def login(): form = LoginForm() if form.validate_on_submit(): # login and valide the user... login_user(form.user, remember=form.remember.data) return redirect(request.args.get('next') or url_for('web.index')) return render_template('login.html', form=form)
def login(): form = LoginForm(login=request.args.get("login", None), next=request.args.get("next", None)) # TBD: ensure "next" field is passed properly if form.validate_on_submit(): user, authenticated = \ User.query.authenticate(form.login.data, form.password.data) if user and authenticated: # Flask-Login login_user(user, remember = form.remember.data) # change identity identity=Identity(user.username) identity_changed.send(current_app._get_current_object(), identity = identity) # next_url next_url = form.next.data if not next_url or next_url == 'home.index': next_url = url_for('user.posts', username=user.username) flash(u"登录成功", "successfully") return redirect(next_url) else: flash(u"账号或密码错误", "error") return render_template("account/login.html", form=form)
def complete_github(): try: code = request.args.get("code") except KeyError: raise # TODO params = {"client_id": app.config["GITHUB_CLIENT_ID"], "client_secret": app.config["GITHUB_SECRET"], "code": code} token_resp = requests.post("https://github.com/login/oauth/access_token", data=params) token_params = parse_qs(token_resp.content) access_token = token_params["access_token"] user_resp = requests.get("https://api.github.com/user", data={"access_token": access_token}) github_user = json.loads(user_resp.content) userid = u"github:%s" % github_user["login"] user = User.get(userid) if user is None: user = User(userid) user.name = github_user["name"] user.avatar_url = github_user["avatar_url"] user.profile_url = github_user["html_url"] user.save() login_user(user) try: next_url = session["signin_next_url"] except KeyError: next_url = url_for("home") else: del session["signin_next_url"] return redirect(next_url)
def invite_activate(invite_key): if invite_key: # process invitation verification invitation = InvitationKey.query.filter_by(key=invite_key, is_activated=False).first() if invitation: # if we have a valid key, meaning this user is not yet registered. # create a user, tell him his password and that he needs to # change it ASAP with a form where he can change it. raw_pass = ''.join(random.choice(string.letters+string.digits) for i in xrange(8)) hashed_password = manager.encode(raw_pass) new_user = User(email=invitation.email, password=hashed_password) new_user.is_activated = True db.session.add(new_user) # mark the key as activated invitation.is_activated = True # add the new user to the group invitation.group.members.append(new_user) db.session.commit() # show his new password msg = "Your account has been created and your password is: <strong>%s</strong>" % raw_pass flash(_(msg), category="success") # login the new user login_user(new_user) return redirect(url_for('dashboard.dashboard_home')) return redirect(url_for('common.home'))
def signin(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): password = form.password.data username = form.username.data user = model.User.by_name(username) if user and user.check_password(password): login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') return redirect(request.args.get("next") or url_for("home")) else: flash('Incorrect email/password', 'error') if request.method == 'POST' and not form.validate(): flash('Please correct the errors', 'error') auth = {'twitter': False, 'facebook': False, 'google': False} if current_user.is_anonymous(): # If Twitter is enabled in config, show the Twitter Sign in button if ('twitter' in current_app.blueprints): auth['twitter'] = True if ('facebook' in current_app.blueprints): auth['facebook'] = True if ('google' in current_app.blueprints): auth['google'] = True return render_template('account/signin.html', title="Sign in", form=form, auth=auth, next=request.args.get('next')) else: # User already signed in, so redirect to home page return redirect(url_for("home"))
def activate(account, args): account = find(account) if account.activation_code != args['token']: raise BadRequest('Invalid activation code!') account.activated = True db.session.commit() login_user(account)
def login(): form = LoginForm() if form.validate_on_submit(): # login and valide the user... login_user(form.user, remember=form.remember.data) return redirect(request.args.get("next") or url_for("web.index")) return render_template("login.html", form=form)
