template("webauthn/login_with_webauthn.html") ) response.set_cookie( "token", value=token, max_age=90, secure=Config.HTTPS_ENABLED, httponly=True, samesite="Strict", ) return response if user_otp and user_otp.is_valid == 1: user_otp.remaining_attempts = 3 db.session.add(user_otp) form = CheckOTPCode() token = user.set_valid_credentials(remember_me) response = make_response( render_template("twofa/login_with_twofa.html", form=form) ) response.set_cookie( "token", value=token, max_age=90, secure=Config.HTTPS_ENABLED, httponly=True, samesite="Strict", ) db.session.commit() return response login_user(user, remember=form.remember_me.data) next_page = get_next_page(request.args.get("next")) return redirect(next_page) return render_template("auth/login.html", title=_("Sign In"), form=form)
def setUp(self): self.app_context = app.app_context() self.app_context.push() self.app = app.test_client() self.email = '*****@*****.**' self.password = '******' pwhash = flask_bcrypt.generate_password_hash(self.password) u = User(email=self.email, password=pwhash ) db.session.add(u) db.session.commit()
def create_user(email, password, first_name, last_name): """ Create an user in the database :param email: String, user email. Ie, "*****@*****.**" :param password: String, user's password. Ie, "my-password" :param first_name: String, user's first name. Ie, "Andres" :param last_name: String, user's last name. Ie, "Andres" """ user = User( email=email, password=flask_bcrypt.generate_password_hash(password), first_name=first_name, last_name=last_name ) user.save()
def change_password(): error = None old_password = request.form['oldPassword'] new_password = flask_bcrypt.generate_password_hash(request.form['newPassword'], rounds=12) #Retrieve logged-in doctor document, to populate his profile page doctor_doc = Users.objects.get(id=current_user.get_id()) if not flask_bcrypt.check_password_hash(doctor_doc["password"], old_password): error = 'Fjalekalimi gabim! Kerkesa juaj per ndryshim te fjalekalimit nuk u ekzekutua.' return render_template('doc_profile/doc_profile.html', message=error,type="error", doctor_doc=doctor_doc) elif request.form['newPassword'] != request.form['passwordConfirm']: error = 'Fjalekalimet nuk jane te njejta! Kerkesa juaj per ndryshim te fjalekalimit nuk u ekzekutua.' return render_template('doc_profile/doc_profile.html', message=error, type="error", doctor_doc=doctor_doc) else: doctor_doc.update(password=new_password) success = "Ndryshimi fjalekalimit u krye me sukses!" return render_template('doc_profile/doc_profile.html', message=success, type="success", doctor_doc=doctor_doc)
def put(self): """Method to handle user data update""" user_update_data = request.get_json(force=True) user_data = UserSchema( dump_only=['id']).load_object_into_schema(user_update_data) if user_data.get('password'): hashed_password = BCrypt.generate_password_hash( user_data.get('password')).decode('utf-8') user_data.update(password=hashed_password) exact_user = UserModel.query.filter_by( id=get_jwt_identity().get('id')).first() updated_user_object = exact_user.update(**user_data) return success_response( data=UserSchema(exclude=['password']).dump( updated_user_object), message='Profile Updated Successfully')
def register(): ''' register user endpoint ''' data = validate_user(request.get_json()) if data['ok']: data = data['data'] data['password'] = flask_bcrypt.generate_password_hash( data['password']) user_id = mongo.db.user.insert_one(data).inserted_id closet_id = create_closet(user_id) wishlist_id = create_wishlist(user_id) mongo.db.user.find_one_and_update({"_id": user_id}, {"$set": {"closet": closet_id, "wishlist": wishlist_id}}) LOG.info('Registered user: {}'.format(user_id)) return jsonify({'ok': True, 'message': 'User created successfully!'}), 200 else: return jsonify({'ok': False, 'message': 'Bad request parameters: {}'.format(data['message'])}), 400
