def login(): """ Login route allowing users to sign into the application to access its services. :return: """ form = LoginForm() if request.method == 'POST' and form.validate(): # Check if email has already been previously registered # at the moment we don't turn email to lower case, so mis-matched cases will not be verified user = Users.query.filter_by(email=(form.email.data).lower()).first() if user is None: flash('No account has been registered with this email.', 'warning') return redirect(url_for('auth.login')) if not user.check_password(form.password.data): flash('Incorrect password.', 'danger') return redirect(url_for('auth.login')) from datetime import timedelta login_user(user, remember=form.remember_me.data, duration=timedelta(minutes=5)) flash(f'Logged in successfully. Welcome, {user.first_name}!', 'success') next = request.args.get('next') if not is_safe_url(next): return abort(400) return redirect(next or url_for('main.index')) return render_template('auth/login.html', form=form)
def login(): if current_user.is_authenticated: redirect(url_for('index')) form = LoginForm(request.form) print(form.password) if request.method == 'POST' and form.validate(): # Get the user user = User.query.filter_by(email=form.email.data).first() # Invalid login attempt if user is None or not user.check_password(form.password.data): print('problem') flash('Invalid username or password') return redirect(url_for('auth.login')) print(user.name) print(user.check_password(form.password.data)) # Log the user in :) login_user(user, remember=form.remember.data) next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('main.index') return redirect(next_page) else: return render_template('login.html', title='Sign In', form=form)
async def post(self, request): template = "/auth/login.html" data = await request.form() form = LoginForm(data) if not form.validate(): context = {"request": request, "form": form} return templates.TemplateResponse(template, context) try: qs = sa.select(User).where(User.email == form.email.data.lower()) result = await User.execute(qs) user = result.scalars().one() if user.check_password(form.password.data): request.session["user"] = str(user.id) user.last_login = datetime.utcnow() await user.save() return RedirectResponse(url="/", status_code=status.HTTP_302_FOUND) except NoResultFound: pass request.session.clear() form.password.errors.append("Invalid email or password.") context = {"request": request, "form": form} return templates.TemplateResponse(template, context)
def create_user(): form = LoginForm(request.form) if form.validate(): username = form.username.data email = form.email.data password = form.password.data data = {"username": username, "email": email, 'password': password} # flask-sqlalchemy默认开启了事务 user = User() user.set_password(data['password']) user.from_dict(data) try: db.session.add(user) db.session.commit() # 事务提交 except: db.session.rollback() # 事务回滚 # 返回值 user_dict = user_schema.dump(user) return success_request(user_dict) else: error = form.errors return bad_request(error)
def test_validate_invalid_password(self, user): """Invalid password.""" user.set_password('example') user.save() form = LoginForm(username=user.username, password='******') assert form.validate() is False assert 'Invalid password' in form.password.errors
def test_validate_success(self, user): """Login successful.""" user.set_password('example') user.save() form = LoginForm(username=user.username, password='******') assert form.validate() is True assert form.user == user
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): username_email = form.username_email.data password = form.password.data if is_email(username_email): user = User.query.filter_by(email=username_email).first() else: user = User.query.filter_by(username=username_email).first() if user is not None and user.verify_password(password) and user.active: # log user in login_user(user) next_url = request.args.get('next') # is_safe_url should check if the url is safe for redirects if not is_safe_url(next_url): return abort(400) return redirect(next_url or url_for('admin.dashboard')) else: # when login details are incorrect flash('Please check your credentials', 'danger') data = { 'title': 'Login', 'form': form, } return render_template('auth/login.html', **data)
def test_validate_inactive_user(self, user): """Inactive user.""" user.active = False user.set_password('example') user.save() # Correct username and password, but user is not activated form = LoginForm(username=user.username, password='******') assert form.validate() is False assert 'User not activated' in form.username.errors
def test_user_login(self): user = User(username='******', email='*****@*****.**', password='******', is_active=True) user.save() form = LoginForm(username=user.username, password='******') self.assertTrue(form.validate() is True)
def post(self): try: data = request.get_json() loginForm = LoginForm(**data, meta={'csrf': False}) if loginForm.validate(): username = loginForm.data['username'] password = loginForm.data['password'] if User.objects(username=username): user = User.objects.get(username=username) if user.check_password(password): if user.is_active(): user.refresh_last_login() user.save() token = encode_token(str(user.id)) responseObject = { 'status': 'success', 'message': 'Successfully logged in.', TOKEN_NAME: token.decode() } return responseObject, 200 else: responseObject = { 'status': 'fail', 'message': 'User is not active.' } return responseObject, 404 else: responseObject = { 'status': 'fail', 'message': 'Bad password.' } return responseObject, 401 else: responseObject = { 'status': 'fail', 'message': 'User does not exist.' } else: responseObject = { 'status': 'fail', 'message': 'Bad format for request.' } return responseObject, 404 except Exception as e : print(e) responseObject = { 'status': 'fail', 'message': 'Try again' } return responseObject, 500
