def login(): if g.is_authenticated: flash('Please logout first', category='warning') return redirect(url_for('site')) form = LoginForm() if form.validate_on_submit(): # see if user exists user = g.db.users.find_one({'username': form.username.data}) if user: if check_password_hash(user.get('password'), form.password.data): # inject session data session['username'] = form.username.data session['is_authenticated'] = True if user.get('is_admin'): session['is_admin'] = True msg = "Welcome {}!".format(form.username.data) flash(msg, category="success") return redirect(url_for('site', next=request.url)) flash("Incorrect username or password", category="danger") return render_template('login.html', form=form)
def login(): form = LoginForm() user_name = form.user_name password = form.password self = render_template('login.html', title='Авторизация', form=form) if request.method == 'GET': return self elif request.method == 'POST': if not (request.form.get('user_name') and request.form.get('password')): return self # make error введите данные else: user_model = UserModel(db.get_connection()) exists = user_model.exists(user_name, password) if exists[0]: session['user_name'] = user_name session['user_id'] = exists[1] return redirect("/news") else: return self
def login(): try: if session["username"]: return redirect(url_for("home")) except KeyError: form = LoginForm() if form.validate_on_submit(): # Session timeout session.permanent = True #MySQL Integration cur = mysql.connection.cursor() result = cur.execute("SELECT * FROM users WHERE username = %s OR email = %s", (form.username.data, form.username.data)) if result > 0: data = cur.fetchone() password = data["password"] if sha256_crypt.verify(form.password.data, password): session['logged_in'] = True # Get user information session['username'] = data["username"] session['user_id'] = data["id"] session['avatar_link'] = data["avatar_link"] session['conversation_id'] = 0 # Set room id session['room'] = str(uuid.uuid4()) + '-' + form.username.data flash("Welcome @" + form.username.data + "!", msg_type_to_color["success"]) cur.execute("INSERT INTO user_logs (user_id,ip) VALUES (%s, %s)", [session['user_id'], request.remote_addr]) mysql.connection.commit() cur.close() return redirect(url_for("home")) else: cur.close() flash("Invalid login!", msg_type_to_color["error"]) else: cur.close() flash("Username or email not found!", msg_type_to_color["error"]) return render_template("login.html", form=form, title="Login")
def login(): """Login an existing user.""" user_id = session.get("user_id") if user_id: user = User.query.get(user_id) return redirect(f"/users/{user.username}") form = LoginForm() if form.validate_on_submit(): username = form.username.data password = form.password.data user = User.authenticate(username, password) if user: session['user_id'] = user.id return redirect(f'/users/{user.username}') else: flash("Invalid username or password!") return render_template('login.html', form=form) return render_template('login.html', form=form)
def login(): form = LoginForm() if request.method == 'POST': if form.validate_on_submit(): username = form.username.data password = form.password.data user = db.session.query(UserProfile).filter_by( user_name=username).first() if user is not None and user.check_password(password): login_user(user) er = None msg = "User successfully logged in." return jsonify(errors=er, message=msg, id=user.id) else: er = True msg = 'Invalid username or password' return jsonify(errors=[msg], message=msg) else: return jsonify(errors=form_errors(form)), 400 else: abort(405)
def login(): form = LoginForm(csrf_enabled=False) if request.method == 'POST': if form.validate_on_submit(): email = form.email.data password = form.password.data try: result = User.query.filter_by(Password=password).first() if result is None: flash('Invalid login credentials') return render_template('login.html', form=form) else: login_user(result) session['logged_in'] = True flash('You were logged in', 'success') return redirect(url_for('home')) except Exception as e: return str(e) else: return render_template('login.html', form=form) else: return render_template('login.html', form=form)