def register(): data = validate_user(request.get_json()) if not data['ok']: return jsonify({'ok': False, 'message': 'Bad request parameters: {}'.format(data['message'])}), 400 data = data['data'] data['user'] = data['user'].upper() user = mongo.db.users.find_one({'user': data['user']}) if user: return jsonify({'ok': False, 'message': 'El usuario {} ya existe'.format(data['user'])}), 400 data['password'] = flask_bcrypt.generate_password_hash(data['password']) data['role'] = 'USER_ROLE' data['active'] = True mongo.db.users.insert_one(data) return jsonify({'ok': True, 'message': 'Usuario creado exitosamente!'}), 201
def handle_registration(): if not current_user.moderator: return redirect(url_for(".root")) email = request.form["email"] password = request.form["password"] # Change this to: current user's group organization = current_user.organization pw_hashed = flask_bcrypt.generate_password_hash(password) new_user = User(email=email, password=pw_hashed, organization=organization) db.session.add(new_user) db.session.commit() return redirect(url_for(".root"))
def handle_registration(): if not current_user.moderator: return redirect(url_for('.root')) email = request.form['email'] password = request.form['password'] # Change this to: current user's group organization = current_user.organization pw_hashed = flask_bcrypt.generate_password_hash(password) new_user = User(email=email, password=pw_hashed, organization=organization) db.session.add(new_user) db.session.commit() return redirect(url_for('.root'))
def reset_password(): reset_request_id = request.args.get('id') reset_code = request.args.get('reset_code') reset_request = PasswordResetRequest.objects.get_or_404(id=reset_request_id) if not reset_request: flash("You do not have access to that page.", "danger") return redirect(url_for('index')) if not reset_request.validate_reset_code(reset_code): flash("You do not have access to that page", "danger") return redirect(url_for('index')) if not reset_request.validate_timestamp(): flash("Password reset has expired", "danger") return redirect(url_for('index')) if request.method == "POST": password = request.form.get('password').strip() confirm = request.form.get('confirm').strip() has_errors = False if len(password) < MIN_PASSWORD_LENGTH: flash("Password must be at least {0} " "characters".format(MIN_PASSWORD_LENGTH), "danger") has_errors = True if password != confirm: flash("Password and confirmation do not match", "danger") has_errors = True if not has_errors: userObj = User() password_hash = flask_bcrypt.generate_password_hash(password) try: userObj.reset_password(reset_request.user_id, password_hash) reset_request.delete() session.pop(reset_request.user_id, None) flash("You have successfully reset your password!", "success") return redirect(url_for('auth_login.login')) except: flash("Unable to reset password", "danger") current_app.logger.error("Error on registration - possible duplicate emails") form = ResetPassForm(request.form) return render_template('forms/reset_password.html', form = form)
def generate_password_reset_link(user_id): # Clear out all old requests for this member for r in PasswordResetRequest.objects(user_id=user_id): session.pop(r.user_id, None) # Generate new password reset request reset_code = uuid4() reset_code_hash = flask_bcrypt.generate_password_hash(reset_code) reset_request = PasswordResetRequest(reset_code_hash=reset_code_hash, user_id=user_id, timestamp=datetime.now()) reset_request.save() session.update({user_id : reset_code}) # Return the reset password link return url_for('auth_login.reset_password', _external=True, id=reset_request.id, reset_code=reset_code)
