def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) if os.environ.get("HEROKU"): user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username") else: user = User.query.filter_by(username=form.username.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username") if not bcrypt.check_password_hash(user.password, form.password.data): return render_template("auth/loginform.html", form=form, error="Incorrect password") login_user(user) return redirect(url_for("index"))
def auth_login(): if request.method == "GET": if current_user.is_authenticated: return redirect(url_for("index")) return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) if not form.validate(): return render_template("auth/loginform.html", form=form) user = User.query.filter_by(username=form.username.data).first() if not user: form.username.errors.append("No such username") return render_template("auth/loginform.html", form=form) if not user.password_is_correct(form.password.data): form.password.errors.append("Wrong password") return render_template("auth/loginform.html", form=form) login_user(user) return redirect(url_for("index"))
def auth_login(): if current_user.is_authenticated: return redirect(url_for("index")) if request.method == "GET": return render_template("auth/login.html", form=LoginForm()) form = LoginForm(request.form) if not form.validate(): return render_template("auth/login.html", form=form, error="Remember to fill all the fields") user = User.query.filter_by(email=form.email.data, password=form.password.data).first() if not user: return render_template("auth/login.html", form=form, error="Incorrect email address or password") login_user(user) app.jinja_env.globals.update(is_student=current_user.is_student()) app.jinja_env.globals.update(is_teacher=current_user.is_teacher()) return redirect(url_for("index"))
def auth_login(): form = LoginForm(request.form) if g.user.is_authenticated: return redirect(url_for("index")) if request.method == "GET": return render_template("auth/loginform.html", form=form) remember_me = False if 'remember_me' in request.form: remember_me = True if request.form.get("Guest") == "Guest": username = "******" password = u"guest".encode('utf-8') elif request.form.get( "Login") == "Login" and form.username.data == 'admin': username = "******" password = u"admin".encode('utf-8') else: if not form.validate(): return render_template( "auth/loginform.html", form=form, error="Fields must not be empty. Check password length.") username = form.username.data password = form.password.data if username == 'guest' or username == 'admin': user = User.query.filter_by(username=username).first() if not user: flash("No such username or password.", "warning") return render_template("auth/loginform.html", form=form) try: login_user(user, remember=remember_me) except IntegrityError: flash("Problems with login.", "danger") return render_template("auth/loginform.html", form=form) else: user = User.query.filter_by(username=username).first() if not user: flash("No such username or password.", "warning") return render_template("auth/loginform.html", form=form) # Check password with hashed password if not bcrypt.check_password_hash(user.password.encode('utf-8'), password): flash("No such password.", "warning") return render_template("auth/loginform.html", form=form) try: login_user(user, remember=remember_me) except IntegrityError: flash("Problems with login.", "danger") return render_template("auth/loginform.html", form=form) db.session.permanent = remember_me return redirect(url_for("index"))
def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash('Invalid username/password') return redirect(url_for('auth.login')) login_user(user, remember=form.remember_me.data) # if any, capture url with 'next' arg next_page = request.args.get('next') # if not 'next' redirect nonetheless to index if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index') return redirect(next_page) return render_template('auth/login.html', title='Sign In', form=form)
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) username_error = "" password_error = "" user = User.query.filter_by( username=form.username.data).first() if (user == None): username_error = "Kyseisellä nimellä ei ole käyttäjää!" return render_template("auth/loginform.html", form=form, usernameError=username_error, passwordError = password_error) else: password = form.password.data pw = user.password if (bcrypt.check_password_hash(pw, password)): login_user(user) return redirect(url_for("votings_index")) else : password_error = "Salasana väärin!" return render_template("auth/loginform.html", form=form, usernameError = username_error, passwordError=password_error)
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) if not form.validate(): return render_template("auth/loginform.html", form=form) # jos käyttäjänimi ja salasana ei vastaa user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template("auth/loginform.html", form=form, error="Username and password do not match.") print("User '" + user.username + "' identified") login_user(user) flash("Succesfully logged in!", "alert alert-success") # kirjautumiskehotteen jälkeinen ohjaus next = request.args.get("next") return redirect(next or url_for("posts_index"))
