Example #1
0
def auth_login():
    if request.method == "GET":
        return render_template("auth/login.html", form=LoginForm())

    form = LoginForm(request.form)

    if not form.validate():
        return render_template("auth/login.html", form=form)

    user = User.query.filter_by(username=form.username.data).first()

    if not user:
        return render_template("auth/login.html",
                               form=LoginForm(),
                               error="Bad username or password")

    login = flask_bcrypt.check_password_hash(user.pwd_hash, form.password.data)

    if not login:
        return render_template("auth/login.html",
                               form=LoginForm(),
                               error="Bad username or password")

    login_user(user)

    return redirect(url_for("index"))
Example #2
0
def authUser():
    data = validate_user(request.get_json())
    print(data)
    if data['ok']:
        data = data['data']
        user = mongo.db.users.find_one({'email': data['email']})

        if user and flask_bcrypt.check_password_hash(user['password'],
                                                     data['password']):
            del user['password']
            access_token = create_access_token(identity=data)
            user['token'] = access_token
            return jsonify({'ok': True, 'data': user}), 200
        else:
            return jsonify({
                'ok': False,
                'message': 'invalid username or password'
            }), 401
    else:
        return jsonify({
            'ok':
            False,
            'message':
            'Bad request parameters: {}'.format(data['message'])
        }), 400
Example #3
0
def auth_login():
    if request.method == "GET":
        return render_template("auth/loginform.html", form=LoginForm())

    form = LoginForm(request.form)

    username = form.username.data
    password = form.password.data.encode('utf-8')

    user = User.query.filter_by(username=username).first()

    if not user:
        return render_template("auth/loginform.html",
                               form=form,
                               error="Username was not found.")
    else:
        password_hash = user.password
        is_password_correct = flask_bcrypt.check_password_hash(
            password_hash, password)
        if not is_password_correct:
            return render_template("auth/loginform.html",
                                   form=form,
                                   error="Password is incorrect.")
        else:
            login_user(user)
            return redirect(url_for("roster_index"))
Example #4
0
def login():

	if hasattr(g, 'user') and g.user.is_authenticated():
		retrun redirect(url_for('users.index'))

	form = LoginForm()

	if form.validate_on_submit():
		user = User.query.filter_by(username=form.username.data).one()

		if not user or not flask_bcrypt.check_password_hash(user.password, form.password.data)
			flash("User does not exsist.")
			return render_template('users/login', form=form)

		login_user(user, remember=True)
		return redirect(url_for('users.index'))

	return render_template('users/signup.html', form=form)
Example #5
0
def login():
    if current_user.is_authenticated:
        redirect(urls_for('snaps.listing'))

    form = LoginForm()

    if form.validate_on_submit():
        user = User.query.filter_by(username=form.username.data).first()

        if not user or not flask_bcrypt.check_password_hash(
                user.password, form.password.data):
            flash("No such user exists.")
            return render_template('users/login.html', form=form)

        login_user(user, remember=True)
        return redirect(url_for('snaps.listing'))

    return render_template('users/login.html', form=form)
Example #6
0
def checkPassword():
    try:
        current_user = get_jwt_identity()
        data = request.get_json()
        user = mongo.db.users.find_one({'email': current_user['email']})
        if user and flask_bcrypt.check_password_hash(user['password'],
                                                     data['password']):
            return jsonify({
                'ok': True,
                'message': 'Password is correct.'
            }), 200
        return jsonify({'ok': False, 'message': 'Wrong credentials'}), 401
    except:
        return jsonify({
            'ok':
            False,
            'message':
            'Bad request parameters: {}'.format(data['message'])
        }), 400
Example #7
0
def login():
    """
    Basic user login functionality.

    If the user is already logged in (meaning we have a
    user object attached to the g context local), we
    redirect the user to the default snaps index page.

    If the user is not already logged in and we have
    form data that was submitted via POST request, we
    call the validate_on_submit() method of the Flask-WTF
    Form object to ensure that the POST data matches what
    we are expecting. If the data validates, we login the
    user given the form data that was provided and then
    redirect them to the default snaps index page.

