def login():
# Get the access_token
print("ABOUT TO PREPARE THE TOKEN REQUIRED")
url, headers, body = Clientsecurity.prepare_token_request(
"https://github.com/login/oauth/access_token",
authorization_response=request.url)
print("REACHED TOKEN RESPONSE")
token_response = requests.post(url,
headers=headers,
data=body,
auth=(client_id, client_secret))
# Now to get the users data
print("Reached parsing into Client security")
Clientsecurity.parse_request_body_response(token_response.text)
url, headers, body = Clientsecurity.add_token(
"https://api.github.com/user")
print("Reached user_response")
user_response = requests.get(url, headers=headers, data=body)
the_user_name = user_response.json()['login']
print("Attempting to login user")
login_user(User(the_user_name))
print("Reached return")
return redirect("/")
def register():
"""
User register view.
:return: HTTP Response
"""
if request.method == 'GET':
return render_template('register-page.html')
else:
required_inputs = [
'username', 'email', 'password1', 'password2',
'terms_and_conditions'
]
form_inputs = ['bio', 'country', 'city', 'school']
for inp in required_inputs:
if inp not in request.form:
return redirect(url_for('core.home'))
if is_mail(request.form['email']) is None or \
request.form['password1'] != request.form['password2'] or \
not password_validation(request.form['password1']):
return redirect(url_for('core.home'))
user = Users(username=request.form['username'],
email=request.form['email'])
for inp in form_inputs:
if inp in request.form:
user.__setattr__(inp, request.form[inp])
user.save()
user.set_password(request.form['password1'])
login_user(user)
return redirect(url_for('core.home'))
def login():
# provder (github) sends the authorization code back
code = request.args.get('code')
client = WebApplicationClient(
client_id=os.getenv("GIT_CLIENT_ID"),
client_secret=os.getenv("GIT_CLIENT_SECRET"),
code=code)
# client then sends he authorization code back to the providers token URL to exchange for token
url, headers, body = client.prepare_token_request(
'https://github.com/login/oauth/access_token',
client_secret=os.getenv("GIT_CLIENT_SECRET"),
code=code)
# parse the JSON response body post token validation, receives an access token or key
token_response = requests.post(url,
headers=headers,
data=body,
auth=(os.getenv("GIT_CLIENT_ID"),
os.getenv("GIT_CLIENT_SECRET")))
# parse the token from the response
token = client.parse_request_body_response(token_response.text)
# save the token
session['oauth_token'] = token
# get user id details by passing above git token
github = OAuth2Session(os.getenv("GIT_CLIENT_ID"),
token=session['oauth_token'])
# can see my details in response 200
userinfo_response = jsonify(
github.get('https://api.github.com/user').json())
# prints out logged in user, TheLegendaryPan in this case!
user_id = userinfo_response.json['login']
user = User(user_id)
login_user(user)
return redirect(url_for('getAll'))
def login():
try:
if current_user.is_authenticated:
flash('Đã xác thực.')
return redirect(
url_for('auth.truy_xuat_gia_chu',
username=current_user.username))
form = LoginForm()
if form.validate_on_submit():
username = UserDb.query.filter_by(
username=form.username.data.title()).first()
if username is None or not username.check_password(
form.birthday.data):
flash(
'Họ tên chưa đăng ký hoặc nhập sai ngày tháng năm sinh !')