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) user = User.query.filter_by(username=form.username.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username or password") try: if not bcrypt.check_password_hash(user.password, form.password.data): return render_template("auth/loginform.html", form=form, error="No such username or password") except: return render_template( "auth/loginform.html", form=form, error="You need to hash your password with bcrypt before inserting " "if you create an user in SQL") login_user(user) return redirect(url_for("index"))
def login(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = LoginForm() # form.validate_on_submit() returns True if all fields are valid, otherwise # form renders back to user if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash(_('Invalid username or password')) return redirect(url_for('auth.login')) # login_user comes from Flask-Login; sets current_user to user login_user(user, remember=form.remember_me.data) # Flask's request = data client sent next_page = request.args.get('next') # url_parse check ensures only relative redirect, protecting against # inserted URLs if not next_page or url_parse(next_page).netloc != '': # redirect URL /login?next=/<this_view> next_page = url_for('main.index') return redirect(next_page) return render_template('auth/login.html', title=_('Sign In'), form=form)
def auth_login(): if request.method == 'GET': return render_template('auth/login.html', form=LoginForm()) form = LoginForm(request.form) if not form.validate(): return render_template('auth/login.html', form=form) user = User.query.filter_by(username=form.username.data).first() if not user: return render_template('auth/login.html', form=form, error='No such username or password') password = form.password.data.encode() phash = user.phash.encode() if not bcrypt.checkpw(password, phash): return render_template('auth/login.html', form=form, error='No such username or password') login_user(user) return redirect(request.args.get('next') or url_for('posts_index'))
def auth_login(): # GET if request.method == "GET": next = request.args.get('next') form = LoginForm() return render_template("/auth/login.html", form=form, next=next) # POST form = LoginForm(request.form) if not form.validate(): return render_template("/auth/login.html", form=form) user = User.query.filter_by(username=form.username.data, active=True).first() if not (user and check_password_hash(user.password, form.password.data)): flash("Kirjautuminen ei onnistunut. Tarkista tunnus ja salasana.", "login_error") return render_template("/auth/login.html", form=form) remember = form.remember login_user(user, remember=remember) next = request.form.get('next') if not next is None: return redirect(next) return redirect(url_for("home"))
def auth_login(): next_page = request.args.get("next", default=url_for("index")) if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm(), next_page=next_page) form = LoginForm(request.form) if not form.validate(): return render_template("auth/loginform.html", form=form, next_page=next_page) trainer = Trainer.query.filter_by(username=form.username.data).first() if not trainer: flash("No such username or password.", "error") return render_template("auth/loginform.html", form=form, next_page=next_page) password = form.password.data.encode() db_password = trainer.password if isinstance(trainer.password, str): db_password = trainer.password.encode() if not bcrypt.checkpw(password, db_password): flash("No such username or password.", "error") return render_template("auth/loginform.html", form=form, next_page=next_page) login_user(trainer) return redirect(next_page)
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) pw = form.password.data if not form.validate(): return render_template("auth/loginform.html", form=form, error="Input between 1 and 64 char expected") user = User.query.filter_by( username=form.username.data.lower().strip()).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username or incorrect password") if checker(user.password, pw) == False: return render_template("auth/loginform.html", form=form, error="No such username or incorrect password") login_user(user) flash("Otagai ni rei, sensei ni rei, welcome to the dojo {}".format( user.name)) return redirect(url_for("index"))
def auth_create(): if request.method == 'GET': return render_template("auth/registerform.html", form=LoginForm()) # If method is POST, validate form data form = LoginForm(request.form) if form.validate(): user = User.query.filter_by(email=form.email.data).first() if user: # Enforce unique emails return render_template("auth/loginform.html", form=form, error="This email is already in use.") # If valid email, create user and hash password, then login and redirect pw_hash = bcrypt.generate_password_hash( form.password.data).decode('utf-8') u = User(email=form.email.data, password=pw_hash) if form.admin.data is True: u.admin = True db.session.add(u) db.session.commit() login_user(u) print(u) return redirect(url_for('events_index')) # If anything in POST goes wrong, serve login form with errors return render_template("auth/registerform.html", form=form, error="Invalid information")