def user(id): #print("id",id) #print("args",request.args) if request.method == 'GET': query = request.args data = mongo.db.users.find_one({"_id":ObjectId(id)}) #print("data",data) #print("len",len(data)) """ check = checkSimpleForeign("users",id) if check != True: return check """ return jsonify(data), 200 if request.method == 'DELETE': db_response = mongo.db.users.delete_one({"_id":ObjectId(id)}) if db_response.deleted_count == 1: response = {'message': 'record deleted'} else: response = {'message': 'no record found'} return jsonify(response), 200 if request.method == 'PUT': #data = request.get_json() data = validate_user(request.get_json()) if data['ok']: data = data['data'] if 'password' in data: data['password'] = flask_bcrypt.generate_password_hash( data['password']) data["updatedAT"] = datetime.datetime.utcnow() db_response = mongo.db.users.update_one({"_id":ObjectId(id)}, {'$set':data}) #print("response",db_response.matched_count) if db_response.matched_count > 0: return jsonify({'message': 'record updated'}), 200 else: return jsonify({'message': 'error on record updated'}), 400 else: return jsonify({'message': 'Bad request parameters: {}'.format(data['message'])}), 400
def register(): form = SignupForm(request.form) if request.method == 'POST': if form.validate(): user_obj = User() email = form.email.data password = flask_bcrypt.generate_password_hash(form.password.data) user_obj.email = email user_obj.password = password user_id = user_obj.save() # user_id will be none if email has already been registered if not user_id: flash('Email has already been registered!') return redirect('/register') logging.debug('Register-- {} registered'.format(email)) return redirect('/login') else: logging.debug('Register-- validate check failed') flash("Information input error, please input again!") return render_template('register.html', form=form)
def register(): ''' register user endpoint ''' users = len(json.loads(dumps(mongo.db.users.find()))) if len == 0: data = validate_user(request.get_json()) if data['ok']: data = data['data'] if data['password'] != None: data['password'] = flask_bcrypt.generate_password_hash( data['password']) data["createdAT"] = datetime.datetime.utcnow() mongo.db.users.insert_one(data) return jsonify({'message': 'User created successfully!'}), 200 else: return jsonify({'message': 'Bad request parameters: {}'.format(data['message'])}), 400 else: return jsonify({'message': 'can not created first user'}), 400
def create_user(self, payload): hashed_password = flask_bcrypt.generate_password_hash( payload["password"]).decode("utf-8") exception_map = {} user = self.get_user_by_email(payload["email"]) if not user: user = User( email=payload["email"], first_name=payload["first_name"].lower().capitalize(), last_name=payload["last_name"].lower().capitalize(), password_hash=hashed_password, uuid=str(uuid.uuid4()), admin=True, ) db.session.add(user) db.session.commit() else: exception_map[ "user_already_exists"] = f'user with email \'{payload["email"]}\' already exists' return user, exception_map
def register(): registerForm = forms.SignupForm(request.form) current_app.logger.info(request.form) if request.method == 'POST' and registerForm.validate() == False: current_app.logger.info(registerForm.errors) return "uhoh registration error" elif request.method == 'POST' and registerForm.validate(): email = request.form['email'] first_name = request.form['first_name'] last_name = request.form['last_name'] # generate password hash password_hash = flask_bcrypt.generate_password_hash(request.form['password']) # prepare User user = User(email,password_hash,first_name,last_name) print user try: user.save() if login_user(user, remember="no"): flash("Logged in!") return redirect('/') else: flash("unable to log you in") except: flash("unable to register with that email address") current_app.logger.error("Error on registration - possible duplicate emails") # prepare registration form # registerForm = RegisterForm(csrf_enabled=True) templateData = { 'form' : registerForm } return render_template("/auth/register.html", **templateData)
