def test_user(self):
try:
User.authenticate()
assert False
except Unauthorized:
assert True
return
assert False
def test_user(self):
try:
User.authenticate()
assert False
except Unauthorized:
assert True
return
assert False
async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
user = User.authenticate(email=form_data.username, password=form_data.password)
if not user:
raise HTTPException(status_code=400, detail="Incorrect username or password")
access_token = create_access_token(data={"email": user.email})
return {"access_token": access_token, "token_type": "bearer"}
def post(self):
data = request.get_json()
if data is None:
return {'ok', False}
identifier = data.get('identifier')
password = data.get('password')
if not identifier or not password:
raise AuthenticationError(403, 'username or password is required')
user = User.authenticate(identifier, password)
user.login_at = datetime.utcnow()
user.save()
return {'ok': 'True', 'token': user.generate_token()}
def process_login(self):
username = self.request.get('username')
password = self.request.get('password')
user = User.authenticate(username, password)
if not user:
form_data = {
'username': username,
'errors': {
'general': 'User/password combination is invalid.'
}
}
self.app.registry[Auth.login_key] = form_data
return self.redirect_to(AuthConst.ROUTE_INDEX)
else:
self._grant_access(user)
def post(self):
args = self.parser.parse_args()
email = args['email']
password = args['password']
if email is None or len(email) < 3:
return {'status': 'false', 'message': 'Invalid email'}, 403
authed = User.authenticate(email, password)
if authed:
user = User.fetch_user_by_email(email)
user_team = UserTeam.get_team_by_user(user.unid)
team_unid = user_team.team_unid if user_team else None
token = Token(user.unid)
return {'status': 'true', 'token': token.token, 'user_unid': user.unid, 'team_unid':team_unid}, 200
else:
return {'status': 'false', 'message': 'Incorrect login credentials'}, 403
def post(self):
"""
Processes the POST request and checks if credentials match against the database
Returns:
A redirect
"""
username = request.form.get('username')
password = request.form.get('password')
user = User.authenticate(username, password)
if not user:
flash('Invalid credentials. Please try again.', 'error')
return redirect(url_for('login'))
session['user_id'] = user.id
flash('You have been logged in.', 'success')
return redirect(url_for('home'))
def post(self):
"""
Processes the POST request and changes the password
Returns:
A redirect if validation passed else the template with the errors
"""
form = ChangePasswordForm()
if form.validate_on_submit():
user = User.authenticate(self.user.username,
form.current_password.data)
if not user:
form.current_password.errors.append(
'Incorrect password. Try again.')
user.change_password(form.new_password.data)
flash('You have changed your password.', 'success')
return redirect(url_for('home'))
return render_template('user/change-password.html', form=form)
def wrapper(s, **kwargs):
acct = User.authenticate()
if acct:
return func(s,acct=acct, **kwargs)