return redirect(url_for('auth.login'))
else:
login_user(username)
return redirect(
url_for('auth.truy_xuat_gia_chu',
username=current_user.username))
except Exception as error:
return render_template('errors/500.html', error=error)
huongdan = huong_dan()
return render_template('auth/login.html', form=form, HUONGDAN=huongdan)
def login():
def check_login(form):
session = create_session()
if not session.query(Users).filter(
Users.email == form.email.data).first():
return 'Нет такого email'
else:
return 'Неправильный пароль'
if current_user.is_authenticated:
return redirect('/')
form = LoginForm()
form.hidden_tag()
if form.validate_on_submit():
session = create_session()
user = session.query(Users).filter(
Users.email == form.email.data).first()
if user and check_password(user.password, form.password.data):
login_user(user, remember=form.remember_me.data)
return redirect('/')
return render_template('login_form.html',
form=form,
message=check_login(form))
return render_template('login_form.html', form=form)
def signup_page():
if request.method == 'POST':
nameSurname = request.form['inputNameSurname']
username = request.form['inputUsername']
email = request.form['inputEmail']
password = request.form['inputPassword']
hashed = pwd_context.encrypt(password)
with dbapi2.connect(app.config['dsn']) as connection:
cursor = connection.cursor()
query = """INSERT INTO USERS (NAME, USERNAME, MAIL, PASSWORD)
VALUES ('%s', '%s', '%s', '%s')""" % (nameSurname, username, email,
hashed)
cursor.execute(query)
user = User(nameSurname, username, email, hashed)
connection.commit()
with dbapi2.connect(app.config['dsn']) as connection:
cursor = connection.cursor()
query = """INSERT INTO INFO (USERNAME, SURNAME, AGE, COUNTRY,CITY,GENDER)
VALUES ('%s','%s', '%s', '%s', '%s', '%s')""" % (
username, '........', '........', '........', '........',
'........')
cursor.execute(query)
connection.commit()
login_user(user)
return redirect(url_for('site.main_page'))
else:
return render_template('signup.html')
return render_template('signup.html')
def api_login():
id = request.values.get('id') if "id" in request.form else None
pw = request.values.get('pw') if "pw" in request.form else None
logger.info("id : "+id)
cursor = db.get_conn().cursor() # cursor 객체를 얻는다.
cursor.callproc('get_user_by_id', (id,)) #argument 1개일 때도 ,하나 붙여줘야 제대로 인식함.
r = cursor.fetchall()
cursor.close()
logger.info( "login user info : " + str(r))
if r:
#id 존재
logger.info("pw 체크) DB에 있는 hashedpw: %s, 입력한pw:%s, check_password_hash():%s" % (r[0][4], pw, check_password_hash(str(r[0][4]), pw)))
#if r[0][4] == pw:
if check_password_hash(r[0][4], pw):
# 아이디와 비밀번호가 일치하면 로그인 처리
# 직접 정의한 'User'클래스의 객체를 인자로 넘겨준다.
login_user(User(id, name=r[0][2], auth=True))
flash("로그인 되었습니다.")
return redirect(url_for('main_view.index'))
else:
flash("아이디 또는 비밀번호를 확인하세요.")
return redirect(url_for('auth_view.login'))
else:
flash("아이디 또는 비밀번호를 확인하세요.")
return redirect(url_for('auth_view.login'))
def after_login(resp):
if resp.email is None or resp.email == "":
flash("Invalid login. Please try again.")
return redirect(url_for('login'))
user = User.query.filter_by(email=res.email).first()
if user is None:
nickname = resp.nickname
if nickname is None or nickname == "":
nickname = resp.email.split('@')[0]
user = User(nickname=nickname, email=resp.email)
db.session.add(user)
db.session.commit()
remember_me = False
if 'remember_me' in sesssion:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(user, remember=remember_me)
return redirect(request.args.get('next') or url_for('index'))
def signup_page():
if request.method == 'POST':
nameSurname=request.form['inputNameSurname']
username=request.form['inputUsername']
email=request.form['inputEmail']
password=request.form['inputPassword']
hashed = pwd_context.encrypt(password)
with dbapi2.connect(app.config['dsn']) as connection:
cursor = connection.cursor()
query = """INSERT INTO USERS (NAME, USERNAME, MAIL, PASSWORD)
VALUES ('%s', '%s', '%s', '%s')""" %(nameSurname,username,email,hashed)
cursor.execute(query)
user = User(nameSurname, username,email,hashed)
connection.commit()
with dbapi2.connect(app.config['dsn']) as connection:
cursor = connection.cursor()
query = """INSERT INTO INFO (USERNAME, SURNAME, AGE, COUNTRY,CITY,GENDER)
VALUES ('%s','%s', '%s', '%s', '%s', '%s')""" %(username,'........','........','........','........','........')