def join(account, remember=False): # If this is the first user account, then allow to create and make admin users = UserAccount.query().fetch() if not users: logging.info("First user account, creating user as admin", account._User__email) user = UserAccount.create_user(account,make_admin=True) if user and flasklogin.login_user(user, remember): return True # First check domain in whitelist domain = account._User__email[account._User__email.index('@')+1:] logging.info("Checking domain %s for whitelist", domain) whitelistUser = Whitelist.query(Whitelist.domain==domain.lower()).get() if whitelistUser: logging.info("Domain %s is whitelisted, creating user account %s", domain, account._User__email) user = UserAccount.create_user(account) if user and flasklogin.login_user(user, remember): return True else: # Domain not in whitelist, check email address logging.info("Checking email address %s for whitelist", account._User__email) whitelistUser = Whitelist.query(Whitelist.domain==account._User__email.lower()).get() if whitelistUser: logging.info("Email address %s is whitelisted, creating user account", account._User__email) user = UserAccount.create_user(account) if user and flasklogin.login_user(user, remember): return True return False
def signin(): form = LoginForm(request.form) if request.method == "POST" and form.validate(): password = form.password.data username = form.username.data user = model.User.by_name(username) if user and user.check_password(password): login_user(user, remember=True) flash("Welcome back %s" % user.fullname, "success") return redirect(request.args.get("next") or url_for("home")) else: flash("Incorrect email/password", "error") if request.method == "POST" and not form.validate(): flash("Please correct the errors", "error") auth = {"twitter": False, "facebook": False, "google": False} if current_user.is_anonymous(): # If Twitter is enabled in config, show the Twitter Sign in button if "twitter" in current_app.blueprints: auth["twitter"] = True if "facebook" in current_app.blueprints: auth["facebook"] = True if "google" in current_app.blueprints: auth["google"] = True return render_template( "account/signin.html", title="Sign in", form=form, auth=auth, next=request.args.get("next") ) else: # User already signed in, so redirect to home page return redirect(url_for("home"))
def signin(): form = LoginForm(request.form, csrf_enabled=False) if request.method == 'POST' and form.validate(): password = form.password.data username = form.username.data user = model.User.by_name(username) if user and user.check_password(password): login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') return redirect(request.args.get("next") or url_for("home")) else: flash('Incorrect email/password', 'error') if request.method == 'POST' and not form.validate(): flash('Please correct the errors', 'error') auth = {'twitter': False} if current_user.is_anonymous(): # If Twitter is enabled in config, show the Twitter Sign in button if ('twitter' in current_app.blueprints): auth['twitter'] = True return render_template('account/signin.html', title="Sign in", form=form, auth=auth, next=request.args.get('next')) # Else use only the default system else: return render_template('account/signin.html', title="Sign in", form=form, auth=auth, next=request.args.get('next')) else: # User already signed in, so redirect to home page return redirect(url_for("home"))
def reset_password(): key = request.args.get('key') if key is None: abort(403) userdict = {} try: userdict = signer.loads(key, max_age=3600, salt='password-reset') except BadData: abort(403) username = userdict.get('user') if not username or not userdict.get('password'): abort(403) user = model.User.query.filter_by(name=username).first_or_404() if user.passwd_hash != userdict.get('password'): abort(403) form = ChangePasswordForm(request.form) if form.validate_on_submit(): user.set_password(form.new_password.data) db.session.add(user) db.session.commit() login_user(user) print "Changed password" flash('You reset your password successfully!', 'success') return redirect(url_for('.profile')) if request.method == 'POST' and not form.validate(): flash('Please correct the errors', 'error') return render_template('/account/password_reset.html', form=form)
