def landing():
if current_user:
redirect(url_for('home'))
login_form = LoginForm(request.form)
registration_form = CreateAccount(request.form)
if login_form.validate_on_submit():
user = User.query.filter_by(uName=login_form.name.data).first()
if user.check_pass(login_form.password.data):
login_user(user)
return redirect(url_for('home'))
else:
flash("Username/Password not recognized.")
return redirect(url_for('landing'))
if registration_form.validate_on_submit():
new_user = User(registration_form.username.data,
registration_form.password.data,
registration_form.dob.data,
registration_form.fName.data,
registration_form.mName.data,
registration_form.lName.data,
int(registration_form.zip.data),
registration_form.email.data)
db.session.add(new_user)
db.session.commit()
login_user(new_user)
return redirect(url_for('home'))
return render_template('landing.html', login_form = login_form, reg = registration_form)
def login():
# 已登录用户则返回首页
if g.user.is_authenticated:
return redirect(url_for('frontend.index'))
login_form = LoginForm()
if login_form.validate_on_submit():
people = People.query.authenticate(
login_form.login.data,
login_form.password.data,
)
if people:
login_user(people, remember=login_form.remember.data)
# Flask-Principal 发送信号
identity_changed.send(current_app._get_current_object(), identity=Identity(people.id))
print 'sent by login'
ip = get_client_ip()
login_log = LoginLog(people.id, ip)
db.session.add(login_log)
db.session.commit()
flash('登录成功', 'success')
return redirect(url_for('frontend.index'))
else:
flash('登录失败', 'warning')
return render_template('login.html', form=login_form)
def login():
# if g.user_init and g.user_init.is_authenticated():
portal_id = request.args.get('subscribe', None)
if g.user_init.is_authenticated():
if portal_id:
return redirect(url_for('general.reader_subscription', portal_id=portal_id))
flash('You are already logged in. If you want to login with another '
'account logout first please')
return redirect(url_for('general.index'))
form = LoginForm()
if form.validate_on_submit():
user = g.db.query(User).\
filter(User.profireader_email == form.email.data).first()
if user and user.is_banned():
return redirect(url_for('general.index'))
if user and user.verify_password(form.password.data):
login_user(user)
if portal_id:
return redirect(url_for('general.reader_subscription', portal_id=portal_id))
return redirect(request.args.get('next') or url_for('general.index'))
flash('Invalid username or password.')
redirect_url = url_for('auth.login')
redirect_url += '?/' + portal_id if portal_id else ''
return redirect(redirect_url)
return render_template('auth/login.html', form=form, portal_id=portal_id)
def login():
form = loginform()
if request.method == 'GET':
return render_template('home/pages/login.html',form=form)
username = form.username.data
password = form.password.data
user_accessed = user.query.filter_by(username=username).first()
if user_accessed is None:
flash(u'Username is incorrect') # to log incorrect username
return redirect(url_for('login'))
if not user_accessed.verify_password(password):
flash(u'Password is incorrect') # to log incorrect password
return redirect(url_for('login'))
if not user_accessed.active:
flash(u'Your account is inactive') # to log inactive user
return redirect(url_for('login'))
login_user(user_accessed)
identity_changed.send(app, identity=Identity(user_accessed.username))
return dashboard()
def login():
'''
Handle user logins.
'''
now = datetime.now()
launch = datetime(2016, 3, 28, 19, 30, 0)
begin = now >= launch
print(launch, now)
if begin is False:
return redirect('/')
if request.method == "POST":
username = request.form.get('username').strip()
password = request.form.get('password').strip()
if validate_user(database, username, password):
auth_user = User(username)
login_user(auth_user)
user_level = get_level(database, current_user.id)
return redirect(get_url(database, user_level))
else:
return render_template('login.html', force=False, error=True)
else:
if current_user.is_authenticated:
user_level = get_level(database, current_user.id)
resume = get_url(database, user_level)
return render_template('login.html', force=True,
username=current_user.id, error=False,
resume=resume)
return render_template('login.html', force=False, error=None)
def index():
login = LoginForm()
join = JoinForm()
contact = ContactForm()
mail = MailingForm()
if login.validate_on_submit():
user = User.query.filter_by(email=login.inputEmailIn.data).first_or_404()
if user and bcrypt.check_password_hash(user.password, login.inputPasswordIn.data):
db.session.add(user)
db.session.commit()
login_user(user, remember=True)
print(current_user.email)
return redirect("/myAisleMate/rb")
else:
flash("Incorrect email or password")
return redirect("/index")
elif join.validate_on_submit():
user = User(
email=join.inputEmailUp.data,
password=join.inputPasswordUp1.data
)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect("/myAisleMate/rb")
return render_template('index.html',
title ='Home',
login = login,
join = join,
contact = contact,
mail = mail)
def login():
if current_user.is_authenticated:
flash('You are already logged in.')
return redirect(url_for('auth.home'))
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
username = request.form.get('username')
password = request.form.get('password')
try:
User.try_login(username, password)
except LDAPException:
flash(
'Invalid username or password. Please try again.',
'danger')
return render_template('auth/login.html', form=form)
user = User.query.filter_by(username=username).first()
if not user:
user = User(username)
db.session.add(user)
db.session.commit()
login_user(user)
flash('You have successfully logged in.', 'success')
return redirect(url_for('auth.home'))
if form.errors:
flash(form.errors, 'danger')
return render_template('auth/login.html', form=form)
def authenticate(project):
print "authenticate"
print current_user, current_user.is_authenticated()
if not current_user.is_authenticated():
print "logging in user"
user = User()
db.session.add(user)
db.session.commit()
login_user(user)
if project in current_user.projects:
print "p:", project
current_user.current_project = project
db.session.commit()
return redirect(url_for('.project', project=project))
form = LoginForm()
if form.validate_on_submit():
print "p:", project
current_user.current_project = project
current_user.projects.append(project)
db.session.commit()
return redirect(url_for('.project', project=project))
return render_template('authenticate.html',
project=project,
form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
login_user(form.user)
flash("Logged in successfully, bro.")