def login(): # 检测是是否用户是已经经过登录认证的 # 全局变量g是Flask设置的,在一个request生命周期中,用来存储和共享数据的变量。 # 所以我猜你已经想到了,我们将把已经登录的用户放到g变量里。 if g.user is not None and g.user.is_authenticated(): # 我们有很好的理由让Flask为你构造url # http://flask.pocoo.org/docs/quickstart/#url-building return redirect(url_for(index)) form = LoginForm() if form.validate_on_submit(): # 一旦数据被保存到session中,它将在同一客户端发起的这次请求和这次以后的 # 请求中永存而不会消亡。数据将保持在session中直到被明确的移除。为了做到 # 这些,Flask为每个客户端建立各自的session。 session["remember_me"] = form.remember_me.data # oid.try_login是通过Flask-OpenID来执行用户认证 # Flask-OpenID will call a function that is registered with the # oid.after_login decorator if the authentication is successful. If the # authentication fails the user will be taken back to the login page. return oid.try_login(form.openid.data, ask_for=["nickname", "email"]) return render_template("login.html", title="Sigin In", form=form, providers=app.config["OPENID_PROVIDERS"])
def login(): form = LoginForm() if form.validate_on_submit(): records=db.reg_details.find( { "$and": [ {"email":form.email.data},{"password":form.password.data} ] } ) if(records.count()==1): flash('You have been logged in!', 'success') posts.clear() temp=dict() temp2=dict() temp.clear() temp2.clear() temp['type']='Transactions Created' temp2['type']='Transactions Owned' for record in records: temp['ids']=record['transactions_created'] temp2['ids']=record['transactions_owned'] posts.append(temp) print(posts) posts.append(temp2) print(posts) return redirect(url_for('dashboard')) else: flash('Login Unsuccessful. Please check username and password', 'danger') return render_template('login.html', title='Login', form=form)
def register(): if not session.get('logged_in'): form = LoginForm(request.form) if request.method == 'POST': username = request.form['username'].lower() password = helpers.hashPassword(request.form['password']) email = request.form['email'] if form.validate(): if not helpers.usernameTaken(username): s = helpers.getSession() u = User(username=username, password=password, email=email, c1="#360033", c2="#0b8793") s.add(u) s.commit() session['logged_in'] = True session['username'] = username return json.dumps({'status': 'Register successful'}) return json.dumps({'status': 'Username taken'}) return json.dumps({'status': 'Both fields required'}) return render_template('login.html', form=form) return redirect(url_for('login'))
def login(): # For GET requests, display the login form; for POST, log in the current user by processing the form. print(f"LOGGING IN\n", file=sys.stdout) if current_user.is_authenticated: return redirect(url_for("index")) form = LoginForm(request.form) if request.method == 'POST': user = User.objects(email=request.form['email']).first() print(f"user is {user}\n", file=sys.stdout) if user is None or not user.check_password(bcrypt, request.form['password']): flash("Invalid username or password") return redirect(url_for('login')) login_user(user, remember=True) user = { 'email': current_user.email, 'first_name': current_user.first_name, 'last_name': current_user.last_name, 'company_name': current_user.company_name if isinstance(current_user, CompanyUser) else None } current_user.update(set__last_country=request.form['last_country']) response = make_response(json.dumps(user)) response.status_code = 200 print(f"login {response}\n") return response context_dict = {"title": "Sign In", "form": form, "user": current_user} return render_template('login.html', **context_dict)
def login(): data = MultiDict(mapping=request.json) inputs = LoginForm(data, csrf_enabled=False) if not inputs.validate(): return bad_request_error(inputs.errors) else: data = request.get_json() error = {'error': 'Invalid login credentials'} user = db.session.query(User).filter_by(email=data['email']).first() if not user: return bad_request_error(error) hashed_password = sha224(data['password']).hexdigest() if user.password != hashed_password: return bad_request_error(error) token = AuthToken(user.id) db.session.add(token) db.session.commit() user_json = user.__repr__() user_json['token'] = token.token return jsonify(user_json)
def login(): form = LoginForm(request.form) if request.method == 'POST': username = form.username.data password_candidate = form.password.data user = sql_db.execute("SELECT * FROM users WHERE username = :username", {"username":username}).fetchall() if len(user) != 0: #verify password password = user[0][2] result = check_password_hash(password, password_candidate) if result == True: #create session session['logged_in'] = True session['username'] = username return redirect(url_for('profile')) else: return render_template('login.html', error='Password Incorrect') else: return render_template('login.html', error='Username not found') return render_template('login.html')
