def useraccount(): form = LoginForm(request.form) correct = False errorResponse='' if request.method == 'POST': errorResponse='User does not exist' if form.validate(): correct = False id = 0 usersDict = {} db = shelve.open('storage.db', 'r') try: usersDict = db['Users'] for key in usersDict: user = usersDict[key] if user.get_username()==form.username.data: id = user.get_userID() correct = user.get_password()==form.password.data; if not correct: errorResponse='Invalid password' except: print("Error in retrieving Users from storage.db.") if correct: return render_template("Retrieveaccount.html",name=form.username.data,id=id) return render_template("useraccount.html",form=form,errorResponse=errorResponse)
def login(): form = LoginForm(request.form) errorResponse='' if request.method == 'POST': errorResponse='Invalid Credentials' correct = False if form.validate(): if form.username.data=='staff': if form.password.data=='staff890': return redirect(url_for('retrieveUsers')) return render_template("login2.html",form=form,errorResponse=errorResponse)
def loginMenu(): login_form = LoginForm(request.form) # login if user already logged in before temp_exist = main.db.check_exist('TEMP') if temp_exist == True: session = main.db.get_storage('TEMP') s_keys = session.keys() if "username" in s_keys: username = session['username'] return redirect(url_for('users', choice=1, username=username)) # When a button is clicked if request.method == 'POST': btn_pressed = request.form['submit'] # Login clicked # Validate only on a POST request if login_form.validate() and btn_pressed == "Login": login_name = login_form.username.data.lower() admin_acc = main.db.get_storage("ADMIN") temp = main.db.return_keys("Users") if admin_acc.get_username() == login_name: print("Admin Login") return redirect(url_for('admin')) elif temp != None and login_name in temp: temp2 = main.db.get_storage("Users") user = temp2[login_name] # create temporary storage main.db.get_storage("TEMP", True, True) main.db.add_item('TEMP', "username", user.get_username()) return redirect( url_for('users', choice=1, username=user.get_username())) else: print("ERRORRRRRR") # Sign up clicked elif btn_pressed == "Sign Up": return redirect(url_for('sign_up')) # Get request will be skipped to this return render_template('userLogin.html', form=login_form)
def login(): form = LoginForm() if request.method == 'POST': if form.validate() == False: return render_template('login.html', form=form, session=False) else: session['email'] = form.email.data # session['username'] = db.session.username; session['logged_in'] =True return redirect(url_for('profile', success=True, session=True)) elif request.method == 'GET': return render_template('login.html', form=form, session=False)
def login(): form = LoginForm(request.form) msg = '' if request.method == "POST" and form.validate(): session.pop('user', None) email = request.form['email'] password = request.form['password'] print(email) print(password) statement = text('SELECT * FROM users WHERE email ="' + email + '" AND password ="******"') result = db.engine.execute(statement).fetchone() if result == None: statement2 = text('SELECT * FROM users WHERE email ="' + email + '"') result2 = db.engine.execute(statement2).fetchone() print(result2) print("AHhhhhhhhhhhhh") print(email) if result2 == None: msg = 'Error: Email does not exist!' print('no mail') return render_template("login.html", form=form, msg=msg), 401 # abort(401) else: msg = 'Error: Password is wrong!' print('no pass') return render_template("login.html", form=form, msg=msg), 401 # abort(401) else: session['id'] = result[0] session['user'] = result[3] session['name'] = result[1] session['is_authenticated'] = result[5] #if result[3] == "*****@*****.**": if result[5] == "True": #blah blah blah whatever admin needs to be diff resp = make_response(redirect('/admin')) else: resp = make_response(redirect('/')) name = result[1] + result[2] resp.set_cookie('username', name, httponly=False, secure=False) print(session['id']) print(session['is_authenticated']) return resp return render_template("login.html", form=form, msg=msg)