cursor.execute(query)
connection.commit()
login_user(user)
return redirect(url_for('site.main_page'))
else:
return render_template('signup.html')
return render_template('signup.html')
def login_screen():
if current_user.is_authenticated:
return redirect(url_for('upload.main_screen'))
form = LoginForm()
if form.validate_on_submit():
username = request.form.get('username')
password = request.form.get('password')
try:
user = User.query.filter_by(username=username).first()
except OperationalError as err:
current_app.logger.error("Could not connect to Database: %s", err)
return redirect(url_for('auth.login_screen'))
if user is None or not user.check_password(password):
current_app.logger.info("login failed for user: %s", username)
flash('Invalid username or password')
return redirect(url_for('auth.login_screen'))
try:
login_user(user)
except Exception as err:
current_app.logger.info("Login failed for user %s", username)
current_app.logger.info(err)
return redirect(url_for('auth.login_screen'))
current_app.logger.info("Succesfull login for user %s", username)
return redirect(url_for('upload.main_screen'))
return render_template('login.html', form=form)
def login_action():
email = request.values["email"] if "email" in request.form else ""
pw = request.values["pwd"] if "pwd" in request.form else ""
notice_no = request.values[
"notice_no"] if "notice_no" in request.values else ''
rmb = request.values["rmb"] if "rmb" in request.form else ""
print "rmb:" + str(rmb)
cursor = dao.get_conn().cursor()
cursor.execute("select * from recruit_user where user_email like '%s'" %
(email))
result = cursor.fetchone()
cursor.close()
logger.info("login_action, check email : " + str(result))
try:
if result:
if check_password_hash(result[3], pw):
login_user(
User(email,
name=result[2].decode('utf-8'),
auth=True,
no=result[0]))
if notice_no != '':
return redirect(
url_for('notice_view.notice_post', p_no=notice_no))
else:
response = make_response(
redirect(url_for("main_view.index")))
if rmb == 'on':
from aes_cipher import encrypt
expire_date = datetime.now() + timedelta(days=90)
enc_email = encrypt(current_app.config['SECRET_KEY'],
email)
response.set_cookie('rmber',
value=enc_email,
expires=expire_date)
else:
response.set_cookie('rmber', expires=0)
flash("로그인 되었습니다.")
return response
else:
flash("아이디 또는 비밀번호가 일치하지 않습니다.")
return redirect(url_for("auth_view.login_form"))
else:
flash("아이디 또는 비밀번호가 일치하지 않습니다.")
return redirect(url_for("auth_view.login_form"))
except Exception as e:
logger.info(str(e))
raise e
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember=True)
next_page = request.args.get("next")
return redirect(next_page if next_page else url_for("main.homepage"))
return render_template("login.html", form=form, action="/login")
def login():
form = LoginForm()
if form.validate_on_submit():
# user = User.query.filter_by(email=form.email.data).first()
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
return redirect(request.args.get('next') or url_for('main.index'))
flash('Invalid username or password')
return render_template('login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
db_sess = db_session.create_session()
user = db_sess.query(User).filter(User.nickname == form.username.data).first()
if user and user.check_password(form.password.data):
login_user(user, remember=True)
return redirect('/')
return render_template('login.html', message="Неправильный логин или пароль",
form=form)
return render_template('login.html', form=form)
def loginPage():
if request.method == 'POST':
account = request.form['account']
password = request.form['password']
account = db.Users.query.filter_by(account=account).first()
if password is not None:
if models.Users.check_password(account,
password) and account is not None:
login_user(account)
return redirect('/')
return render_template('login.html', db=db)
def login_reset(token):
if request.method == 'GET':
return render_template('login.html')
user, verify = is_admin(app, db, request.form, token_reset=token)
if verify:
login_user(user)
nextTarget = get_redirect_target()
flash('You are logged in as an administrator', 'success')
return redirect(nextTarget or url_for('index'))
else:
flash('Authentication failure.', 'error')
return redirect(url_for('index'))
def login():
form = LoginForm()
if form.validate_on_submit():
for token in Token.query.all():
if form.token.data == token.token:
if token.expired:
flash('This token has expired.', 'error')
return redirect(url_for('index'))
login_user(token)
flash('Logged in.', 'success')
return redirect(session.pop('next', url_for('index')))
flash('Incorrect token.', 'error')
return render_template('login.html', form=form)
def login():
"""
Login user view. User token saved into sessions.