def login(): if current_user.is_authenticated: return redirect('index') form = LoginForm() if form.validate_on_submit(): user = User.login_check(request.form.get('user_name')) if user: login_user(user) user.last_seen = datetime.datetime.now() try: db.session.add(user) db.session.commit() except: flash("The Database error!") return redirect('/login') flash('Your name: ' + request.form.get('user_name')) flash('remember me? ' + str(request.form.get('remember_me'))) return redirect(url_for("users", user_id=current_user.id)) else: flash('Login failed, Your name is not exist!') return redirect('/login') return render_template("login.html", title="Sign In", form=form)
def login(): session.pop('user', None) form = LoginForm() if form.validate_on_submit(): email, password = form.email.data, form.password.data res = Validation(email, password) if res == "Login success" and email != "*****@*****.**": flash(res) session['user'] = globals()['cur_user'] = email return render_template("user.html", name=globals()['cur_user'], ddtext='Modules') elif res == "Login success" and email == "*****@*****.**": flash(res) session['user'], globals()['cur_user'] = email, "admin" return redirect(url_for("admin")) # return render_template("admin.html", name=globals()['cur_user']) elif res == "Wrong Password": flash(res) return redirect(url_for("login")) else: flash("Email does not exist.\nCreate account") return redirect(url_for("register")) return render_template('login.html', form=form, ddtext='Modules')
def login(): form = LoginForm() if request.method == 'GET': return render_template('login.html',\ form = form) #return static page login login = request.form.get('login') password = request.form.get('password') remember_me = False if request.form.get('remember_me'): remember_me = True if not (registered_user(login)): flash(('red', 'Неверное имя пользователя')) view_log.info('unknown login - ' + login) return render_template('login.html',\ form=form) if not registered_user(login).check_password(password): flash(('red', 'Неверный пароль')) view_log.info('unknown password for login - ' + login) return render_template('login.html',\ form=form) login_user(registered_user(login), remember=remember_me) view_log.info(login + ' authorized success') #flash('Logged is successfully') return redirect(request.args.get('next') or url_for('index'))
def login(): # Here we use a class of some kind to represent and validate our # client-side form data. For example, WTForms is a library that will # handle this for us, and we use a custom LoginForm to validate. form = LoginForm(request.form, csrf_context=session) if form.validate(): print('processing form', file=sys.stderr) # Login and validate the user. # user should be an instance of your `User` class user = find_user(form.name.data) # if not user: # user = User(username=form.name.data) # user.set_password(form.password.data) # db.session.add(user) # db.session.commit() if user: login_user(user) flask.flash('Logged in successfully.') #next = flask.request.args.get('next') ## is_safe_url should check if the url is safe for redirects. ## See http://flask.pocoo.org/snippets/62/ for an example. #if not is_safe_url(next): # return flask.abort(400) #return flask.redirect(next or flask.url_for('index')) return flask.redirect(flask.url_for('index')) else: flask.flash('Error logging in') print('rendering form', file=sys.stderr) return flask.render_template('login.html', form=form)
def login(): form = LoginForm() if session.get('username'): return redirect(url_for('shake_and_dice')) if request.method == 'GET': return render_template('login.html', form=form) else: username = form.username.data password = form.password.data password_md5 = md5(password) avatar = form.avatar.data user = User.query.filter_by(username=username).first() if user: if password_md5 != user.password: return render_template( 'login.html', form=form, message='Sorry, username or password ERROR!') else: session['username'] = username return redirect(url_for('shake_and_dice')) else: user = User(username=username, password=password_md5, avatar=avatar) db.session.add(user) db.session.commit() session['username'] = username data = get_avatar(username) mark_data(username, data) return redirect(url_for('shake_and_dice'))
def login(): form = LoginForm() if request.method == 'GET': return render_template('login.html', form=form) else: #telephone = request.form.get('telephone') #password = request.form.get('password') if form.validate_on_submit(): telephone = form.telephone.data password = form.password.data user = User.query.filter(User.telephone == telephone).first() if user and user.check_password(password): session['user_id'] = user.id # 如果想在31天内不需重复登录,设置permanent为True session.permanent = True if user.check_admin(): return redirect(url_for('index1')) else: return redirect(url_for('index')) else: flash("账号或密码错误,请确认后再输入!") return redirect(url_for('login')) return render_template('login.html', form=form)