return redirect(request.args.get("next") or url_for("instances.index"))
return render_template('users/login.html', form=form)
def login_view():
next_url = request.args.get('next', default='/', type=str)
if app.config.get('IGNORE_AUTH'):
fake_id = 'anonymous_superuser'
anonymous_superuser = models.User.query.get(fake_id)
if not anonymous_superuser:
anonymous_superuser = models.User(
id=fake_id,
email_address='*****@*****.**',
superuser=1)
db.session.add(anonymous_superuser);
db.session.commit()
login_user(anonymous_superuser)
confirm_login()
return redirect(next_url)
# Inspired by:
# http://stackoverflow.com/questions/9499286
# /using-google-oauth2-with-flask
params = dict(
response_type='code',
client_id=config.GOOGLE_OAUTH2_CLIENT_ID,
redirect_uri=config.GOOGLE_OAUTH2_REDIRECT_URI,
scope=GOOGLE_OAUTH2_SCOPES,
state=urllib.quote(next_url),
)
target_url = '%s?%s' % (
GOOGLE_OAUTH2_AUTH_URL, urllib.urlencode(params))
logging.debug('Redirecting user to login at url=%r', target_url)
return redirect(target_url)
def login():
if request.method == 'GET':
return render_template('login.html')
facebook_id = request.form.get('facebook_id')
facebook_token = request.form.get('facebook_token')
if not facebook_id or not facebook_token:
flash(u"잘못된 로그인 정보입니다.")
return render_template('login.html'), 400
me = facebook_auth(facebook_token)
if not me:
flash(u"페이스북 인증에 실패했습니다.")
return render_template('login.html'), 400
if me['id'] not in current_app.config['ALLOWED_FACEBOOK_USERS']:
flash(u"허용되지 않은 사용자입니다.")
return render_template('login.html'), 400
user = User.query.filter_by(facebook_id=str(me['id'])).first()
if user is None:
user = User()
user.name = me['name']
user.facebook_id = facebook_id
user.facebook_token = facebook_token
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('web.item_list'))
def register():
form = RegistrationForm()
if form.validate_on_submit():
user = User.create(**form.data)
login_user(user)
return redirect(url_for('instances.index'))
return render_template('users/register.html', form=form)
def login():
if request.method == 'GET':
return render_template('login.html')
username = request.form['username']
password = request.form['password']
remember_me = False
if 'remember_me' in request.form:
remember_me = True
registered_user = db.session.query(User).filter_by(login=username).first()
if registered_user is None:
flash('Username or Password is invalid' , 'error')
return redirect(url_for('login'))
if not registered_user.check_password(password):
flash('Password is invalid','error')
return redirect(url_for('login'))
login_user(registered_user, remember = remember_me)
flash('Logged in successfully')
return redirect(request.args.get('next') or url_for('upload'))
def register():
if request.method == 'GET':
return render_template('register.html')
elif request.method == 'POST':
first_name = request.form['fname']
last_name = request.form['lname']
name = '%s %s' % (first_name, last_name)
school = request.form['school']
email = request.form['email']
# Check if username exists
existing_user = session.query(User).filter_by(email=email).first()
if existing_user:
return 'User with this email already exists.'
# Check if passwords are the same
pass1 = request.form['pass1']
pass2 = request.form['pass2']
if pass1 == pass2:
(password, salt) = generate_password_hash(pass1)
else:
return 'Passwords do not match.'
new_user = User(name=name, email=email, password=password, salt=salt, school=school)
session.add(new_user)
session.commit()
login_user(new_user)
return redirect(url_for('feed'))
def login():
# If a user is already logged in. is_authenticated is a function
# of the User class in models.py
if g.user.is_authenticated():
return render_template('index.html',
message='A user is already logged in.',
email=g.user.email,
listings=get_listings())
# If the user is sending information (i.e. trying to log in),
# checks the selected email against the users in the database.
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
# queries the database for a user with the email submitted
user = session.query(User).filter(User.email == email).first()
# if the user was in the database and the password matches,
# logs the user in and returns a message.
if user is not None and pwd_context.verify(password, user.password):
login_user(user)
return render_template('index.html',
message='Login was successful.',
email=user.email,
listings=get_listings())
return render_template('index.html',
message='Email or password invalid. Please try again.',
listings=get_listings())
# returns login form if request method was GET
return render_template('login.html')
def index():
form = forms.LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
login_user(form.user)
return redirect(request.args.get('next') or url_for('app.create'))
return render_template('login.html', form=form)
def signup():
form = SignupForm()
form.university.choices = [(u.id,u.name) for u in University.query.all()]
if form.validate_on_submit():
userTest = User.query.filter_by(email=form.email.data).first()
existingPhoneNumberTest = User.query.filter_by(phone=form.phone.data).first()
if existingPhoneNumberTest:
flash("There already exists a user with this phone number.")
return redirect(url_for('.signup'))
if not userTest:
u = University.query.get(form.university.data)
user = User(email=form.email.data,
name=form.name.data,
university=u,
bio=form.bio.data,
password=form.password.data,
user_role = "mentor",
phone=form.phone.data)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('.index'))
else:
flash("This Username is already in use.")