def login(): form = LoginForm(request.form) msg = '' if request.method == "POST" and form.validate(): session.pop('user', None) email= request.form['email'] password = request.form['password'] print(email) print(password) # fix #1st method for login statement = text('SELECT * FROM users WHERE email = :a AND password = :b') result = db.engine.execute(statement,a=str(email),b=str(password)).fetchone() #2nd method # blacklist=[',','<','>','"',"'",'='] # for i in email: # if i in blacklist: # msg = 'Error: invalid email/password' # return render_template("login.html", form=form, msg=msg),401 # for o in password: # if o in blacklist: # msg = 'Error: invalid email/password' # return render_template("login.html", form=form, msg=msg),401 # statement = text('SELECT * FROM users WHERE email ="' + email + '" AND password ="******"') # result = db.engine.execute(statement).fetchone() # endfix if result == None: msg = 'Error: Email/Password does not exist!' return render_template("login.html", form=form, msg=msg),401 else: session['id'] = result[0] session['user']= result[3] session['name'] = result[1] session['is_authenticated'] = result[5] #if result[3] == "*****@*****.**": if result[5] == "True": #blah blah blah whatever admin needs to be diff resp = make_response(redirect('/admin')) else: resp = make_response(redirect('/')) name = result[1]+result[2] resp.set_cookie('username', name, httponly=False, secure=False) print(session['id']) print(session['is_authenticated']) return resp return render_template("login.html", form=form, msg=msg)
def login(): """For GET requests, display the login form. For POSTS, login the current user by processing the form.""" form = LoginForm(csrf_enabled=True) if form.is_submitted(): if form.validate(): user = User.query.get(form.username.data) if user and bcrypt.check_password_hash(user.password, form.password.data): user.authenticated = True db.session.add(user) db.session.commit() login_user(user, remember=True) return redirect("/appConfig") else: return render_template("login.html", form=form, message="Invalid Login!!!") else: return render_template("login.html", form=form, message="Invalid Login!!!") else: return render_template("login.html", form=form)
def login(): loginForm = LoginForm(request.form) if request.method == 'POST' and loginForm.validate( ): #only runs if post button clicked usersDict = {} db = shelve.open( 'storage.db', 'c' ) #assign storage file to variable database, c stands for read and write try: usersDict = db['Users'] #assign Users storage into usersDict except: print("Error in retrieving Users from storage.db.") db.close() #always close your database for i in usersDict: if loginForm.username.data == usersDict[i].get_username(): if loginForm.password.data == usersDict[i].get_password(): session["USERID"] = usersDict[i].get_userID() return redirect(url_for('home')) return render_template('login.html', form=loginForm, invalid=True) return render_template('login.html', form=loginForm)
def login(): form = LoginForm(request.form) msg = '' if request.method == "POST" and form.validate(): session.pop('user', None) email = request.form['email'] password = request.form['password'] print(email) print(password) statement = text('SELECT * FROM users WHERE email ="' + email + '" AND password ="******"') result = db.engine.execute(statement).fetchone() print(result) if result == None: flash('Incorrect username/password') else: session['id'] = result[0] session['user'] = result[3] session['name'] = result[1] session['is_authenticated'] = result[5] if result[3] == "*****@*****.**": # blah blah blah whatever admin needs to be diff resp = make_response(redirect('/admin')) else: resp = make_response(redirect('/')) resp.set_cookie('username', result[1], httponly=False, secure=False) print(session['id']) print(session['is_authenticated']) return resp # # test = User.query.filter_by(email=email).first() # test = User.query.filter_by(email=email, password=password).first() # if test: # # test2 = User.query.filter_by(password=password).first() # # if test2: # # return redirect(url_for('store')) # # else: # # msg = 'Error: Wrong Password!' # # return render_template("login.html", form=form, msg=msg) # # if test and check_password_hash(test.password, password): # if email == '*****@*****.**': # session['user'] = '******' # # access_token = create_access_token(identity=email) # # print("Access token is",access_token) # # print("Admin login success") # # session.permanent = True # return redirect(url_for('admin')) # else: # session['user'] = request.form['email'] # # access_token = create_access_token(identity=email) # # print("Access token is",access_token) # print("User login success") # # session.permanent = True # return redirect(url_for('store')) # else: # msg = 'Error: Email does not exist!' # abort(401) return render_template("login.html", form=form, msg=msg)