def login():
if g.is_authenticated:
flash('Please logout first', category='warning')
return redirect(url_for('site'))
form = LoginForm()
if form.validate_on_submit():
# see if user exists
user = g.db.users.find_one({'username': form.username.data})
if user:
if check_password_hash(user.get('password'), form.password.data):
# inject session data
session['username'] = form.username.data
session['is_authenticated'] = True
if user.get('is_admin'):
session['is_admin'] = True
msg = "Welcome {}!".format(form.username.data)
flash(msg, category="success")
return redirect(url_for('site', next=request.url))
flash("Incorrect username or password", category="danger")
return render_template('login.html', form=form)
def login():
form = LoginForm()
user_name = form.user_name
password = form.password
self = render_template('login.html', title='Авторизация', form=form)
if request.method == 'GET':
return self
elif request.method == 'POST':
if not (request.form.get('user_name') and request.form.get('password')):
return self
# make error введите данные
else:
user_model = UserModel(db.get_connection())
exists = user_model.exists(user_name, password)
if exists[0]:
session['user_name'] = user_name
session['user_id'] = exists[1]
return redirect("/news")
else:
return self
def login():
try:
if session["username"]:
return redirect(url_for("home"))
except KeyError:
form = LoginForm()
if form.validate_on_submit():
# Session timeout
session.permanent = True
#MySQL Integration
cur = mysql.connection.cursor()
result = cur.execute("SELECT * FROM users WHERE username = %s OR email = %s", (form.username.data, form.username.data))
if result > 0:
data = cur.fetchone()
password = data["password"]
if sha256_crypt.verify(form.password.data, password):
session['logged_in'] = True
# Get user information
session['username'] = data["username"]
session['user_id'] = data["id"]
session['avatar_link'] = data["avatar_link"]
session['conversation_id'] = 0
# Set room id
session['room'] = str(uuid.uuid4()) + '-' + form.username.data
flash("Welcome @" + form.username.data + "!", msg_type_to_color["success"])
cur.execute("INSERT INTO user_logs (user_id,ip) VALUES (%s, %s)", [session['user_id'], request.remote_addr])
mysql.connection.commit()
cur.close()
return redirect(url_for("home"))
else:
cur.close()
flash("Invalid login!", msg_type_to_color["error"])
else:
cur.close()
flash("Username or email not found!", msg_type_to_color["error"])
return render_template("login.html", form=form, title="Login")
def login():
"""Login an existing user."""
user_id = session.get("user_id")
if user_id:
user = User.query.get(user_id)
return redirect(f"/users/{user.username}")
form = LoginForm()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
user = User.authenticate(username, password)
if user:
session['user_id'] = user.id
return redirect(f'/users/{user.username}')
else:
flash("Invalid username or password!")
return render_template('login.html', form=form)
return render_template('login.html', form=form)
def login():
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
username = form.username.data
password = form.password.data
user = db.session.query(UserProfile).filter_by(
user_name=username).first()
if user is not None and user.check_password(password):
login_user(user)
er = None
msg = "User successfully logged in."
return jsonify(errors=er, message=msg, id=user.id)
else:
er = True
msg = 'Invalid username or password'
return jsonify(errors=[msg], message=msg)
else:
return jsonify(errors=form_errors(form)), 400
else:
abort(405)
def login():
form = LoginForm(csrf_enabled=False)
if request.method == 'POST':
if form.validate_on_submit():
email = form.email.data
password = form.password.data
try:
result = User.query.filter_by(Password=password).first()
if result is None:
flash('Invalid login credentials')
return render_template('login.html', form=form)
else:
login_user(result)
session['logged_in'] = True
flash('You were logged in', 'success')
return redirect(url_for('home'))
except Exception as e:
return str(e)
else:
return render_template('login.html', form=form)
else:
return render_template('login.html', form=form)
def login():
# 检测是是否用户是已经经过登录认证的
# 全局变量g是Flask设置的,在一个request生命周期中,用来存储和共享数据的变量。
# 所以我猜你已经想到了,我们将把已经登录的用户放到g变量里。
if g.user is not None and g.user.is_authenticated():
# 我们有很好的理由让Flask为你构造url
# http://flask.pocoo.org/docs/quickstart/#url-building
return redirect(url_for(index))
form = LoginForm()
if form.validate_on_submit():