return redirect(url_for('.signup'))
return render_template('mentor/signup.html', form = form)
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate_on_submit():
user = form.get_user()
login_user(user, remember=True)
return redirect(url_for('main'))
return render_template('login.jade', form=form)
def login():
if g.user is not None and g.user.is_authenticated():
print 'LOGIN'
return redirect(url_for('index'))
form = LoginForm(request.form)
if form.validate_on_submit():
remember_me = form.remember_me.data
g.user = User.query.filter_by(
nickname=form.login.data,
password=form.password.data).first()
if g.user != None:
if g.user.is_authenticated():
login_user(g.user, remember=remember_me)
flash(u"Вы вошли как %s" % g.user.nickname)
return redirect(url_for('index'))
else:
flash(u"Неправильный Логин или Пароль! Попробуйте еще раз")
return redirect(url_for('login'))
return render_template('login.html',
title=u'Войти в Систему',
form=form)
def login():
formr = RegisterForm(request.form)
forms = LoginForm(request.form)
error = None
if request.method == 'POST':
if request.form['submit'] == 'login':
if forms.validate_on_submit():
user = User.query.filter_by(username=request.form['username']).first()
print user
if user is not None and bcrypt.check_password_hash(
user.password, request.form['password']
):
login_user(user)
return redirect(url_for('home.personalpage'))
else:
error = 'Invalid username or password.'
elif request.form['submit'] == 'signup':
if formr.validate_on_submit():
user = User(
username=formr.username.data,
password=formr.password.data
)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('home.default'))
return render_template('register.html', formr=formr, form=forms, user=current_user)
def login():
if g.user != None:
if g.user.is_authenticated():
return redirect(url_for('index'))
if request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
rememberme = bool(request.form.get('rememberme', False))
print "Login attempt for %s (rememberme: %s)" % (username, rememberme)
# get user w/ username
user = g.UserManager.get_user(username=username)
# check its password
if user and user.check_password(password):
print "Success!"
user.get_auth_token()
g.UserManager.save_user(user)
login_user(user, remember=rememberme)
return redirect(request.args.get("next") or url_for("index"))
else:
flash("Wrong username / password combination",'error')
return redirect(url_for('login'))
else:
return render_template('login.html')
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user:
if user.verify_password(form.password.data):
login_user(user, remember=form.remember_me.data)
logger.info('Successful login attempt for user %s', user.username)
flash(gettext("Logged in successfully."), 'success')
return redirect(request.args.get("next") or url_for("base.home"))
else:
# Produces a warning like this
# '2015-03-18 17:25:11,859 [WARNING] - Invalid login attempt for user test from IP 127.0.0.1'
#if request.environ.has_key('X-Real-IP')
#remote_address
logger.warning('Invalid password for user %s from IP %s',
form.username.data, request.environ['REMOTE_ADDR'])
flash(gettext("Invalid Login"), 'error')
redirect(url_for('base.login'))
else:
logger.warning('Invalid login attempt for user %s from IP %s',
form.username.data, request.environ['REMOTE_ADDR'])
flash(gettext("Invalid Login"), 'error')
redirect(url_for('base.login'))
return render_template("login.html", form=form)
def login():
form = LoginForm()
pageTitle = "login"
if request.method == 'POST':
if form.validate() is False:
return render_template('users/login.html',
form=form,
pageTitle=pageTitle)
else:
# user = User.get(email=form.email.data.lower().strip())
user = User.get(email=form.email.data.lower().strip())
if user and user.roles.can_login is True:
#add remember_me
user.last_seen = DATE_TIME_NOW
user.save()
login_user(user)
return redirect(request.args.get('next') or
url_for('.profile',
user_id=user.get_id())
)
else:
flash("Please confirm your email address.")
return render_template('users/login.html',
form=form,
pageTitle=pageTitle)
elif request.method == 'GET':
if request.args.get('next'):
session['next'] = (request.args.get('next') or
request.referrer or None)
return render_template('users/login.html',
form=form,
pageTitle=pageTitle)
def sign_up():
""" Sign Up for an account
:return: to order page after authentication
"""
if request.method == "GET":
return render_template("sign_up.html")
username = request.form["username"]
password = request.form["password"]
name = request.form["name"]
street_address = request.form["street_address"]
city = request.form["city"]
state = request.form["state"]
country = request.form["country"]
try:
zip_code = int(request.form["zip_code"])
except:
return render_template("sign_up.html", error="Zip Code must be Integer")
try:
phone_number = int(request.form["number"])
except:
return render_template("sign_up.html", error="Phone Number must be Integer")
if len(str(phone_number)) != 10:
return render_template("sign_up.html", error="Phone Number must be 10 Digits (include area code)")
latitude, longitude = get_coordinates_from_address(street_address, city, state, country)
new_user = User(username, password, name, street_address, city, state, zip_code, country, phone_number,
latitude, longitude)
db.session.add(new_user)
db.session.commit()
login_user(new_user)
return redirect("/order")
def post(self):
form = LoginForm()
if form.validate_on_submit():
user = form._get_user()
login_user(user)
return redirect(url_for('admin.list'))
return render_template('login.html', form=form)
def test_logout_without_current_user(self):
with self.app.test_request_context():
login_user(notch)
del session['user_id']
with listen_to(user_logged_out) as listener:
logout_user()
listener.assert_heard_one(self.app, user=ANY)
def after_login(resp):
if resp.email is None or resp.email == "":
flash('Invalid login. Please try again.')