def reset_password(): key = request.args.get("key") if key is None: abort(403) userdict = {} try: userdict = signer.loads(key, max_age=3600, salt="password-reset") except BadData: abort(403) username = userdict.get("user") if not username or not userdict.get("password"): abort(403) user = model.User.query.filter_by(name=username).first_or_404() if user.passwd_hash != userdict.get("password"): abort(403) form = ChangePasswordForm(request.form) if form.validate_on_submit(): user.set_password(form.new_password.data) db.session.add(user) db.session.commit() login_user(user) print "Changed password" flash("You reset your password successfully!", "success") return redirect(url_for(".profile")) if request.method == "POST" and not form.validate(): flash("Please correct the errors", "error") return render_template("/account/password_reset.html", form=form)
def login(): form = LoginForm(login=request.args.get("login", None), next=request.args.get("next", None)) # TBD: ensure "next" field is passed properly if form.validate_on_submit(): user, authenticated = \ User.query.authenticate(form.login.data, form.password.data) if user and authenticated: # Flask-Login login_user(user, remember=form.remember.data) # change identity identity = Identity(user.username) identity_changed.send(current_app._get_current_object(), identity=identity) # next_url next_url = form.next.data if not next_url or next_url == 'home.index': next_url = url_for('user.posts', username=user.username) flash(u"登录成功", "successfully") return redirect(next_url) else: flash(u"账号或密码错误", "error") return render_template("account/login.html", form=form)
def after_login(resp): """OpenID callback. Called after the login was successful.""" user = User.query.active().filter_by(email=resp.email).first() if user is not None: login_user(user) return redirect(oid.get_next_url()) return render_template("unauthorized.html")
def register(): form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): user = db.User() user.email = form.email.data salt_and_hash = hash_password(form.password.data) user.salt = salt_and_hash[0] user.password = salt_and_hash[1] user.save() # now, log the user in if user.validate_login(form.email.data,form.password.data): # login credentials all good, set the user (which has now been # populated with the user details) login_user(user) # we also need to create the default apikey too apikey = db.Apikey() apikey.key = apikey.random_key() apikey.userid = unicode(user.get_id()) apikey.save() # all good, lets go to the dashboard with a flash flash('Your account has been created.') return redirect(url_for('dashboard')) return render_template('register.html', registeractive=True, form=form)
def login(): form = LoginForm(request.form) if request.method == "POST" and form.validate(): user = User.query.filter(User.email == form.email.data).first() login_user(user) flash("You were logged in") return redirect(url_for("public.index")) return render_template("public/login.html", form=form)
def login_save(): user = User.check(request.form['login'], request.form['password']) if user is None: flash('Invalid username or password.', 'warning') return render_template('login.tmpl') else: login_user(user) return redirect(url_for('manager'))
def login(): form = forms.LoginForm() if form.validate_on_submit(): user = models.User.query.filter_by( username=form.username.data ).first() login_user( user, remember=form.remember.data ) flash( "Bentornato %s!" % user.username ) return redirect( request.args.get( "next" ) or url_for( "index" ) ) return render_template( "login.html", form=form, title="Login" )
def oauth_authorized(resp): next_url = request.args.get('next') or url_for('home') if resp is None: flash(u'You denied the request to sign in.', 'error') flash(u'Reason: ' + request.args['error_reason'] + ' ' + request.arts['error_description'], 'error') return redirect(next_url) # We have to store the oauth_token in the session to get the USER fields session['oauth_token'] = (resp['access_token'], '') me = facebook.oauth.get('/me') user = db.session.query(model.User)\ .filter_by(facebook_user_id=me.data['id']).first() # user never signed on first_login = False if user is None: first_login = True facebook_token = dict( oauth_token=resp['access_token'] ) info = dict(facebook_token=facebook_token) user = db.session.query(model.User)\ .filter_by(name=me.data['username']).first() email = db.session.query(model.User)\ .filter_by(email_addr=me.data['email']).first() if user is None and email is None: user = model.User( fullname=me.data['name'], name=me.data['username'], email_addr=me.data['email'], facebook_user_id=me.data['id'], info=info ) db.session.add(user) db.session.commit() else: flash(u'Sorry, there is already an account with the same user name' 'or email.', 'error') flash(u'You can create a new account and sign in', 'info') return redirect(url_for('account.register')) login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') request_email = False if (user.email_addr == "None"): request_email = True if request_email: if first_login: flash("This is your first login, please add a valid e-mail") else: flash("Please update your e-mail address in your profile page") return redirect(url_for('account.update_profile')) return redirect(next_url)