# 一旦数据被保存到session中,它将在同一客户端发起的这次请求和这次以后的
# 请求中永存而不会消亡。数据将保持在session中直到被明确的移除。为了做到
# 这些,Flask为每个客户端建立各自的session。
session["remember_me"] = form.remember_me.data
# oid.try_login是通过Flask-OpenID来执行用户认证
# Flask-OpenID will call a function that is registered with the
# oid.after_login decorator if the authentication is successful. If the
# authentication fails the user will be taken back to the login page.
return oid.try_login(form.openid.data, ask_for=["nickname", "email"])
return render_template("login.html",
title="Sigin In",
form=form,
providers=app.config["OPENID_PROVIDERS"])
def login():
form = LoginForm()
if form.validate_on_submit():
records=db.reg_details.find( { "$and": [ {"email":form.email.data},{"password":form.password.data} ] } )
if(records.count()==1):
flash('You have been logged in!', 'success')
posts.clear()
temp=dict()
temp2=dict()
temp.clear()
temp2.clear()
temp['type']='Transactions Created'
temp2['type']='Transactions Owned'
for record in records:
temp['ids']=record['transactions_created']
temp2['ids']=record['transactions_owned']
posts.append(temp)
print(posts)
posts.append(temp2)
print(posts)
return redirect(url_for('dashboard'))
else:
flash('Login Unsuccessful. Please check username and password', 'danger')
return render_template('login.html', title='Login', form=form)
def register():
if not session.get('logged_in'):
form = LoginForm(request.form)
if request.method == 'POST':
username = request.form['username'].lower()
password = helpers.hashPassword(request.form['password'])
email = request.form['email']
if form.validate():
if not helpers.usernameTaken(username):
s = helpers.getSession()
u = User(username=username,
password=password,
email=email,
c1="#360033",
c2="#0b8793")
s.add(u)
s.commit()
session['logged_in'] = True
session['username'] = username
return json.dumps({'status': 'Register successful'})
return json.dumps({'status': 'Username taken'})
return json.dumps({'status': 'Both fields required'})
return render_template('login.html', form=form)
return redirect(url_for('login'))
def login():
# For GET requests, display the login form; for POST, log in the current user by processing the form.
print(f"LOGGING IN\n", file=sys.stdout)
if current_user.is_authenticated:
return redirect(url_for("index"))
form = LoginForm(request.form)
if request.method == 'POST':
user = User.objects(email=request.form['email']).first()
print(f"user is {user}\n", file=sys.stdout)
if user is None or not user.check_password(bcrypt,
request.form['password']):
flash("Invalid username or password")
return redirect(url_for('login'))
login_user(user, remember=True)
user = {
'email':
current_user.email,
'first_name':
current_user.first_name,
'last_name':
current_user.last_name,
'company_name':
current_user.company_name
if isinstance(current_user, CompanyUser) else None
}
current_user.update(set__last_country=request.form['last_country'])
response = make_response(json.dumps(user))
response.status_code = 200
print(f"login {response}\n")
return response
context_dict = {"title": "Sign In", "form": form, "user": current_user}
return render_template('login.html', **context_dict)
def login():
data = MultiDict(mapping=request.json)
inputs = LoginForm(data, csrf_enabled=False)
if not inputs.validate():
return bad_request_error(inputs.errors)
else:
data = request.get_json()
error = {'error': 'Invalid login credentials'}
user = db.session.query(User).filter_by(email=data['email']).first()
if not user:
return bad_request_error(error)
hashed_password = sha224(data['password']).hexdigest()
if user.password != hashed_password:
return bad_request_error(error)
token = AuthToken(user.id)
db.session.add(token)
db.session.commit()
user_json = user.__repr__()
user_json['token'] = token.token
return jsonify(user_json)
def login():
form = LoginForm(request.form)
if request.method == 'POST':
username = form.username.data
password_candidate = form.password.data
user = sql_db.execute("SELECT * FROM users WHERE username = :username", {"username":username}).fetchall()
if len(user) != 0:
#verify password
password = user[0][2]
result = check_password_hash(password, password_candidate)
if result == True:
#create session
session['logged_in'] = True
session['username'] = username
return redirect(url_for('profile'))
else:
return render_template('login.html', error='Password Incorrect')
else:
return render_template('login.html', error='Username not found')
return render_template('login.html')
def login():
if current_user.is_authenticated:
return redirect('index')
form = LoginForm()
if form.validate_on_submit():
user = User.login_check(request.form.get('user_name'))
if user:
login_user(user)
user.last_seen = datetime.datetime.now()
try:
db.session.add(user)
db.session.commit()
except:
flash("The Database error!")