def register(): registerForm = forms.SignupForm(request.form) current_app.logger.info(request.form) if request.method == 'POST' and registerForm.validate() == False: current_app.logger.info(registerForm.errors) return "uhoh registration error" elif request.method == 'POST' and registerForm.validate(): email = request.form['email'] if email.find("creighton.edu") == -1: #checks to see if creighton email return "Must be a creigthon email!" # generate password hash password_hash = flask_bcrypt.generate_password_hash(request.form['password']) # prepare User user = User(email,password_hash) print user try: user.save() # user.search_form = SearchForm() if login_user(user, remember="yes"): flash("Logged in!") return redirect('/home') else: flash("unable to log you in") except: flash("unable to register with that email address") current_app.logger.error("Error on registration - possible duplicate emails") # prepare registration form # registerForm = RegisterForm(csrf_enabled=True) templateData = { 'form' : registerForm } return render_template("/auth/register.html", **templateData)
def on_put_init_object(): item = request.get_json() # preserve existing object if desired if item.get('__preserve') == True: preserve_id = item.get('id') if not preserve_id: return "object without ID cannot be preserved\n", 400 existing_object = mongo.db.objects.find_one({"id": preserve_id}) if existing_object: return f"object with ID {preserve_id} already existing, preserved\n", 200 del item['__preserve'] else: # mark object as created automatically item['autocreated'] = True # automatically created users also need a password hash, # using a password, which is passed as a field and removed afterwards if item.get('type') == 'user' and 'fields' in item: user_id = item['fields'].get('email') password = item['fields'].get('password') if user_id and password: passwordhash = flask_bcrypt.generate_password_hash( password).decode() del item['fields']['password'] mongo.db.passwords.replace_one({'userid': user_id}, { 'userid': user_id, 'passwordhash': passwordhash }, upsert=True) # save object and return a text message instead of a JSON result json, code = save_object(item, get_jwt_identity()) if code == 200: return "OK\n", 200 else: return (json.get('message') or "error saving object") + "\n", code or 500
def register(): data = validate_user(request.get_json()) if data['ok']: data = data['data'] data['password'] = flask_bcrypt.generate_password_hash( data['password']).decode('utf-8') user = User(name=data['name'], email=data['email'], password=data['password']) db.session.add(user) db.session.commit() return jsonify({ 'ok': True, 'message': 'User created successfully' }), 200 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def users(): ''' example to get extra data from annotation ''' #print("extraData",request.extraData) ''' route read user ''' if request.method == 'GET': query = request.args data = json.loads(dumps(mongo.db.users.aggregate([{'$addFields': {"_id": { '$toString':'$_id'}}}]))) print("data",data) #print("len",len(data)) return jsonify(data), 200 if request.method == 'POST': data = validate_user(request.get_json()) if data['ok']: data = data['data'] if 'password' in data: data['password'] = flask_bcrypt.generate_password_hash( data['password']) data["createdAT"] = datetime.datetime.utcnow() mongo.db.users.insert_one(data) return jsonify({'message': 'User created successfully!'}), 200 else: return jsonify({'message': 'Bad request parameters: {}'.format(data['message'])}), 400
def register(): registerForm = forms.SignupForm(request.form) current_app.logger.info(request.form) if request.method == 'POST' and registerForm.validate() == False: current_app.logger.info(registerForm.errors) return "uhoh registration error" elif request.method == 'POST' and registerForm.validate(): email = request.form['email'] # generate password hash password_hash = flask_bcrypt.generate_password_hash( request.form['password']) # prepare User user = User(email, password_hash) print user try: user.save() if login_user(user, remember="no"): flash("Logged in!") return redirect('/') else: flash("unable to log you in") except: flash("unable to register with that email address") current_app.logger.error( "Error on registration - possible duplicate emails") # prepare registration form # registerForm = RegisterForm(csrf_enabled=True) templateData = {'form': registerForm} return render_template("/auth/register.html", **templateData)