def login(): form = LoginForm() if form.validate_on_submit(): user = User(form.admin.data) login_user(user) flash("Logged in successfully.") return redirect('/') return render_template("login.html", form=form)
def oauth_authorized(resp): next_url = request.args.get('next') or url_for('home') if resp is None: flash(u'You denied the request to sign in.', 'error') flash( u'Reason: ' + request.args['error_reason'] + ' ' + request.arts['error_description'], 'error') return redirect(next_url) # We have to store the oauth_token in the session to get the USER fields session['oauth_token'] = (resp['access_token'], '') me = facebook.oauth.get('/me') user = db.session.query(model.User)\ .filter_by(facebook_user_id=me.data['id']).first() # user never signed on first_login = False if user is None: first_login = True facebook_token = dict(oauth_token=resp['access_token']) info = dict(facebook_token=facebook_token) user = db.session.query(model.User)\ .filter_by(name=me.data['username']).first() email = db.session.query(model.User)\ .filter_by(email_addr=me.data['email']).first() if user is None and email is None: user = model.User(fullname=me.data['name'], name=me.data['username'], email_addr=me.data['email'], facebook_user_id=me.data['id'], info=info) db.session.add(user) db.session.commit() else: flash( u'Sorry, there is already an account with the same user name' 'or email.', 'error') flash(u'You can create a new account and sign in', 'info') return redirect(url_for('account.register')) login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') request_email = False if (user.email_addr == "None"): request_email = True if request_email: if first_login: flash("This is your first login, please add a valid e-mail") else: flash("Please update your e-mail address in your profile page") return redirect(url_for('account.update_profile')) return redirect(next_url)
def oauth_authorized(resp): """Called after authorization. After this function finished handling, the OAuth information is removed from the session again. When this happened, the tokengetter from above is used to retrieve the oauth token and secret. Because the remote application could have re-authorized the application it is necessary to update the values in the database. If the application redirected back after denying, the response passed to the function will be `None`. Otherwise a dictionary with the values the application submitted. Note that Twitter itself does not really redirect back unless the user clicks on the application name. """ next_url = request.args.get('next') or url_for('home') if resp is None: flash(u'You denied the request to sign in.', 'error') return redirect(next_url) user = model.Session.query(model.User).filter_by(twitter_user_id = resp['user_id']).first() # user never signed on # Twitter API does not provide a way to get the e-mail so we will ask for it # only the first time request_email = False first_login = False if user is None: request_email = True first_login = True twitter_token = dict( oauth_token = resp['oauth_token'], oauth_token_secret = resp['oauth_token_secret'] ) info = dict(twitter_token = twitter_token) user = model.User( fullname = resp['screen_name'], name = resp['screen_name'], email_addr = 'None', twitter_user_id = resp['user_id'], info = info ) model.Session.add(user) model.Session.commit() login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') if (user.email_addr == "None"): request_email = True if request_email: if first_login: flash("This is your first login, please add a valid e-mail") else: flash("Please update your e-mail address in your profile page") return redirect(url_for('account.update_profile')) return redirect(next_url)
def login(): """Log the user in or display the login form.""" form = LoginForm() if form.validate_on_submit(): user = User.find_one({"username": form.username.data}) if form.password_check(user): flask_login.login_user(user) url = request.args.get("next", "/") return redirect(url) return render_template("auth/login.html", form=form)