return redirect('/login')
flash('Your name: ' + request.form.get('user_name'))
flash('remember me? ' + str(request.form.get('remember_me')))
return redirect(url_for("users", user_id=current_user.id))
else:
flash('Login failed, Your name is not exist!')
return redirect('/login')
return render_template("login.html", title="Sign In", form=form)
def login():
session.pop('user', None)
form = LoginForm()
if form.validate_on_submit():
email, password = form.email.data, form.password.data
res = Validation(email, password)
if res == "Login success" and email != "*****@*****.**":
flash(res)
session['user'] = globals()['cur_user'] = email
return render_template("user.html",
name=globals()['cur_user'],
ddtext='Modules')
elif res == "Login success" and email == "*****@*****.**":
flash(res)
session['user'], globals()['cur_user'] = email, "admin"
return redirect(url_for("admin"))
# return render_template("admin.html", name=globals()['cur_user'])
elif res == "Wrong Password":
flash(res)
return redirect(url_for("login"))
else:
flash("Email does not exist.\nCreate account")
return redirect(url_for("register"))
return render_template('login.html', form=form, ddtext='Modules')
def login():
form = LoginForm()
if request.method == 'GET':
return render_template('login.html',\
form = form) #return static page login
login = request.form.get('login')
password = request.form.get('password')
remember_me = False
if request.form.get('remember_me'):
remember_me = True
if not (registered_user(login)):
flash(('red', 'Неверное имя пользователя'))
view_log.info('unknown login - ' + login)
return render_template('login.html',\
form=form)
if not registered_user(login).check_password(password):
flash(('red', 'Неверный пароль'))
view_log.info('unknown password for login - ' + login)
return render_template('login.html',\
form=form)
login_user(registered_user(login), remember=remember_me)
view_log.info(login + ' authorized success')
#flash('Logged is successfully')
return redirect(request.args.get('next') or url_for('index'))
def login():
# Here we use a class of some kind to represent and validate our
# client-side form data. For example, WTForms is a library that will
# handle this for us, and we use a custom LoginForm to validate.
form = LoginForm(request.form, csrf_context=session)
if form.validate():
print('processing form', file=sys.stderr)
# Login and validate the user.
# user should be an instance of your `User` class
user = find_user(form.name.data)
# if not user:
# user = User(username=form.name.data)
# user.set_password(form.password.data)
# db.session.add(user)
# db.session.commit()
if user:
login_user(user)
flask.flash('Logged in successfully.')
#next = flask.request.args.get('next')
## is_safe_url should check if the url is safe for redirects.
## See http://flask.pocoo.org/snippets/62/ for an example.
#if not is_safe_url(next):
# return flask.abort(400)
#return flask.redirect(next or flask.url_for('index'))
return flask.redirect(flask.url_for('index'))
else:
flask.flash('Error logging in')
print('rendering form', file=sys.stderr)
return flask.render_template('login.html', form=form)
def login():
form = LoginForm()
if session.get('username'):
return redirect(url_for('shake_and_dice'))
if request.method == 'GET':
return render_template('login.html', form=form)
else:
username = form.username.data
password = form.password.data
password_md5 = md5(password)
avatar = form.avatar.data
user = User.query.filter_by(username=username).first()
if user:
if password_md5 != user.password:
return render_template(
'login.html',
form=form,
message='Sorry, username or password ERROR!')