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) if not form.validate(): return render_template("auth/loginform.html", form=form) if request.form.get('login'): user = Agency.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template( "auth/loginform.html", form=form, error= "No such username or password. Register a new user or check spelling." ) else: user = Agency(request.form.get("username"), request.form.get("username"), request.form.get("password")) db.session().add(user) db.session().commit() login_user(user) return redirect(url_for("index"))
def auth_login(): if request.method == "GET": # Set the previous page into memory session['url'] = request.referrer return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) user = User.query.filter_by(userID=form.username.data).first() # Return with error if no user if not user: return render_template("auth/loginform.html", form=form, error="No such username or password") # Also return if no password match if not (sha256_crypt.verify(form.password.data, user.password)): return render_template("auth/loginform.html", form=form, error="No such username or password") # Do not login user and inform if account has not been activated yet if user.inactive: return render_template( "auth/loginform.html", form=form, error= "Your registration has not been approved yet. Please contact system administrator for activation" ) login_user(user) # get the previous page from memory if 'url' in session: return redirect(session['url']) return redirect(url_for("index"))
def auth_login(): if request.method == 'GET': return render_template('auth/loginform.html', form=LoginForm()) form = LoginForm(request.form) # for possible validations user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template('auth/loginform.html', form=form, error='Väärä käyttäjätunnus tai salasana') login_user(user) flash('Kirjautuminen onnistui') # TODO #next = flask.request.args.get('next') # is_safe_url should check if the url is safe for redirects. # See http://flask.pocoo.org/snippets/62/ for an example. #if not is_safe_url(next): # return flask.abort(400) return redirect(url_for('index'))
def newuser(): try: if request.method == "GET": return render_template("auth/newuser.html", form=LoginForm()) form = LoginForm(request.form) if not form.validate(): return render_template( "auth/newuser.html", form=form, error= "Invalid input. The username and password must have 3-20 characters, and mustn't contain illegal characters." ) user = db.session.query( User).filter((User.name == form.username.data) | (User.username == form.username.data)).first() if user: return render_template("auth/newuser.html", form=form, error="Username already in use") user = User(form.username.data, form.username.data, form.password.data) user.acc_type = "USER" db.session().add(user) db.session().commit() login_user(user) return redirect(url_for("main")) except: print("Something went wrong.") db.session().rollback() return redirect(url_for("page_404"))
def delete_self(): try: form = LoginForm(request.form) if not form.validate(): return render_template( "auth/options.html", form=form, error= "Invalid input. The username and password must have 3-20 characters, and mustn't contain illegal characters." ) u = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not u: return render_template("auth/options.html", form=form, error="Incorrect username or password") if current_user.id != u.id: return render_template("auth/options.html", form=form, error="Incorrect username or password") logout_user delete_user(u) db.session().commit() return redirect(url_for("main")) except: print("Something went wrong.") db.session().rollback() return redirect(url_for("page_404"))
def login(): try: if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) if not form.validate(): return render_template( "auth/loginform.html", form=form, error= "Invalid input. The username and password must have 3-20 characters, and mustn't contain illegal characters." ) user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username or password") login_user(user) return redirect(url_for("main")) except: print("Something went wrong.") db.session().rollback() return redirect(url_for("page_404"))
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) username = form.username.data password = form.password.data.encode('utf-8') user = User.query.filter_by(username=username).first() if not user: return render_template("auth/loginform.html", form=form, error="Username was not found.") else: password_hash = user.password is_password_correct = flask_bcrypt.check_password_hash( password_hash, password) if not is_password_correct: return render_template("auth/loginform.html", form=form, error="Password is incorrect.") else: login_user(user) return redirect(url_for("roster_index"))