def login(): if current_user.is_authenticated == True: return redirect(url_for('auth.dashboard')) form = LoginForm() if request.method == 'POST': if form.validate(): check_user = User.objects(username=form.username.data).first() if check_user: if check_password_hash(check_user['password'], form.password.data): login_user(check_user) return redirect(url_for('auth.dashboard')) return render_template('auth/login.html', form=form)
def login(): form = LoginForm() if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user is None or not user.check_password(form.password.data): flash('Invalid username or password') return redirect(url_for('auth.login')) login_user(user, remember=form.remember_me.data, duration=timedelta(minutes=1)) flash('{} logged in successfully'.format(user.name)) next = request.args.get('next') if not is_safe_url(next): return abort(400) return redirect(next or url_for('main.index')) return render_template('login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash('Invalid username or password') return redirect(url_for('auth.login')) login_user(user, remember=form.remember_me.data) next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('main.index') return redirect(next_page) return render_template('auth/login.html', title='Sign In', form=form)
def login(): """ Login function validates user info with info in database """ form = LoginForm() if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if not user or not user.checkPassword(form.password.data): flash('Email/Password incorrect. Try again.') return redirect(url_for('auth.login')) else: session.clear() session['id'] = user.id session.permanent = form.remember.data flash("Welcome g.user.username!") return redirect(url_for('main.index')) return render_template('auth/login.html', title='login', form=form)
def login(auth: AuthManager): if current_user.is_authenticated: return redirect(url_for('main.index')) form = LoginForm(request.form) if request.method == 'POST' and form.validate(): try: auth.login(form.email.data, form.password.data) except LoginException as e: form.email.errors.append(str(e)) return render_template('auth/login.html', form=form) resp = make_response(redirect(url_for('main.index'))) resp.set_cookie('auth_token', jwt.create_token(current_user.profile), max_age=60 * 60 * 24 * 360) return resp return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if current_user.is_authenticated is False: if request.method == 'POST' and form.validate(): user = db_session.query(User).filter_by( username=form.username.data).first() valid_password = verify_password(user.username, form.password.data) if user: if valid_password: login_user(user) if user.permission: session['User'] = '******' flash('You are logged in as an Admin', 'success') else: session['User'] = '******' flash('You are logged in as a User', 'success') return redirect(url_for('auth.auth_index')) else: return redirect(url_for('auth.auth_index')) return render_template('auth/login.html', form=form)
def login(): if current_user.is_authenticated: flash('You are logged in') return redirect(url_for('main.index', account='musicians')) form = LoginForm() if request.method == 'POST' and form.validate(): user = Profile.query.filter_by(email=form.email.data).first() if user is None or not user.check_password(form.password.data): flash('Invalid email/password combination', 'error') return redirect(url_for('auth.login')) elif user.block == 1: flash("You are blocked from Musician's Network") return redirect(url_for('main.index')) login_user(user, remember=form.remember_me.data, duration=timedelta(minutes=1)) next = request.args.get('next') if not is_safe_url(next): return abort(400) return redirect(next or url_for('main.index', account='musicians')) return render_template('login.html', form=form)
def login(): form = LoginForm(request.form) if g.user is not None and g.user.is_authenticated: print("User %s logged in" % g.user.name) return redirect(url_for('admin.home')) if request.method == "POST": if form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and check_password_hash(user.pw_hash, form.password.data): user.authenticated = True db.session.add(user) db.session.commit() login_user(user, remember=True) flash("Welcome %s" % user.name) return redirect(url_for("admin.home")) else: mess = "Wrong email or password" return jsonify({"error":mess}), 404 flash("Wrong email or password", 'error-message') else: return jsonify(form.errors), 400 return render_template("auth/login.html", form=form, title="Log in")
def test_validate_invalid_email_format(self): # Ensure invalid email format throws error. form = LoginForm(email='unknown', password='******', csrf_enabled=False) self.assertFalse(form.validate())
def test_validate_success_login_form(self): # Ensure correct data validates. form = LoginForm(email='*****@*****.**', password='******', csrf_enabled=False) self.assertTrue(form.validate())
def test_validate_unknown_username(self, db): """Unknown username.""" form = LoginForm(username='******', password='******') assert form.validate() is False assert 'Unknown username' in form.username.errors assert form.user is None
def test_valid(): data = {"email": "*****@*****.**", "password": "******"} form = LoginForm(DummyPostData(data)) assert form.validate() assert form.data == data
def test_invalid(test_data): form = LoginForm(DummyPostData(test_data)) assert form.validate() is False assert "email" in form.errors assert "password" in form.errors