else:
session['username'] = username
return redirect(url_for('shake_and_dice'))
else:
user = User(username=username,
password=password_md5,
avatar=avatar)
db.session.add(user)
db.session.commit()
session['username'] = username
data = get_avatar(username)
mark_data(username, data)
return redirect(url_for('shake_and_dice'))
def login():
form = LoginForm()
if request.method == 'GET':
return render_template('login.html', form=form)
else:
#telephone = request.form.get('telephone')
#password = request.form.get('password')
if form.validate_on_submit():
telephone = form.telephone.data
password = form.password.data
user = User.query.filter(User.telephone == telephone).first()
if user and user.check_password(password):
session['user_id'] = user.id
# 如果想在31天内不需重复登录,设置permanent为True
session.permanent = True
if user.check_admin():
return redirect(url_for('index1'))
else:
return redirect(url_for('index'))
else:
flash("账号或密码错误,请确认后再输入!")
return redirect(url_for('login'))
return render_template('login.html', form=form)
def login():
session.pop('logged-in',False)
form=LoginForm()
if(request.method == 'POST'):
cursor=mysql.connection.cursor()
result=form.data
cursor.execute(f"Select passwordd from userinfo where lower(email)='{result['email'].lower()}'")
a=cursor.fetchone()
if a is None:
flash(f"NO ACCOUNT EXISTS WITH THIS USERNAME",'danger')
return redirect(url_for('register'))
else:
dict1 = dataret(result['email'].lower())
if pbkdf2_sha256.verify(result['password'], a[0]):
session['logged-in']=True
session['email']=result['email']
return redirect(url_for('userhome'))
else:
flash("Incorrect Password!","danger")
return render_template("login.html",form=form)
else:
return render_template('login.html',form=form)
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate:
user = User.query.filter_by(email=form.email.data).first()
if user:
if check_password_hash(user.password, form.password.data):
flash('You have successfully logged in.', "success")
session['logged_in'] = True
session['email'] = user.email
session['username'] = user.username
return redirect(url_for('home'))
else:
flash('Username or Password Incorrect', "Danger")
return redirect(url_for('login'))
return render_template('login.html', form=form)
def login():
if current_user.is_authenticated:
flash('You are currently logged in!', 'info')
return redirect(url_for('index'))
form = LoginForm()
if request.method == 'POST' and form.validate_on_submit():
user = mongo.db.users.find_one(
{"username": form.username.data.lower()})
if user and User.check_password(user['password'], form.password.data):
user_obj = User(user['username'])
login_user(user_obj)
flash(
f'Hello {form.username.data.lower()}, you have successfully logged into your account.',
'success')
return redirect(request.args.get("next") or url_for("index"))
# Check if username exists in the database
elif user is None:
flash("Username does not exist.", 'error')
# If username exists but password if incorrect
else:
flash("Wrong password.", 'error')
return render_template('login.html', title='Sign In', form=form)
def login():
user = current_user
title = 'Login'
header = 'Login'
if user is not None and user.is_authenticated():
return redirect(request.args.get("next") or url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
hashed_password = hashlib.sha512(form.password.data).hexdigest()
if user is not None and hashed_password == user.password:
login_user(user)
return redirect(request.args.get("next") or url_for("index"))
elif user is None:
user = current_user
flash("There is no user with the email address " + form.email.data)
return render_template('/login.html',
user=user,
title=title,
header=header,
form=form)
else:
user = current_user
flash("Your password is incorrect")
return render_template('/login.html',
user=user,
title=title,
header=header,
form=form)
return render_template('/login.html',
user=user,
title=title,
header=header,
form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
if request.method == 'POST':
cu = conn.cursor()
useremail_form = str(form.email.data)
select = ("SELECT email,password,username "
"FROM UserProfiles "
"WHERE email= ?")