:return: HTTP Response
"""
email = request.form.get('email', '-')
password = request.form.get('password', '-')
user = Users.get(email=email)[0]
if user is not None and user.check_password(password):
login_user(user)
return redirect(request.referrer)
def login():
try:
username = request.form["username"]
password = request.form["password"]
except BadRequestKeyError:
return Response(status=400)
if username and password:
user = verify_user_by_email(username, password)
if user:
if user.password == password:
login_user(user, remember=True)
return redirect(url_for("main_menu.main_menu"))
def login():
form = LoginForm()
if form.validate_on_submit():
user = User().get_user(email=form.email.data)
# 如果用户存在并验证通过
if user is not None and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
if not user.confirmed: # 如果用户未验证
return redirect(url_for('auth.unconfirmed'))
return redirect(request.args.get('next') or url_for('main.index'))
# 用户不存在或验证未通过
flash("用户名或密码错误")
return redirect(url_for('auth.login'))
return render_template('auth/login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for("main.index"))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash("Invalid username or password")
return redirect(url_for("auth.login"))
login_user(user, remember=form.remember_me.data)
next_page = request.args.get("next")
if not next_page or url_parse(next_page).netloc != "":
next_page = url_for("member.index")
return redirect(next_page)
return render_template("auth/login.html", title="Sign In", form=form)
def login():
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
user = User.from_form(form)
if user:
login_user(user)
session['user_id'] = user.id
if user.is_authenticated:
flash('Welcome back, {uname}!'.format(uname=user.name))
return redirect(url_for('log_view'))
flash('Please change your password!')
return redirect(url_for('change_password'))
flash('Invalid login')
return render_template('login.html', title='Log In', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email = form.email.data).first()
if user.check_password(form.password.data) and user is not None:
login_user(user)
flash('Log In Success')
next = request.args.get('next')
print(current_user.username)
# if next == None or not next[0] == '/0':
# next = url_for('account')
return redirect(url_for('account'))
return render_template('login.html',form= form)
def authenticate():
"""Returns user_id, host_id if exists"""
login, pwd = _get_creds(request)
if login is None or pwd is None:
return jsonify({'message': "login and password should be provided"}), HTTP_400_BAD_REQUEST
if 'user_id' in session:
logout()
user = User(login=str(login), pwd=str(pwd))
result = user.fetch()
if result == None:
return jsonify(WRONG_CREDS)
login_user(user, remember=True)
host_uid = user.get_host_as_owner().get(DB_UID)
session['host_id'] = user.workplace_uid
return jsonify({'code': 0, 'user_id': user.uid, 'host_id': host_uid})
def login():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password,
form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(
url_for('home'))
else:
flash('Login Unsuccessfull. Please username and password',
'danger')
return render_template('login.html', title='Login', form=form)
def confirm(token):
content = Crypto().decrypt(token)
print(content)
email = content['email']
user = User().get_user(email=email)
login_user(user)
if user is not None and user.confirm(user):
flash('已经完成了邮箱确认')
login_user(user)
return redirect(url_for('main.index'))
else:
try:
logout_user()
finally:
flash('邮箱确认错误或已经超过期限')
return redirect(url_for('main.index'))
def login():
if current_user.is_authenticated:
return redirect_back(".admin")
form = AdminLoginForm()
if form.validate_on_submit():
name = form.name.data
password = form.password.data
user = User.query.filter_by(name=name).first()
if user is None or not user.validate_password(password):
flash("Invalid username or email!")