def login(): session.pop('logged-in',False) form=LoginForm() if(request.method == 'POST'): cursor=mysql.connection.cursor() result=form.data cursor.execute(f"Select passwordd from userinfo where lower(email)='{result['email'].lower()}'") a=cursor.fetchone() if a is None: flash(f"NO ACCOUNT EXISTS WITH THIS USERNAME",'danger') return redirect(url_for('register')) else: dict1 = dataret(result['email'].lower()) if pbkdf2_sha256.verify(result['password'], a[0]): session['logged-in']=True session['email']=result['email'] return redirect(url_for('userhome')) else: flash("Incorrect Password!","danger") return render_template("login.html",form=form) else: return render_template('login.html',form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate: user = User.query.filter_by(email=form.email.data).first() if user: if check_password_hash(user.password, form.password.data): flash('You have successfully logged in.', "success") session['logged_in'] = True session['email'] = user.email session['username'] = user.username return redirect(url_for('home')) else: flash('Username or Password Incorrect', "Danger") return redirect(url_for('login')) return render_template('login.html', form=form)
def login(): if current_user.is_authenticated: flash('You are currently logged in!', 'info') return redirect(url_for('index')) form = LoginForm() if request.method == 'POST' and form.validate_on_submit(): user = mongo.db.users.find_one( {"username": form.username.data.lower()}) if user and User.check_password(user['password'], form.password.data): user_obj = User(user['username']) login_user(user_obj) flash( f'Hello {form.username.data.lower()}, you have successfully logged into your account.', 'success') return redirect(request.args.get("next") or url_for("index")) # Check if username exists in the database elif user is None: flash("Username does not exist.", 'error') # If username exists but password if incorrect else: flash("Wrong password.", 'error') return render_template('login.html', title='Sign In', form=form)
def login(): user = current_user title = 'Login' header = 'Login' if user is not None and user.is_authenticated(): return redirect(request.args.get("next") or url_for('index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() hashed_password = hashlib.sha512(form.password.data).hexdigest() if user is not None and hashed_password == user.password: login_user(user) return redirect(request.args.get("next") or url_for("index")) elif user is None: user = current_user flash("There is no user with the email address " + form.email.data) return render_template('/login.html', user=user, title=title, header=header, form=form) else: user = current_user flash("Your password is incorrect") return render_template('/login.html', user=user, title=title, header=header, form=form) return render_template('/login.html', user=user, title=title, header=header, form=form)
def login(): form = LoginForm() if form.validate_on_submit(): if request.method == 'POST': cu = conn.cursor() useremail_form = str(form.email.data) select = ("SELECT email,password,username " "FROM UserProfiles " "WHERE email= ?") cu.execute(select, [useremail_form]) results = cu.fetchone() password = results[1] if useremail_form in results and bcrypt.check_password_hash( password, form.password.data): session['loggedin'] = True session['id'] = useremail_form session['username'] = results[2] flash('You have been logged in!', 'success') return redirect(url_for('home')) else: flash('Login Unsuccessful. Please check username and password', 'danger') return render_template('login.html', title='Login', form=form)
def login(): fm = LoginForm(request.form) if request.method == 'POST': if fm.validate(): logindata = request.form username = logindata['username'] password = logindata['password'] sql = "SELECT * FROM users WHERE email = %s and password = %s;" conn = mysql.connect() cursor = conn.cursor() rows = cursor.execute(sql, (username, password)) conn.commit() if rows > 0: session['username'] = username return redirect(url_for('index')) else: flash('Invalid username and password') return render_template('login.html', form=fm) cursor.close() conn.close() else: return render_template('login.html', form=fm) elif request.method == 'GET': return render_template('login.html', form=fm)