cu.execute(select, [useremail_form])
results = cu.fetchone()
password = results[1]
if useremail_form in results and bcrypt.check_password_hash(
password, form.password.data):
session['loggedin'] = True
session['id'] = useremail_form
session['username'] = results[2]
flash('You have been logged in!', 'success')
return redirect(url_for('home'))
else:
flash('Login Unsuccessful. Please check username and password',
'danger')
return render_template('login.html', title='Login', form=form)
def login():
fm = LoginForm(request.form)
if request.method == 'POST':
if fm.validate():
logindata = request.form
username = logindata['username']
password = logindata['password']
sql = "SELECT * FROM users WHERE email = %s and password = %s;"
conn = mysql.connect()
cursor = conn.cursor()
rows = cursor.execute(sql, (username, password))
conn.commit()
if rows > 0:
session['username'] = username
return redirect(url_for('index'))
else:
flash('Invalid username and password')
return render_template('login.html', form=fm)
cursor.close()
conn.close()
else:
return render_template('login.html', form=fm)
elif request.method == 'GET':
return render_template('login.html', form=fm)
def login():
""" Display login form or process login request """
if "username" in session:
return redirect(f"/users/{session['username']}")
form = LoginForm()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
user = User.authenticate(username, password)
if user:
session['username'] = user.username
flash(f'Welcome back {user.username}! You are now logged in.',
'success')
return redirect(f"/users/{user.username}")
else:
form.username.errors = ["Invalid username/password"]
return render_template("users/login_user.html", form=form)
return render_template('users/login_user.html', form=form)
def login():
form = LoginForm()
if g.user:
return render_template('home.html')
if request.method == 'POST' and form.validate_on_submit():
#clears session and gets password and email
session.pop('user', None)
password = request.form['password']
email = request.form['email']
# retrieves email and if does not returns to login
try:
with connection.cursor() as cursor:
sql = "SELECT `email` FROM `users` WHERE `email`=%s"
cursor.execute(sql, (email))
result = cursor.fetchone()
if result[0] != email:
flash('email incorrect')
return redirect('/')
#authenticates password using password hash
sql = "SELECT `password` FROM `users` WHERE `email`=%s"
cursor.execute(sql, (email))
result = cursor.fetchone()
if check_password_hash(result[0], password):
session['user'] = request.form['email']
return redirect('home')
except:
flash("incorrect email or password")
return render_template('index.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
# check whether employee exists in the database and whether
# the password entered matches the password in the database
employee = Employee.query.filter_by(email=form.email.data).first()
if employee is not None and employee.verify_password(
form.password.data):
# log employee in
login_user(employee)
# redirect to the appropriate dashboard page
if employee.is_admin:
return redirect(url_for('home.admin_dashboard'))
else:
return redirect(url_for('home.dashboard'))
# when login details are incorrect
else:
flash('Invalid email or password.')
# load login template
return render_template('auth/login.html', form=form, title='Login')
def login():
error = None
form = LoginForm()
if request.method == "POST":
if form.validate() == False:
return render_template("login.html", form=form)
else:
email = form.email.data
password = form.password.data
user = User.query.filter_by(email=email).first()
if user is not None and user.check_password(password):
user.authenticated = True
db.session.add(user)
db.session.commit()
login_user(user, remember=True)
#session['email'] = form.email.data
return redirect(url_for("home"))
else:
error = 'Email or Password incorect!'
return render_template("login.html", form=form, error=error)
elif request.method == "GET":
return render_template("login.html", form=form)
def login():
form = LoginForm()
if request.method == "POST":
# change this to actually validate the entire form submission
# and not just one field
if form.validate_on_submit():
# Get the username and password values from the form.
username = form.username.data
password = form.password.dsta
# using your model, query database for a user based on the username
# and password submitted
# store the result of that query to a `user` variable so it can be
# passed to the login_user() method.
user = UserProfile.query.filter_by(username=username).first()
if user.password == password:
# get user id, load into session
login_user(user)
next_page = request.args.get('next')
# remember to flash a message to the user
flash("Login Successful", "success")
print next_page
return redirect(next_page or url_for("secure"))
flash("Login Failed", 'danger')
return render_template("login.html", form=form) # they should be redirected to a secure-page route instead
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
username = request.form['username']
password = request.form['password']
registered_user = User.filter(User.username == username).first()
if registered_user is None or not registered_user.password.check_password(
password):
flash('Ошибка ввода логина или пароля', "danger")
return redirect(url_for(
'login')) # redirect back to login page if can't wasn't found
login_user(registered_user)
return redirect(request.args.get('next') or url_for('index'))
content = render_form(form=form,
action=url_for("login"),
button="Вход",
button_class="success")
return render_content(content=content, title="Авторизация")