    Note: Some of this may be simplified by moving the actual User
    loading and password checking into a custom Flask-WTF validator
    for the LoginForm, but we avoid that for the moment, here.
    """

    if hasattr(g, 'user') and g.user.is_authenticated():
        return redirect(url_for('users.index'))

    form = LoginForm()

    if form.validate_on_submit():

        # We use one() here instead of first()
        user = User.query.filter_by(username=form.username.data).one()

        if not user or not flask_bcrypt.check_password_hash(user.password,
                form.password.data):

            flash("No such user exists.")
            return render_template('users/login.html', form=form)

        login_user(user, remember=True)
        return redirect(url_for('users.index'))

    return render_template('users/login.html', form=form)
Example #8
0
def login():
    print('Login handler')
    login_json = request.get_json()

    if not login_json:
        return jsonify({'error': 'Missing JSON'}), 400

    username = login_json.get('username')
    password = login_json.get('password')

    print("Trying to login user [%s] and password [%s]" % (username, password))

    # socketApp.emit('send_message', {
    #               'msg': 'Someone trying to login'}, broadcast=True)

    if not username:
        return jsonify({'error': 'Please enter a username'}), 400

    if not password:
        return jsonify({'error': 'Please enter a password'}), 400

    user = User.query.filter_by(username=username).first()

    if user is None:
        print("Could not find username %s" % (username))
        user = User.query.filter_by(email=username).first()
        if user is None:
            print("Could not find email %s" % (username))
            return jsonify({'error':
                            'Please check username and password'}), 401

    print("user is: %s" % (user))
    _hashedPassword = flask_bcrypt.generate_password_hash(password)

    if flask_bcrypt.check_password_hash(user.password, password) is False:
        print("Invalid passford for user %s" % (user.username))
        return jsonify({'error': 'Please check username and password'}), 401

    access_token = create_access_token(identity=user.username)

    return jsonify({'access_token': access_token}), 200
Example #9
0
def login():
    print("LOGIN FUNCTION !!!!!!!!!!!!!!!!!!!!!!")
    """Basic user login functionality.

    If the user is already logged in, we
    redirect the user to the default snaps index page.

    If the user is not already logged in and we have
    form data that was submitted via POST request, we
    call the validate_on_submit() method of the Flask-WTF

    Form object to ensure that the POST data matches what
    we are expecting. If the data validates, we login the
    user given the form data that was provided and then
    redirect them to the default snaps index page.
    
    Note: Some of this may be simplified by moving the actual User
    loading and password checking into a custom Flask-WTF validator
    for the LoginForm, but we avoid that for the moment, here.
    """
    
    if current_user.is_authenticated:
        print ("AUTH LOOP!!!!!!!!!!!!!!")
        return redirect(url_for('snaps.listing'))
    print("NOT IN LOOP!!!!!!!!!!!!!!!!!")
    form = LoginForm()
    if form.validate_on_submit():
        user = User.query.filter_by(
            username=form.username.data).first()
        if not user:
            flash("No such user exists.")
            return render_template('users/login.html', form=form)
        if(not flask_bcrypt.check_password_hash(user.password,
            form.password.data)):
            flash("Invalid password.")
            return render_template('users/login.html', form=form)
        login_user(user, remember=True)
        flash("Success!  You're logged in.")
        return redirect(url_for("snaps.listing"))
    return render_template('users/login.html', form=form)
Example #10
0
def login():
    if current_user.is_authenticated:
        return redirect(url_for('users.account'))

    form = LoginForm()
    if form.validate_on_submit():

        user = User.query.filter_by(username=form.username.data).first()

        if not user:
            flash("No such user exists.")
            return render_template('users/login.html', form=form)

        if not(flask_bcrypt.check_password_hash(user.password, form.password.data)):
            flash("Invalid password.")
            return render_template('users/login.html', form=form)

        login_user(user, remember=True)
        flash("You are now logged in!")
        return redirect(url_for('users.account'))

    return render_template('users/login.html', form=form)
 def check_password(self, password):
     return flask_bcrypt.check_password_hash(self.password_hash, password)