redirect(url_for('login'))
user = User.query.filter_by(email = resp.email).first()
if user is None:
nickname = resp.nickname
if nickname is None or nickname == "":
nickname = resp.email.split('@')[0]
nickname = User.make_unique_nickname(nickname)
user = User(nickname = nickname, email = resp.email, role = ROLE_USER)
models.session.add(user)
models.session.commit()
models.session.add(user.follow(user))
models.session.commit()
remember_me = False
if 'remember_me' in session:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(user, remember = remember_me)
return redirect(request.args.get('next') or url_for('demo'))
remember_me = False
if 'remember_me' in session:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(user, remember = remember_me)
return redirect(request.args.get('next') or url_for('demo'))
def login_google(token, userinfo, **params):
login_user(users_model.upsert_user(userinfo))
identity = Identity(userinfo['id'])
identity_changed.send(app, identity = identity)
return redirect(url_for('index'))
def oauth_callback(provider):
if not current_user.is_anonymous:
return redirect(url_for('index'))
oauth = OAuthSignIn.get_provider(provider)
social_id, first_name, last_name, email = oauth.callback()
if social_id is None:
flash('Authentication failed.')
return redirect(url_for('index'))
user = User.query.filter_by(email=email).first()
if not user:
user = User(
first_name=first_name,
last_name=last_name,
name=' '.join([first_name, last_name]),
email=email
)
provider_id = ProviderId(id=social_id, user=user)
db.session.add(user)
db.session.add(provider_id)
db.session.commit()
login_user(user, True)
return redirect(url_for('index'))
def login(email=None, password=None):
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
user_to_login = authenticate_login(email, password)
if user_to_login:
login_user(user_to_login)
redirect_url = get_redirect_target()
if 'login' in redirect_url or 'logout' in redirect_url:
return redirect(url_for('index'))
else:
if "city" not in redirect_url:
redirect_url = redirect_url.replace("/request/", "/city/request/")
return redirect(redirect_url)
else:
app.logger.info("\n\nLogin failed (due to incorrect e-mail/password combo) for email: %s." % email)
return render_template('error.html', message = "Your e-mail/ password combo didn't work. You can always <a href='/reset_password'>reset your password</a>.")
app.logger.info("\n\nLogin failed for email: %s." % email)
return render_template('error.html', message="Something went wrong.", user_id = get_user_id())
else:
user_id = get_user_id()
if user_id:
return render_template('generic.html', message = 'You are already logged in. If you wish to log in as another user, first log out by clicking your name in the upper-right corner of this page and clicking Logout.', user_id = user_id)
else:
return render_template('generic.html', message = "If you work for the %s and are trying to log into RecordTrac, please log in by clicking City login in the upper-right corner of this page." % app.config['AGENCY_NAME'])
def oauth_authorized(resp):
next_url = request.args.get('next') or url_for('index')
if resp is None:
flash('You are denied the request to sign in.')
return redirect(next_url)
this_account = Users.query.filter_by(name=resp['screen_name']).first()
if this_account is None:
new_account = Users(name=resp['screen_name'],
oauth_token=resp['oauth_token'],
oauth_secret=resp['oauth_token_secret'])
db.session.add(new_account)
db.session.commit()
this_account = new_account
else:
this_account.name = resp['screen_name']
this_account.oauth_token = resp['oauth_token']
this_account.oauth_secret = resp['oauth_token_secret']
db.session.commit()
login_user(this_account)
return redirect(next_url)
def signin_user_db(user_db):
if not user_db:
return flask.redirect(flask.url_for('signin'))
flask_user_db = FlaskUser(user_db)
auth_params = flask.session.get('auth-params', {
'next': flask.url_for('welcome'),
'remember': False,
})
flask.session.pop('auth-params', None)
if login.login_user(flask_user_db, remember=auth_params['remember']):
user_db.put_async()
return flask.redirect(util.get_next_url(auth_params['next']))
flask.flash(__('Sorry, but you could not sign in.'), category='danger')
return flask.redirect(flask.url_for('signin'))
def post(self):
username = request.form['username']
password = request.form['password']
user = get_user(username, password)
if user is not None:
remember = 'remember-me' in request.form
if login_user(user, remember=remember):
#flash(request.args['next'])
return redirect(request.args['next'])
#return redirect(url_for('index'))
return render_template('signin.html')
def login():
form = AdministratorLoginForm()
if request.method == 'GET':
return render_template('login.html', form=form)
elif request.method == 'POST':
if form.validate_on_submit():
administrator = Administrator.query.filter(
or_(Administrator.email == form.name.data,
Administrator.name == form.name.data)).first()
passed = True
if administrator is None:
flash(u'Account does not exist', 'error')
passed = False
elif not administrator.is_active():
flash(u'Account has been disabled', 'error')
passed = False
elif administrator.check_password(form.password.data):
flash(u'Welcome ' + administrator.name + ', login successful',
'success')
passed = True
else:
flash(u'Password is not correct', 'error')
passed = False
if passed:
login_user(administrator)
if 'next' in request.values:
return redirect(request.values['next'])
else:
return redirect(url_for('bp_admin_administrator.list'))
else:
return render_template('login.html', form=form)
else:
flash(validator.catch_errors(form.errors), 'error')
return render_template('login.html', form=form)
def login_callback():
print("Entering authorized")
if 'code' in request.args:
redirect_uri = url_for('login_callback', _external=True)
data = dict(code=request.args['code'], redirect_uri=redirect_uri)
session = oauth.get_auth_session(data=data)
me = session.get('me').json()
try:
print(
json.dumps(me,
sort_keys=True,
indent=4,
separators=(',', ': ')))
except Exception as error:
print(error)
try:
email = me['email']
user = User.get_from_email(email)
except Exception as error_email:
print('No user found by email: %r' % error_email)
print('Trying with facebook_id...')