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is not None and user.verify_password(form.password.data): login_user(user, form.remember_me.data) return redirect(request.args.get('next') or url_for('main.index')) flash('Invalid username or password.') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if form.validate_on_submit(): flash(u'Tervetuloa %s!' % form.user.name) next = request.args.get('next') app_login.login_user(form.user) if not utils.is_safe_url(next): return abort(400) return redirect(next or url_for('index')) return render_template('auth/login.html', form=form)
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) # katsotaan löytyykö kirjautuva käyttäjätunnus tietokannasta user = User.query.filter_by(username=form.username.data).first() active_user = User.query.filter_by(username=form.username.data, active=True).first() # katsotaan, täsmääkö käyttäjän suolatu salasana vs. selkokielisenä annettu salasana try: pwd_ok = user.check_password(form.password.data) except AttributeError: return render_template("auth/loginform.html", form=form, error="Antamasi tunnus tai salasana ei kelpaa!") # jos käyttäjää ei löydy tai salasana ei täsmää, niin ilmoitetaan herja käyttäjälle if not user or not pwd_ok: return render_template("auth/loginform.html", form=form, error="Antamasi tunnus tai salasana ei kelpaa!") elif not active_user: return render_template( "auth/loginform.html", form=form, error="Ylläpitäjä on deaktivoinut käyttäjätunnuksesi!") login_user(user) # katsotaan onko käyttäjä admin vai ei adminExists = User.query.filter_by(username=form.username.data, admin=True).first() if adminExists: return redirect(url_for("admin_index")) else: # katsotaan onko käyttäjän money_source -taulussa mitään merkintää kirjautumisen ohessa # jos merkintöjä ei vielä ole, niin luodaan kirjautumisen ohessa yksi merkintä, jolle # annetaan arvoksi (ms_name): Käteinen # Ideana tässä on se, että kaikilla on joskus käteistä :) ja siksi käyttäjällä on hyvä # olla heti luomisvaiheessa yksi rahanlähde ja olkoon se tässä käteinen. # Käyttäjä voi sitten myöhemmässä vaiheessa lisäillä lisää rahalähteitään... m = Moneysource("Käteinen", "") m.acc_id_fk = current_user.id exists = Moneysource.query.filter_by(acc_id_fk=current_user.id).first() if not exists: db.session().add(m) db.session.commit() return redirect(url_for("booking_index"))
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form = LoginForm()) form = LoginForm(request.form) user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user or user.account_active == False: return render_template("auth/loginform.html", form = form, error = "Virheellinen käyttäjätunnus tai salasana.") login_user(user) return redirect(url_for("index"))
def login(): # Halutessaan voi käyttää etuliitettä (prefix) prefix = "login-" # Renderöidään GET-pyynnössä lomake ilman dataa if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm(prefix=prefix)) # Lomakkeen data data = request.form form = LoginForm(data, prefix=prefix) # Tallennetaan lähetetyt tiedot lyhyempiin muuttujiin kästtelyä varten email = data[prefix + "email"].strip() passwd = data[prefix + "password"].strip() # Haetaan sähköpostiin liittyvän käyttäjän tiedot. Tarvitsemme aluksi salasanan hashin. cursor = db.engine.execute( "SELECT salasana FROM kayttaja WHERE sahkopostiosoite = ? LIMIT 1", email) # Haetaan tulos result = cursor.fetchone() cursor.close() # Jos salasana hashia ei löytynyt, tarkoittaa se samalla sitä ettei käyttäjää ole olemassa if not result: return render_template("auth/loginform.html", form=form, error="Käyttäjää ei löytynyt") # Halutessaan tämän voisi jättää pois mutta säilytetään selkeyden vuoksi passwd_hash = result.salasana # Tarkistataan hash if not bcrypt.check_password_hash(passwd_hash, passwd): return render_template("auth/loginform.html", form=form, error="Käyttäjää ei löytynyt") # Käyttäjä sisäänkirjaus user = Kayttaja.query.filter_by(sahkopostiosoite=email).first() # Kenties turha tarkistus... if not user: return render_template("auth/loginform.html", form=form, error="Käyttäjää ei löytynyt") login_user(user) # Kaikki kunnossa -> palautetaan käyttäjä etusivulle return redirect(url_for("index"))
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username or password") login_user(user) return redirect(url_for("courses_index"))
def auth_create(): form = LoginForm(request.form) if not form.validate(): return render_template("auth/new.html", form=form) password = form.password.data u = User(form.username.data, form.username.data, password) db.session().add(u) db.session().commit() return redirect(url_for("index"))
def login(): if current_user.is_authenticated: return redirect(url_for("main.index")) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash("Invalid username or password") return redirect(url_for("auth.login")) login_user(user) return redirect(url_for('main.index')) return render_template('auth/login.html', form=form)
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template("auth/loginform.html", form=form, error="Väärä käyttäjätunnus tai salasana") login_user(user) return redirect(url_for("threads_index"))