def register(): form = RegisterForm() if form.validate_on_submit(): user = User(form.email.data, bcrypt.generate_password_hash(form.password.data)) db.session.add(user) db.session.commit() login_user(user) flash("Login successful") return redirect(url_for(login_redirect_view)) return render_template('users/register.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): # Login user, check for remember me remember_me = form.remember.data == 'y' user = form.get_user() login_user(user, remember=remember_me) return redirect(url_for('dashboard')) return render_template('login.html', loginactive=True, form=form)
def login(): form = LoginForm(request.form, next=request.args.get('next')) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user) return redirect(form.next.data or url_for('tickets')) else: flash("Invalid login details!") return render_template("login.html", form=form)
def login_redirect(data,rememberme=True): ''' Realiza el login de usuario y la redirección con mensaje a la home ''' flash(_("logged_in")+" "+data["username"]) login_user(User(data["_id"], data),rememberme) if "next" in request.args: return redirect(unquote(request.args["next"])) return redirect(url_for('index.home',lang=None))
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is None or bcrypt.check_password_hash(user.password, form.password): flash("Invalid email or password", "error") else: login_user(user) flash("Login successful", 'success') return redirect(url_for(login_redirect_view)) return render_template('users/login.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): # login and validate the user... user = User.query.filter_by(name=request.form['username'], password=request.form['password']).first() if user: login_user(user) flash("Logged in successfully.") return redirect(url_for("start")) else: form.username.errors.append('Unable to login, want to sign up?') return render_template("login.html", form=form)
def oauth_authorized(resp): """Called after authorization. After this function finished handling, the OAuth information is removed from the session again. When this happened, the tokengetter from above is used to retrieve the oauth token and secret. Because the remote application could have re-authorized the application it is necessary to update the values in the database. If the application redirected back after denying, the response passed to the function will be `None`. Otherwise a dictionary with the values the application submitted. Note that Twitter itself does not really redirect back unless the user clicks on the application name. """ next_url = request.args.get('next') or url_for('home') if resp is None: flash(u'You denied the request to sign in.', 'error') return redirect(next_url) user = model.Session.query( model.User).filter_by(twitter_user_id=resp['user_id']).first() # user never signed on # Twitter API does not provide a way to get the e-mail so we will ask for it # only the first time request_email = False first_login = False if user is None: request_email = True first_login = True twitter_token = dict(oauth_token=resp['oauth_token'], oauth_token_secret=resp['oauth_token_secret']) info = dict(twitter_token=twitter_token) user = model.User(fullname=resp['screen_name'], name=resp['screen_name'], email_addr='None', twitter_user_id=resp['user_id'], info=info) model.Session.add(user) model.Session.commit() login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') if (user.email_addr == "None"): request_email = True if request_email: if first_login: flash("This is your first login, please add a valid e-mail") else: flash("Please update your e-mail address in your profile page") return redirect(url_for('account.update_profile')) return redirect(next_url)
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] user = User.query.authenticate(username, password) if user is None: flash('Login failed.') return redirect(url_for('login')) else: login_user(user) return redirect(request.args.get("next") or url_for('dashboard')) return render_template('login.html')
def logging_in(app): lm = LoginManager() lm.login_view = "login" lm.user_loader(get_user) lm.setup_app(app) app.preprocess_request() assert not current_user.is_authenticated() assert current_user.is_anonymous() with assert_fired(user_logged_in): login_user(notch) assert current_user.name == u"Notch" assert session["user_id"] == u"1"