try:
facebook_id = me['id']
user = User.get_from_facebook_id(int(facebook_id))
except Exception as error_facebook_id:
print('No user found by facebook_id: %r' % error_facebook_id)
if user:
login_user(user)
print('Logged in as %r' % user)
return redirect(url_for('index'))
else:
print('No user found')
else:
print('User did not authorize the request')
return redirect(url_for('logout'))
def signup():
print 'signup'
print 'request.args', request.args
error = None
signup_form = HackNewsUserForm(request.form)
if request.method == "POST":
print 'poster'
if signup_form.validate_on_submit():
print "was valid"
user = User(signup_form.name.data, signup_form.password.data,
signup_form.email.data)
login_user(user)
flash('Logged in successfully.')
print 'request.args', request.args
print session
print request.args.get('next')
print user, 'user'
print 'signup form attrs', (signup_form.name.data,
signup_form.password.data,
signup_form.email.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('hello_again'))
else:
print error
return render_template("signup.html", signup_form=signup_form, error=error)
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('index'))
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
if not IN_LOCAL:
try:
login_result = try_login(username,password)
if login_result['success'] == True:
return after_login( login_result['result']['userid'],\
login_result['result']['username'],\
login_result['result']['usertype'],
login_result['result']['email'])
else:
error = login_result['info']
flash(error,'danger')
except Exception, e:
flash('Authentication error, plz try later.','danger')
return render_template("auth/login.html")
else:
user = User.query.filter_by(username=username).first()
if user == None:
flash('user do not exists','danger')
return redirect(url_for('auth.login'))
login_user(user)
app.logger.info('user login : '******'Welcome %s' % user.username,'info')
return redirect(request.args.get('next') or url_for('index'))
def register_user():
try:
email = request.form.get('email')
password = request.form.get('password')
lastname = request.form.get('lastname')
firstname = request.form.get('firstname')
date = request.form.get('dob')
if request.form.get('hometown'):
hometown = request.form.get('hometown')
else:
hometown = "Not Listed"
if request.form.get('gender'):
gender = request.form.get('gender')
else:
gender = "Not listed"
except:
print "couldn't find all tokens" #prints to shell, users will not see this(all print statements go to shell)
return flask.redirect(flask.url_for('register'))
cursor = conn.cursor()
test = isEmailUnique(email)
if test:
print(
cursor.execute(
"INSERT INTO USER (GENDER, EMAIL, PASSWORD, DOB, HOMETOWN, FNAME, LNAME) VALUES ('{0}', '{1}', '{2}', '{3}', '{4}', '{5}', '{6}')"
.format(gender, email, password, date, hometown, firstname,
lastname)))
conn.commit()
# log user in
user = User()
user.id = email
flask_login.login_user(user)
return render_template('homepage.html',
name=firstname,
message='Account Created!')
else:
print "User already exists with this email"
return flask.redirect(flask.url_for('register'))
def login(provider=None):
form = LoginForm()
html_form = request.args.get('htmlForm')
if request.method == "POST":
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data,
password=sha512(
form.password.data)).first()
if user:
if user.confirmed:
login_user(user, remember=True)
return redirect(request.referrer)
else:
return errorLogin(html_form=html_form,
status=401,
form=form)
return errorLogin(html_form=html_form, status=400, form=form)
if provider:
if provider == "google":
callback = url_for('session.google_authorized', _external=True)
return google.authorize(callback=callback)
if provider == "twitter":
callback = url_for('session.twitter_authorized',
next=request.referrer or None,
_external=True)
return twitter.authorize(callback=callback)
if provider == "facebook":
callback = url_for('session.facebook_authorized',
next=request.referrer or None,
_external=True)
return facebook.authorize(callback=callback)
return render_template('session/login.html', form=form)
def login_page(provider_name):
response = make_response()
result = authomatic.login(WerkzeugAdapter(request, response),
provider_name)
print result == None
if result:
if result.user:
result.user.update()
#name, id, email
print result.user.email
print 'USER DICT'
print result.user.__dict__
if result.user.email is None or result.user.email == "":
print 'no email'
print result
print result.__dict__
flash('invalid login, please try again')
return redirect('/login')
#check if user in db
user = User.query.filter_by(email=result.user.email).first()
if not user:
# use nickname given in form, else openID nickname
#nickname = userinfo['nickname'] if 'nickname' in session else resp.nickname
# worst case scenario, use email address, cropped at @
#if nickname is None or nickname == "":
nickname = result.user.email.split('@')[0]
nickname = User.make_unique_nickname(nickname)
user = User(nickname=nickname, email=result.user.email)
db.session.add(user)
db.session.commit()
#Login
remember_me = session[
'remember_me'] if 'remember_me' in session else False
login_user(user, remember_me)
return redirect(request.args.get('next') or '/')
return response
def facebook_authorized(resp):
""" Handle facebook callback. Create/update user. """
if resp is None:
return 'Access denied: reason=%s error=%s' % (
request.args['error_reason'], request.args['error_description'])
session['oauth_token'] = (resp['access_token'], '')
fb_user = facebook.get('/me')
# Checking if the user is already registered
user = User.query.filter_by(email=fb_user.data['email']).first()
if user:
# Existing user
is_new = False
else:
# New user
user = User(email=fb_user.data['email'])
is_new = True
# Add/update user data
user.first_name = fb_user.data['first_name']
user.last_name = fb_user.data['last_name']
if is_new:
# Generating password if the user is new
#app.emails.send_backer_account_created(user)
user.password = ''.join(
random.choice(string.ascii_uppercase + string.digits)
for _ in range(10))
db.session.add(user)
db.session.commit()
login.login_user(user)
# TODO: Change the redirect url
return redirect(request.args['next'])