def login(): """ Display login form or process login request """ if "username" in session: return redirect(f"/users/{session['username']}") form = LoginForm() if form.validate_on_submit(): username = form.username.data password = form.password.data user = User.authenticate(username, password) if user: session['username'] = user.username flash(f'Welcome back {user.username}! You are now logged in.', 'success') return redirect(f"/users/{user.username}") else: form.username.errors = ["Invalid username/password"] return render_template("users/login_user.html", form=form) return render_template('users/login_user.html', form=form)
def login(): form = LoginForm() if g.user: return render_template('home.html') if request.method == 'POST' and form.validate_on_submit(): #clears session and gets password and email session.pop('user', None) password = request.form['password'] email = request.form['email'] # retrieves email and if does not returns to login try: with connection.cursor() as cursor: sql = "SELECT `email` FROM `users` WHERE `email`=%s" cursor.execute(sql, (email)) result = cursor.fetchone() if result[0] != email: flash('email incorrect') return redirect('/') #authenticates password using password hash sql = "SELECT `password` FROM `users` WHERE `email`=%s" cursor.execute(sql, (email)) result = cursor.fetchone() if check_password_hash(result[0], password): session['user'] = request.form['email'] return redirect('home') except: flash("incorrect email or password") return render_template('index.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): # check whether employee exists in the database and whether # the password entered matches the password in the database employee = Employee.query.filter_by(email=form.email.data).first() if employee is not None and employee.verify_password( form.password.data): # log employee in login_user(employee) # redirect to the appropriate dashboard page if employee.is_admin: return redirect(url_for('home.admin_dashboard')) else: return redirect(url_for('home.dashboard')) # when login details are incorrect else: flash('Invalid email or password.') # load login template return render_template('auth/login.html', form=form, title='Login')
def login(): error = None form = LoginForm() if request.method == "POST": if form.validate() == False: return render_template("login.html", form=form) else: email = form.email.data password = form.password.data user = User.query.filter_by(email=email).first() if user is not None and user.check_password(password): user.authenticated = True db.session.add(user) db.session.commit() login_user(user, remember=True) #session['email'] = form.email.data return redirect(url_for("home")) else: error = 'Email or Password incorect!' return render_template("login.html", form=form, error=error) elif request.method == "GET": return render_template("login.html", form=form)
def login(): form = LoginForm() if request.method == "POST": # change this to actually validate the entire form submission # and not just one field if form.validate_on_submit(): # Get the username and password values from the form. username = form.username.data password = form.password.dsta # using your model, query database for a user based on the username # and password submitted # store the result of that query to a `user` variable so it can be # passed to the login_user() method. user = UserProfile.query.filter_by(username=username).first() if user.password == password: # get user id, load into session login_user(user) next_page = request.args.get('next') # remember to flash a message to the user flash("Login Successful", "success") print next_page return redirect(next_page or url_for("secure")) flash("Login Failed", 'danger') return render_template("login.html", form=form) # they should be redirected to a secure-page route instead
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): username = request.form['username'] password = request.form['password'] registered_user = User.filter(User.username == username).first() if registered_user is None or not registered_user.password.check_password( password): flash('Ошибка ввода логина или пароля', "danger") return redirect(url_for( 'login')) # redirect back to login page if can't wasn't found login_user(registered_user) return redirect(request.args.get('next') or url_for('index')) content = render_form(form=form, action=url_for("login"), button="Вход", button_class="success") return render_content(content=content, title="Авторизация")