Example #1
0
def homepage():
    if current_user.is_authenticated:  # If user is already logged in, take them immediately to their dashboard.
        flash('You are already signed in!',
              'primary')  # Displays message to user.
        return redirect(url_for('dashboard_bp.dashboard'))

    login_form = LoginForm()  # Initialise login form.

    if login_form.validate_on_submit():  # If the login form is valid, then...

        # Search for an account in both the patient and psychiatrist tables, within our SQL database.

        patient_account_check = Patient.query.filter_by(
            email=login_form.email.data).first()
        psych_account_check = Psychiatrist.query.filter_by(
            email=login_form.email.data).first()

        # If there is a patient account, and the two hashed passwords match, then execute the following code:

        if patient_account_check and check_password_hash(
                patient_account_check.hashed_password,
                login_form.password.data):

            login_user(patient_account_check,
                       remember=login_form.remember.data)
            flash('Signed in successfully!',
                  'success')  # Displays message to user.
            return redirect(url_for('mood_tracker_bp.user_greeting'))

            # Next iteration of sprint, we need to redirect the patient to a greetings page, where they fill out mood.

        # Else if there is a psychiatrist account, and the two hashed passwords match, then execute the following code:

        elif psych_account_check and check_password_hash(
                psych_account_check.hashed_password, login_form.password.data):

            login_user(psych_account_check, remember=login_form.remember.data)
            flash('Signed in successfully!',
                  'success')  # Displays message to user.
            return redirect(url_for('dashboard_bp.dashboard'))

        else:
            flash('Please check your login details and try again.',
                  'warning')  # Flashes a warning on screen.
            return redirect(url_for('main_bp.homepage'))

    return render_template('main/homepage.html',
                           title='Homepage ~ MiWell',
                           login_form=login_form)
Example #2
0
 def test_check_hash(self):
     pw_hash = self.argon2.generate_password_hash('secret')
     self.assertTrue(self.argon2.check_password_hash(pw_hash, 'secret'))
     pw_hash = self.argon2.generate_password_hash(u'\u2603')
     self.assertTrue(self.argon2.check_password_hash(pw_hash, u'\u2603'))
     pw_hash = generate_password_hash('hunter2')
     self.assertTrue(check_password_hash(pw_hash, 'hunter2'))
Example #3
0
 def test_check_hash(self):
     pw_hash = self.argon2.generate_password_hash('secret')
     self.assertTrue(self.argon2.check_password_hash(pw_hash, 'secret'))
     pw_hash = self.argon2.generate_password_hash(u'\u2603')
     self.assertTrue(self.argon2.check_password_hash(pw_hash, u'\u2603'))
     pw_hash = generate_password_hash('hunter2')
     self.assertTrue(check_password_hash(pw_hash, 'hunter2'))
Example #4
0
def login():
    form = forms.LoginForm()
    if form.validate_on_submit():
        try:
            user = models.User.get(models.User.email == form.email.data)
        except models.DoesNotExist:
            flash("Your email or password doesn't match!", "error")
        else:
            if check_password_hash(user.password, form.password.data):
                g.user = user
                login_user(user)
                flash("You've been logged in!", "success")
                return redirect(url_for('my_todos'))
            else:
                flash("Your email or password doesn't match!", "error")
    return render_template('login.html', form=form)
Example #5
0
def login():
    json_user = request.get_json()
    user_id = json_user['userId']
    password = json_user['password']

    user = Users.query.get(user_id)
    if user:
        if flask_argon2.check_password_hash(user.password, user.salt.decode("utf-8") + password):
            token = secrets.token_hex(16)
            token_db = AccessTokens(token=token, expiry = (datetime.now() + timedelta(days=2)))
            db.session.add(token_db)
            db.session.commit()
            json_token = json.dumps({'token': token})
            return json_token, 200
        else:
            return "incorrect login details", 401
    else:
        return "User does not exist", 400
Example #6
0
 def validate_password(self, validate_password):
     # We don't want people accessing a logged in and making unauthorised changes to their account.
     # If hashed password from database does not match, raise validation error.
     if not check_password_hash(current_user.hashed_password,
                                self.validate_password):
         raise ValidationError('Please enter the correct password.')
Example #7
0
 def test_unicode_hash(self):
     password = u'東京'
     pw_hash = generate_password_hash(password)
     self.assertTrue(check_password_hash(pw_hash, password))
Example #8
0
 def test_unicode_hash(self):
     password = u'東京'
     pw_hash = generate_password_hash(password)
     self.assertTrue(check_password_hash(pw_hash, password))