def register(): form = SignupForm(request.form) if form.validate(): user = User() form.populate_obj(user) user_exist = User.query.filter_by(email=form.email.data).first() if user_exist: # form.email.error.append('Email already in use.') return redirect(url_for('authentication.register')) else: user.password = flask_bcrypt.generate_password_hash( form.password.data, 15).decode('utf-8') user.active = True db.session.add(user) db.session.commit() return redirect(url_for('views.index')) return render_template('register.html', form=SignupForm(), login_form=SigninForm())
def register(): registerForm = forms.SignupForm(request.form) # current_app.logger.info(request.form) if request.method == 'POST' and registerForm.validate() == False: current_app.logger.info(registerForm.errors) return "uhoh registration error" elif request.method == 'POST' and registerForm.validate(): username = request.form['username'] password_hash = flask_bcrypt.generate_password_hash(request.form['password']) user = User(username,password_hash,key='') try: user.save() if login_user(user,remember="no"): flash("Logged in !") return render_template("logined.html") else: flash("unable to log you in") except Exception as e: print(e.message) flash("unable to register with that username address") templateData = {'form':registerForm} return render_template('/register.html',**templateData)
def __init__(self, username, password): self.username = username self.password = flask_bcrypt.generate_password_hash(password)
def password(self, password): """Encrypt the password on assignment.""" self._password = flask_bcrypt.generate_password_hash(password)
def __init__(self, email, password): self.email = email self.password = flask_bcrypt.generate_password_hash(password)
from app import db, flask_bcrypt db.create_all() from app import User, Organization from app.config import admin_username, admin_password focus = Organization('Focus Africa', 'focus-africa.co.za') admin_group = Organization('admins') admin_pw_hash = flask_bcrypt.generate_password_hash(admin_password) admin = User(admin_username, admin_pw_hash, organization=admin_group, moderator=True, admin=True) db.session.add(focus) db.session.add(admin_group) db.session.add(admin) db.session.commit()
def password(self, password): self.password_hash = flask_bcrypt.generate_password_hash( password).decode('utf-8')
def add_user(self): pwhash = flask_bcrypt.generate_password_hash(self.args['<password>']) u = User(email=self.args['<email>'], password=pwhash) db.session.add(u) db.session.commit() print('User added')
def on_model_change(self, form, model, is_created=False): ''' If the password exists, hash it, otherwise leave it alone ''' if len(form.new_password.data): model.password = flask_bcrypt.generate_password_hash(form.new_password.data)
def register_post(): tid, ip = setup_log_vars() lggr = setup_local_logger(tid, ip) MAM = MainModel(tid=tid, ip=ip) invite_organization = request.form.get('h') invite_team = request.form.get('t') invite_token = request.form.get('k') #invite_email = request.form.get('e') #if e and email are not the same that is ok. username = request.form.get('username').lower().replace(' ', '') email = request.form.get('email').lower().replace(' ', '') # generate password hash password_hash = flask_bcrypt.generate_password_hash( request.form.get('password')) # prepare User user = User(username=username, email=email, passhash=password_hash, tid=tid, ip=ip) lggr.info(user) try: if user.set_user(): lggr.info('User created') user_created = True else: lggr.info('User NOT created') user_created = False except: lggr.error( traceback.format_exception(sys.exc_info()[0], sys.exc_info()[1], sys.exc_info()[2])) flash("unable to register with that email address", 'UI') mpp = { 'status': 