def register_token(token): delete_old_tokens() token_exists = get_user_token_coll().find({'_id': token}).count() == 1 if not token_exists: flask.abort(401) bread = base_bread() + [('Register', url_for(".register_new"))] if request.method == "GET": return render_template("register.html", title="Register", bread=bread, next=request.referrer or "/", token=token) elif request.method == 'POST': name = request.form['name'] if not allowed_usernames.match(name): flask.flash( """Oops, usename '%s' is not allowed. It must consist of lower/uppercase characters, no spaces, numbers or '.', '_' and '-'.""" % name, "error") return flask.redirect(url_for(".register_new")) pw1 = request.form['password1'] pw2 = request.form['password2'] if pw1 != pw2: flask.flash("Oops, passwords do not match!", "error") return flask.redirect(url_for(".register_new")) if len(pw1) <= 3: flask.flash( "Oops, password too short. Minimum 4 characters please!", "error") return flask.redirect(url_for(".register_new")) full_name = request.form['full_name'] email = request.form['email'] next = request.form["next"] if pwdmanager.user_exists(name): flask.flash("Sorry, user ID '%s' already exists!" % name, "error") return flask.redirect(url_for(".register_new")) newuser = pwdmanager.new_user(name, pw1) newuser.full_name = full_name newuser.email = email newuser.save() login_user(newuser, remember=True) flask.flash("Hello %s! Congratulations, you are a new user!" % newuser.name) get_user_token_coll().remove({'_id': token}) logger.debug("removed login token '%s'" % token) logger.info("new user: '******' - '%s'" % (newuser.get_id(), newuser.name)) return flask.redirect(next or url_for(".info"))
def register(): # TODO: re-enable csrf form = RegisterForm(request.form, csrf_enabled=False) if request.method == 'POST' and form.validate(): account = dao.Account(id=form.username.data, email=form.email.data) account.set_password(form.password.data) account.save() login_user(account, remember=True) flash('Thanks for signing-up', 'success') return redirect(url_for('home')) if request.method == 'POST' and not form.validate(): flash('Please correct the errors', 'error') return render_template('account/register.html', form=form)
def login(): form = Login_Form(username=request.args.get("username", None), next=request.args.get("next", None)) if form.validate_on_submit(): user, authenticated = User.authenticate(form.username.data, form.password.data) if user and authenticated: login_user(user) flash("Logged in successfully.") return redirect( url_for('accounts.profile', username=user.username)) flash("Sorry, wrong credentials") return render_template('accounts/login.html', form=form)
def login(): """用户登录 """ form = LoginForm() if form.validate_on_submit(): user = User.query.get_by_account(form.account.data) login_user(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return redirect(request.args.get('next') or url_for('user.index')) return render_template('user/login.html', form=form)
def facebook_authorized(resp): next_url = request.args.get('next') or url_for('index') code = request.args.get('code') if code in (None, ''): #No code, send back to index page return redirect(url_for('index', _external=True)) response = urllib2.urlopen( "https://graph.facebook.com/oauth/access_token?%s" % urllib.urlencode( { 'client_id': app.config['FACEBOOK_ID'], 'redirect_uri': url_for('facebook_authorized', _external=True), 'client_secret': app.config['FACEBOOK_SECRET'], 'code': code })) data = response.read() params = dict([part.split('=') for part in data.split('&')]) session['facebook_access_token'] = params['access_token'] session['facebook_code'] = code response = urllib2.urlopen( "https://graph.facebook.com/me?%s" % urllib.urlencode({'access_token': session['facebook_access_token']})) data = response.read() user_info = json.loads(data) logging.info(user_info.get('name')) facebook_id = user_info.get('id') hubid = u'facebook-%s' % facebook_id user = HubUser.find(hubid) if user is None: #This is the first time this Facebook user has signed in #to hub-ology. We'll need to create a new HubUser for them. user = HubUser(socnet=u'facebook', userid=facebook_id, hubid=hubid, name=user_info.get('name')) user.username = user_info.get('username') user.profile_image_url = u'https://graph.facebook.com/%s/picture' % user_info.get( 'username') user.link = user_info.get('link') user.gender = user_info.get('gender') #Save the user user.put() login_user(user) #Redirect the user to the 'hub' return redirect(url_for('hub', _external=True))
def login(): form = LoginForm() if form.validate_on_submit(): # login and validate the user... user = graph.users.index.get_unique(username=form.username.data, password=form.password.data) if not user: flash("No such username and password.") return render_template("login.html", form=form) login_user(user) flash("Logged in successfully.") print "logged in sucessfully" return redirect(request.args.get("next") or url_for("view_post")) return render_template("login.html", form=form)