def signup_post():
name=request.form["name"]
email=request.form["email"]
password=request.form["password"]
password_2=request.form["repassword"]
if session.query(User).filter_by(email=email).first():
flash("User with that email address already exists", "danger")
return redirect(url_for("signup_get"))
if not (password and password_2) or password != password_2:
flash("Passwords did not match", "danger")
return redirect(url_for("signup_get"))
user = User(name=name, email=email, password=generate_password_hash(password))
session.add(user)
session.commit()
login_user(user)
mail=Mail(app)
message = Message(subject="A new user named " + user.name + " signed up on AnthonyDevBlog",
body="The new user's email address is " + current_user.email,
sender="*****@*****.**",
recipients=["*****@*****.**"])
mail.send(message)
message = Message(subject="Thanks for signing up to comment on AnthonyDevBlog!",
body="Thanks for signing up to comment on AnthonyDevBlog, " + current_user.name + "! I'm looking forward to your feedback.",
sender="*****@*****.**",
recipients=[current_user.email])
mail.send(message)
flash("Success! You may now login and start commenting", "info")
return redirect(url_for("posts"))
def login_user_request(request):
""" Take a request object and login a user
"""
if request.method == "POST" \
and "username" in request.form \
and "password" in request.form:
username = request.form["username"]
password = request.form["password"]
if not _user_exists(username):
return jsonify(flag=0,
UserLoggedIn=1,
Message="User does not exist")
User = _get_user(username)
try:
authenticated = _authenticate(username, password)
except InvalidUser:
print "Warning: Invalid User: %s" % username
return jsonify(flag=0, UserLoggedIn=1, Message="Invalid User")
if authenticated:
login_user(User, remember=True)
print "Successfully logged in user: %s " % username
print "Current User: "******"Failed to login user: %s" % username
return jsonify(flag=0,
UserLoggedIn=1,
Message="Failed to log in user")
#flash("Invalid username.")
else:
#flash(u"Invalid login.")
return render_template("login.html")
def callback():
if login.current_user is not None and login.current_user.is_authenticated:
return redirect(url_for('admin.index'))
elif 'error' in request.args:
if request.args.get('error') == 'access denied':
return 'You denied access'
return 'Error encountered'
elif 'code' not in request.args and 'state' not in request.args:
return redirect(url_for('admin.login_view'))
else:
google = get_google_auth()
state = google.authorization_url(OAuth.get_auth_uri(), access_type='offline')[1]
google = get_google_auth(state=state)
if 'code' in request.url:
code_url = (((request.url.split('&'))[1]).split('='))[1]
new_code = (code_url.split('%2F'))[0] + '/' + (code_url.split('%2F'))[1]
try:
token = google.fetch_token(OAuth.get_token_uri(), authorization_url=request.url,
code=new_code, client_secret=OAuth.get_client_secret())
except HTTPError:
return 'HTTP Error occurred'
google = get_google_auth(token=token)
resp = google.get(OAuth.get_user_info())
if resp.status_code == 200:
user_data = resp.json()
email = user_data['email']
user = DataGetter.get_user_by_email(email, no_flash=True)
user = create_user_oauth(user, user_data, token=token, method='Google')
if user.password is None:
s = get_serializer()
email = s.dumps(user.email)
return redirect(url_for('admin.create_password_after_oauth_login', email=email))
else:
login.login_user(user)
user_logged_in(user)
return redirect(intended_url())
return 'did not find user info'
def user_login():
if request.method == 'GET':
return render_template('user/login.html')
else:
_login = request.form['login']
_password = request.form['password']
tmp = db.find_one("USERS", "login", _login)
if tmp and tmp["login"] == "admin" and Utils.check_password(
tmp["password"], _password):
login_user(UserModel(tmp))
flash("Hello mr. Super Admin! Have a nice day")
elif tmp:
if tmp["blocked"] == 1:
flash("Permission denied. Your account has been blocked")
return render_template('user/login.html')
else:
if Utils.check_password(tmp["password"], _password):
if tmp["active"] == 1:
login_user(UserModel(tmp))
flash("Welcome " + current_user.login +
". You are logged in!")
else:
_mail_content = "localhost:5000" + url_for(
'userController.user_activate') + '?login='******'&code=' + \
tmp["activation_code"]
send_activation_code(tmp["email"], _mail_content)
flash(
"Check your email for activation link. If you are too lazy or "
"used fake e-mail just use this link: " +
_mail_content)
else:
flash("Incorrect (incomplete) login or password")
return render_template('user/login.html')
else:
flash("Incorrect user login")
return render_template('user/login.html')
return redirect(url_for('index'))
def register():
# prepare registration form
registerForm = models.SignupForm(request.form)
app.logger.info(request.form)
if request.method == 'POST' and registerForm.validate():
email = request.form['email']
username = request.form['username']
# generate password hash
password_hash = flask_bcrypt.generate_password_hash(
request.form['password'])
# prepare User
user = User(username=username, email=email, password=password_hash)
# save new user, but there might be exceptions (uniqueness of email and/or username)
try:
user.save()
if login_user(user, remember="no"):
flash("Logged in!")
return redirect(request.args.get("next") or '/')
else:
flash("unable to log you in")
# got an error, most likely a uniqueness error
except mongoengine.queryset.NotUniqueError:
e = sys.exc_info()
exception, error, obj = e
app.logger.error(e)
app.logger.error(error)
app.logger.error(type(error))
# uniqueness error was raised. tell user (via flash messaging) which error they need to fix.
if str(error).find("email") > -1:
flash("Email submitted is already registered.", "register")
elif str(error).find("username") > -1:
flash("Username is already registered. Pick another.",
"register")
app.logger.error(error)
# prepare registration form
templateData = {'form': registerForm}
return render_template("/auth/register.html", **templateData)
def auth_google(resp):
"""
Callback for Google to send us authentication results.