'KO', 'msg': 'Unable to register with that email address' } flash({'f': 'track', 'v': '_register', 'p': mpp}, 'MP') lggr.error("Error on registration ") return redirect( url_for('avispa_auth.register_get', _external=True, _scheme=URL_SCHEME)) if True: #try: if user_created: if invite_organization and invite_team and invite_token and email: # Aquire org.invitations document result = MAM.select_user_doc_view('orgs/invitations', invite_organization) # Verify if this is a valid invitation for i in result['invitations']: if i['token'] == invite_token and i['email'] == email: lggr.info('Invitation valid') valid_invite = True break else: lggr.info('Invitation invalid') valid_invite = False if valid_invite: people = {} people['added'] = str(datetime.now()) people['handle'] = username people['addedby'] = i['author'] # Add the user to the organization people MAM.append_to_user_field(invite_organization, 'people', people) lggr.info('User appended to org: %s' % (invite_organization)) # Add the user to the team MAM.append_to_user_field(invite_organization, 'teams', people, sublist='members', wherefield='teamname', wherefieldvalue=invite_team) lggr.info('User added to team: %s' % (invite_team)) # Set its onLogin hook to <invite_organization>/<invite_team> u = {} u['id'] = username u['onlogin'] = '******' + invite_organization + '/_home' MAM.update_user(u) lggr.info('User created, now log in the user') #Go through regular login process userObj = User(email=email, tid=tid, ip=ip) userview = userObj.get_user() lggr.info(userObj) mpp = {'status': 'OK'} flash({'f': 'track', 'v': '_register', 'p': mpp}, 'MP') flash({'f': 'alias', 'v': username}, 'MP') if login_user(userObj, remember="no"): flash("Logged in. Welcome to MyRing!", 'UI') mpp = {'status': 'OK', 'msg': 'Automatic'} flash({'f': 'track', 'v': '_login', 'p': mpp}, 'MP') #flash({'track':'_login OK, Automatic'},'MP') if invite_organization: #return redirect(absolute_url('/'+invite_organization+'/_home')) return redirect( url_for('avispa_rest.home', handle=invite_organization, _external=True, _scheme=URL_SCHEME)) else: #return redirect(absolute_url('/'+userview.id+'/_home')) return redirect( url_for('avispa_rest.home', handle=userview.id, _external=True, _scheme=URL_SCHEME)) else: flash("Please enter your credentials ", 'UI') mpp = {'status': 'KO', 'msg': 'Automatic'} flash({'f': 'track', 'v': '_login', 'p': mpp}, 'MP') #flash({'track':'_login KO, Automatic'},'MP') #return redirect(absolute_url('/_login')) return redirect( url_for('avispa_auth.login', _external=True, _scheme=URL_SCHEME)) else: lggr.info('User could not be created') mpp = {'status': 'KO', 'msg': 'User could not be created'} flash({'f': 'track', 'v': '_register', 'p': mpp}, 'MP') flash({'f': 'alias', 'v': username}, 'MP') #return redirect(absolute_url('/_register')) return redirect( url_for('avispa_auth.register_get', _external=True, _scheme=URL_SCHEME)) else: #except: flash("Please enter your credentials. [E12] ", 'UI') mpp = {'status': 'KO', 'msg': 'Automatic'} flash({'f': 'track', 'v': '_login', 'p': mpp}, 'MP') #return redirect(absolute_url('/_login')) return redirect( url_for('avispa_auth.login', _external=True, _scheme=URL_SCHEME))
def password(self, password): self._password = flask_bcrypt.generate_password_hash(password)
def forgot(): tid, ip = setup_log_vars() lggr = setup_local_logger(tid, ip) MAM = MainModel(tid=tid, ip=ip) if request.method == 'POST' and request.form.get('email'): email = request.form.get('email') userObj = User(email=email, tid=tid, ip=ip) user = userObj.get_user() lggr.info(user) if user and user.is_active(): try: o = urlparse.urlparse(request.url) host_url = urlparse.urlunparse( (URL_SCHEME, o.netloc, '', '', '', '')) #save the token in the database key = flask_bcrypt.generate_password_hash( request.form.get('email') + str(random.randint(0, 9999))) #key = 'qwerty1234' lggr.info("key:" + key) userObj.set_password_key(key) to = user.email subject = "Password Recovery Email