return redirect_back(".login")
login_user(user)
current_app.logger.info(f"User {name} logged in")
return redirect_back(".admin")
return render_template("admin/admin_login.html", form=form)
def login():
title = 'Login'
form = Login()
if request.method == 'GET':
return render_template('auth/login.html', title=title, form=form)
email = request.form.get('email')
password = request.form.get('password')
user = Users.query.filter_by(email=email).first()
if not user or not check_password_hash(user.password, password):
flash('Check your login details and try again !!')
return redirect(url_for('auth.login'))
login_user(user)
session['username'] = current_user.username
return redirect(url_for('home.home'))
def login():
logger = app.config['LOGGER']
if current_user.is_authenticated:
return redirect(url_for('home.index'))
form = LoginForm()
if form.validate_on_submit():
user = UserModel.query.filter(
or_(UserModel.username == form.login.data,
UserModel.email == form.login.data)).first()
if not user or not bcrypt.check_password_hash(user.password,
form.password.data):
logger.debug('Invalid username or password')
flash('Login ou senha inválido.', 'danger')
elif not login_user(user, remember=form.remember_me.data):
logger.debug('Unable to login')
flash('Não foi possível realizar o login.', 'warning')
elif request.args.get('next') and URLUtils.is_safe_url(
request, request.args.get('next')):
logger.debug('Redirecting to: %s', request.args.get('next'))
return redirect(request.args.get('next'))
else:
logger.debug('Login success')
return redirect(url_for('home.index'))
return render_template('accounts/login.html', form=form)
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
user = User.query.filter_by(username=form.username.data,
password=form.password.data).first()
if not user:
return render_template(
"auth/loginform.html",
form=form,
error="virheellinen käyttäjätunnus tai salasana.")
login_user(user)
return redirect(url_for("home"))
def oauth_callback(provider):
if not current_user.is_anonymous:
return redirect(url_for('index'))
oauth = OAuthSignIn.get_provider(provider)
social_id, username, email = oauth.callback()
if social_id is None:
flash('Authentication failed.')
return redirect(url_for('index'))
user = User.query.filter_by(social_id=social_id).first()
if not user:
user = User(social_id=social_id, nickname=username, email=email)
db.session.add(user)
db.session.commit()
login_user(user, True)
return redirect(url_for('index'))
def post(self, session=None):
""" Login with username and password """
data = request.json
user_name = data.get('username')
password = data.get('password')
if data:
user = session.query(User).filter(User.name == user_name.lower()).first()
if user:
if user_name == 'flexget' and not user.password:
raise Unauthorized('If this is your first time running the WebUI you need to set a password via'
' the command line by running `flexget web passwd <new_password>`')
if user.password and check_password_hash(user.password, password):
args = login_parser.parse_args()
login_user(user, remember=args['remember'])
return success_response('user logged in')
raise Unauthorized('Invalid username or password')
def home_page():
if request.method == 'POST':
email=request.form['inputEmail']
password=request.form['inputPassword']
hashed = pwd_context.encrypt(password)
with dbapi2.connect(app.config['dsn']) as connection:
cursor = connection.cursor()
query = """SELECT USERNAME FROM USERS WHERE MAIL = %s"""
cursor.execute(query, [email])
data = cursor.fetchall()
connection.commit()
user = get_user(data[0][0])
if user is not None:
if pwd_context.verify(password, user.password):
login_user(user)
next_page = request.args.get('next', url_for('site.main_page'))
return redirect(next_page)
else:
return render_template('homepage.html')