This is responsible for fetching existing users or creating new ones.
If a new user is created, they get the default role of GUEST and
an email or username to match their details from the OAuth provider.
"""
if not resp and request.args.get('error') == 'access_denied':
flash('You need to grant the app permissions in order to login.',
'error')
return redirect(url_for('login'))
access_token = resp['access_token'] or request.args.get('code')
if access_token:
session['access_token'] = access_token, ''
r = requests.get(app.config['GOOGLE_USERINFO_URI'],
headers={'Authorization': 'OAuth ' + access_token})
if r.ok:
userinfo = json.loads(r.text)
email = userinfo['email']
id = userinfo['id']
db_session = db.get_session()
user = None
try:
user = db_session.query(User).filter_by(google_id=id).one()
except NoResultFound:
user = User(
email=email,
google_id=id,
role=UserRole.GUEST,
)
db_session.add(user)
db_session.commit()
except MultipleResultsFound:
db_session.close()
return 'Multiple users found with your id!!! Contact Administrator'
user.login(db_session)
if login_user(user):
user.detach_from(db_session)
db_session.close()
redirect_to = session.get('next') or url_for('home_index')
return redirect(redirect_to)
flash('Was not allowed to authenticate you with Google.', 'error')
return redirect(url_for('login'))
def signin():
form = user_forms.Login()
if form.validate_on_submit():
user = models.User.query.filter_by(email=form.email.data).first()
# Check the user exists
if user is not None:
# Setup a connection between the client and LDAP server
user_ldap_dn = 'cn=' + user.email.split(
'@', 1)[0] + ',ou=Users,dc=ldap,dc=com'
c = Connection(s, user=user_ldap_dn, password=form.password.data)
# Initialize connection to LDAP server
c.open()
# Start TLS to encrypt credentials
c.start_tls()
# Check the password is correct
if user.check_password(form.password.data) and c.bind():
# unbind user from LDAP server and log them in
c.unbind()
login_user(user)
logger.info('User logged in successfully',
user=current_user.get_id())
# Send back to the home page
flash('Succesfully signed in.', 'positive')
return redirect(url_for('index'))
else:
print(c)
logger.info(
'User login attempt failed failed for user {}'.format(
user.get_id()),
user="******")
flash('The password you have entered is wrong.', 'negative')
return redirect(url_for('userbp.signin'))
else:
flash('Unknown email address.', 'negative')
return redirect(url_for('userbp.signin'))
return render_template('user/signin.html', form=form, title='Sign in')
def register_user():
try:
email = request.form.get('email')
password = request.form.get('password')
except:
print "couldn't find all tokens" #this prints to shell, end users will not see this (all print statements go to shell)
return flask.redirect(flask.url_for('register'))
cursor = conn.cursor()
test = isEmailUnique(email)
if test:
print cursor.execute(
"INSERT INTO Users (email, password) VALUES ('{0}', '{1}')".format(
email, password))
conn.commit()
#log user in
user = User()
user.id = email
flask_login.login_user(user)
return render_template('hello.html',
name=email,
message='Account Created!')
else:
print "couldn't find all tokens"
return flask.redirect(flask.url_for('register'))
def login():
form = LoginForm()
try:
if request.method == 'POST' and form.validate_on_submit():
session['username'] = form.username.data
username = session['username']
F = model.UserRightModel()
user_info = F.get_usr(username)
for users in user_info:
hash_md5 = hashlib.md5(form.password.data)
Password = hash_md5.hexdigest()
if form.username.data == users['name'] and Password == users['passwd']:
user = User()
user.id = users['name']
flask_login.login_user(user)
identity_changed.send(app, identity=Identity(form.username.data))
return redirect(url_for('index', _external=True, _scheme='http'))
return render_template('login.html', form=form)
else:
return render_template('login.html', form=form)
except:
return render_template('login.html', form=form)
def connexion():
form = fu.Connexion()
if form.validate_on_submit():
utilisateur = modeles.Utilisateur.query.filter_by(
email=form.email.data).first()
# On vérifie que l'utilisateur existe
if utilisateur is not None:
# On vérifie ensuite que le mot de passe est correct
if utilisateur.check_password(form.mdp.data):
login_user(utilisateur)
# On renvoit à la page d'accueil
flash('Vous vous êtes connecté avec succès.', 'positive')
return redirect(url_for('index'))
else:
flash('Vous avez rentré un mot de passe invalide.', 'negative')
return redirect(url_for('utilisateurbp.connexion'))
else:
flash(
"Vous avez rentré une adresse email qui n'est pas associée " +
'à un compte.', 'negative')
return redirect(url_for('utilisateurbp.connexion'))
return render_template('utilisateur/connexion.html',
form=form,
titre='Connexion')
def register():
"""
Register a new user.
Redirects to Login Page after register.
"""
form = RegisterForm(request.form)
if request.method == 'GET':
return render_template('forms/register.html', form=form)
print "form.validate in register", form.validate()
if form.validate():
user = User(request.form['name'], request.form['password'],
request.form['email'], request.form['institution'])
try:
db.session.add(user)
db.session.commit()
flash('User successfully registered')
# As per shon, directly route him to homepage, not to Login again.
# Hence setting up the session variable.
user.authenticated = True
login_user(user, remember=True)
session['username'] = request.form['name']
return redirect(
url_for('.user_with_no_jobs', username=request.form['name']))
except sqlalchemy.exc.IntegrityError as e:
db.session.rollback()
# Log this properly and remove the print statement.
print " The error is ", e
flash('User is already registered.\
Please use "Forgot password" if needed')
return redirect(url_for('.register'))
flash("Please provide the proper input values")
return render_template('forms/register.html', form=form)
def login():
# Ensure the current user's not authenticated and redirect appropriately if so
if current_user is not None and current_user.is_authenticated():
role = current_user.get_role()
if role == 'admin':
return redirect(url_for('admin_cp'))
elif role == 'instructor':
return redirect(url_for('instructor_cp'))
elif role == 'ta':
return redirect(url_for('ta_cp'))
elif role == 'student':
return redirect(url_for('student_cp'))
else:
return "Everybody's special."