for: " + user.email content = "Click here " + host_url + "/_forgot?k=" + key + "&e=" + email EMO = EmailModel() if EMO.send_one_email(to, subject, content): lggr.info("Sending password recovery email to: " + user.email) flash( "Please check your mail's inbox for the password recovery instructions.", 'UI') mpp = {'status': 'OK', 'msg': 'Sent recovery email'} flash({'f': 'track', 'v': '_forgot', 'p': mpp}, 'MP') #flash({'track':'_forgot OK, sent recovery email'},'MP') else: lggr.info( "Something went wrong with sending the email but no error was raised" ) ''' server = smtplib.SMTP('smtp.gmail.com', 587) server.ehlo() server.starttls() #Next, log in to the server server.login(FROMEMAIL, FROMPASS) #Send the mail msg = "\r\n".join([ "From:"+FROMEMAIL, "To: "+user.email, "Subject: Password Recovery Email for: "+user.email, "", "Click here "+host_url+"/_forgot?k="+key+"&e="+email ]) #msg = "\nHello!" # The /n separates the message from the headers server.sendmail(FROMEMAIL, user.email, msg) server.quit() ''' except: lggr.error( traceback.format_exception(sys.exc_info()[0], sys.exc_info()[1], sys.exc_info()[2])) lggr.error("Error sending password revovery email") flash( "There was an error sending the password recovery instructions" ) flash({'track': '_forgot KO, error sending recovery email'}, 'MP') pass else: flash("Could not find this email", 'UI') mpp = {'status': 'KO', 'msg': 'Could not find email'} flash({'f': 'track', 'v': '_forgot', 'p': mpp}, 'MP') #flash({'track':'_forgot KO, could not find email'},'MP') elif request.method == 'GET' and request.args.get( 'k') and request.args.get('e'): data = {} data['key'] = request.args.get('k') data['email'] = request.args.get('e') userObj = User(tid=tid, ip=ip) if userObj.is_valid_password_key(data['email'], data['key']): lggr.info('Token authorized') mpp = {'status': 'OK', 'msg': 'Token authorized'} flash({'f': 'track', 'v': '_forgot', 'p': mpp}, 'MP') #flash({'track':'_forgot OK, Token authorized'},'MP') return render_template("/auth/new_password.html", data=data) else: lggr.info('Token Rejected') mpp = {'status': 'KO', 'msg': 'Token not authorized'} flash({'f': 'track', 'v': '_forgot', 'p': mpp}, 'MP') #flash({'track':'_forgot KO, Token not authorized'},'MP') elif (request.method == 'POST' and request.form.get('e') and request.form.get('k') and request.form.get('password') and request.form.get('confirm')): userObj = User(email=request.form.get('e'), tid=tid, ip=ip) user = userObj.get_user() if request.form.get('password') == request.form.get('confirm'): if userObj.is_valid_password_key(request.form.get('e'), request.form.get('k')): lggr.info('Token authorized') # generate password hash passhash = flask_bcrypt.generate_password_hash( request.form.get('password')) userObj.set_password(passhash) flash('Password changed', 'UI') mpp = {'status': 'OK', 'msg': 'Password changed'} flash({'f': 'track', 'v': '_forgot', 'p': mpp}, 'MP') #flash({'track':'_forgot OK, Password changed'},'MP') #return redirect(absolute_url('_login')) return redirect( url_for('avispa_auth.login', _external=True, _scheme=URL_SCHEME)) else: flash('Token Rejected', 'UI') mpp = {'status': 'KO', 'msg': 'Token rejected'} flash({'f': 'track', 'v': '_forgot', 'p': mpp}, 'MP') #flash({'track':'_forgot KO, Token rejected'},'MP') #return redirect(absolute_url('_login')) return redirect( url_for('avispa_auth.login', _external=True, _scheme=URL_SCHEME)) else: flash('Both passwords need to match', 'UI') mpp = {'status': 'KO', 'msg': 'Password do not match'} flash({'f': 'track', 'v': '_forgot', 'p': mpp}, 'MP') #flash({'track':'_forgot KO, passwords do not match'},'MP') q = 'k=' + request.form.get('k') + '&e=' + request.form.get('e') #return redirect(absolute_url('/_forgot',query=q)) return redirect( url_for('avispa_auth.forgot', k=request.form.get('k'), e=request.form.get('e'), _external=True, _scheme=URL_SCHEME)) data = {} data['method'] = '_forgot' return render_template("/auth/forgot.html", data=data)