# Validate credentials
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
hashed_pwd = User.get(username)
if hashed_pwd and check_login(username, password):
user = User(username)
login_user(user)
if user.get_role() == 'admin':
return redirect(url_for('admin_cp'))
elif user.get_role() == 'student':
return redirect(url_for('student_cp'))
elif user.get_role() == 'ta':
return redirect(url_for('ta_cp'))
elif user.get_role() == 'instructor':
return redirect(url_for('instructor_cp'))
else:
return redirect(url_for('hello_world'))
else:
return redirect(url_for('login'))
return render_template('login.html')
def register():
if not app.config.get('PUBLIC_REGISTER',
False) and not current_user.is_super:
abort(401)
form = RegisterForm(request.form, csrf_enabled=False)
if request.method == 'POST' and form.validate():
api_key = str(uuid.uuid4())
account = models.Account(id=form.w.data,
email=form.n.data,
profession=form.profession.data,
confirm_public=form.confirm_public.data,
confirm_terms=form.confirm_terms.data,
mailing_list=form.mailing_list.data,
api_key=api_key)
account.set_password(form.s.data)
account.save()
time.sleep(1)
user = models.Account.pull(account.id)
login_user(user, remember=True)
flash('Welcome to your account', 'success')
return redirect('/account/' + account.id)
if request.method == 'POST' and not form.validate():
flash('Please correct the errors', 'danger')
return render_template('index.html', form=form)
def login():
flask_login.current_user
error=""
form = loginform.LoginForm(request.form)
if flask_login.current_user.is_authenticated:
return redirect(url_for('dashboardView.dashboard'))
if form.validate():
user = models.User.query.filter_by(uname=form.username.data).first()
if user and user.password == form.password.data:
if flask_login.login_user(user,remember=form.remember_me.data):
return redirect(url_for('dashboardView.dashboard'))
error = "Login Failed"
return render_template('login.html', form=form, error=error)
def login():
form = UsernamePasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if not user:
return render_template('login.html',
form=form,
fail_message='no user by that depiction')
if user.is_correct_password(form.password.data):
login_user(user)
next = request.args.get('next')
if not is_safe_url(next):
return abort(400)
return redirect(next or url_for('index'))
else:
return render_template('login.html',
form=form,
fail_message='incorrect password')
return render_template('login.html', form=form)
def signin():
form = user_forms.Login()
if form.validate_on_submit():
user = models.User.query.filter_by(email=form.email.data).first()
# Check the user exists
if user is not None:
# Check the password is correct
if user.check_password(form.password.data):
# Check if email is confirmed
if user.confirmation == True:
login_user(user)
# Send back to the home page
flash('Succesfully signed in.', 'positive')
return redirect(url_for('userbp.account'))
else:
flash('Confirm your email address first.', 'negative')
return redirect(url_for('userbp.signin'))
else:
flash('The password you have entered is wrong.', 'negative')
return redirect(url_for('userbp.signin'))
else:
flash('Unknown email address.', 'negative')
return redirect(url_for('userbp.signin'))
return render_template('user/signin.html', form=form, title='Sign in')
def login():
# GET request. return login page
if request.method == 'GET':
return render_template('login.html', action=url_for('.login'))
# POST request. attempt to login
# must validate LoginForm and CAS server
form = LoginForm()
if form.validate_on_submit() and cas.validate_user(form.username.data,
form.password.data):
# get User object if exists
user = User.query.filter_by(username=form.username.data).first()
if user:
# login user
login_user(user)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
return redirect(url_for('driver_portal.index'))
return render_template('login.html', action=url_for('.login')), 400
def login():
"""User login."""
form = LoginForm(request.form)
# is user authenticated go straight to default template
if g.user.is_authenticated:
return redirect(url_for('index'), code=302)
if request.method == 'POST' and form.validate():
email = request.form['email']
password = request.form['password']
registered_user = User.query.filter_by(email=email).first()
if registered_user is None or not registered_user.verify_password(
password):
msg = 'Email or Password is invalid'
logger.info('{0} email: {1}'.format(msg, email))
flash(msg, 'warning')
return redirect(url_for('auth.login'))
if not registered_user.confirmed:
logger.info(
'unconfirmed user login attempt. email: {0}'.format(email))
return redirect(url_for('auth.unconfirmed'))
login_user(registered_user)
logger.info('user login. user: {0}'.format(current_user))
return redirect(url_for('index'), code=302)
return render_template('login.html', form=form)
def login():
"""
Generates and handles the login for the user
"""
form = LoginForm()
if form.validate_on_submit():
try:
user = Users.get({"email":form.email.data})
if not user.active.value:
flash('Contul tau a expirat! Te rugam contacteaza-ne!', category='alert-danger')
return redirect(request.referrer)
if user.verify_password(form.password.data):
login_user(user,form.remember_me.data)
user.ping()
return redirect('/')
else:
raise Exception('Not authorised',form.email.data)
except Exception as err:
print err
flash('Parola sau adresa de email este invalida!', category='alert-danger')
return render_template('users/login.html', pagetitle='Login',form=form,login=True, current_user=current_user)