def authenticate(): is_ajax = ('Accept' in request.headers and 'application/json' in request.headers['Accept']) try: user = auth_provider.authenticate(request.form) if login_user(user): redirect_url = get_post_login_redirect() current_app.logger.debug(DEBUG_LOGIN % (user, redirect_url)) return redirect(redirect_url) if not is_ajax \ else jsonify({ "success":True }) else: if is_ajax: return jsonify({ "success": False, "error": FLASH_INACTIVE }) else: raise BadCredentialsException(FLASH_INACTIVE) except BadCredentialsException, e: message = '%s' % e if is_ajax: return jsonify({"success": False, "error": message}) else: flash(message) redirect_url = request.referrer or login_manager.login_view msg = ERROR_LOGIN % (message, redirect_url) current_app.logger.error(msg) return redirect(redirect_url)
def users_authenticate(): try: user = auth_provider.authenticate(request.form) if login_user(user): return jsonify(user) except Exception: pass abort(400)
def login(**kwargs): bread = base_bread() + [('Login', url_for('.login'))] # login and validate the user … # remember = True sets a cookie to remmeber the user name = request.form["name"] password = request.form["password"] next = request.form["next"] remember = True if request.form["remember"] == "on" else False user = LmfdbUser(name) if user and user.authenticate(password): login_user(user, remember=remember) flask.flash("Hello %s, your login was successful!" % user.name) logger.info("login: '******' - '%s'" % (user.get_id(), user.name)) return flask.redirect(next or url_for(".info")) flask.flash("Oops! Wrong username or password.", "error") return flask.redirect(url_for(".info"))
def oauth_authorized(resp): """Called after authorization. After this function finished handling, the OAuth information is removed from the session again. When this happened, the tokengetter from above is used to retrieve the oauth token and secret. Because the remote application could have re-authorized the application it is necessary to update the values in the database. If the application redirected back after denying, the response passed to the function will be `None`. Otherwise a dictionary with the values the application submitted. Note that Twitter itself does not really redirect back unless the user clicks on the application name. """ next_url = request.args.get('next') or url_for('home') if resp is None: flash(u'You denied the request to sign in.', 'error') return redirect(next_url) access_token = dict(oauth_token=resp['oauth_token'], oauth_token_secret=resp['oauth_token_secret']) user_data = dict(screen_name=resp['screen_name'], user_id=resp['user_id']) user = manage_user(access_token, user_data, next_url) if user is None: user = db.session.query(model.User)\ .filter_by(name=user_data['screen_name'])\ .first() msg, method = get_user_signup_method(user) flash(msg, 'info') if method == 'local': return redirect(url_for('account.forgot_password')) else: return redirect(url_for('account.signin')) first_login = False login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') if user.email_addr != user.name: return redirect(next_url) if first_login: flash("This is your first login, please add a valid e-mail") else: flash("Please update your e-mail address in your profile page") return redirect(url_for('account.update_profile'))
def register(): # TODO: re-enable csrf form = RegisterForm(request.form, csrf_enabled=False) if request.method == 'POST' and form.validate(): account = model.User(fullname=form.fullname.data, name=form.username.data, email_addr=form.email_addr.data) account.set_password(form.password.data) model.Session.add(account) model.Session.commit() login_user(account, remember=True) flash('Thanks for signing-up', 'success') return redirect(url_for('home')) if request.method == 'POST' and not form.validate(): flash('Please correct the errors', 'error') return render_template('account/register.html', title="Register", form=form)
def linkedin_authorized(resp): next_url = request.args.get('next') or url_for('index') if resp is None: return redirect(next_url) session['linkedin_token'] = (resp['oauth_token'], resp['oauth_token_secret']) #Fetch linkedin profile information info = linkedin.get( 'v1/people/~:(id,first-name,last-name,public-profile-url,picture-url)', data={}) if info.status == 200: xml = info.data # logging.info(ElementTree.tostring(xml)) linkedin_id = xml.findtext(".//id") name = u'%s %s' % (xml.findtext(".//first-name"), xml.findtext(".//last-name")) link = u'%s' % xml.findtext(".//public-profile-url") profile_image_url = u'%s' % xml.findtext(".//picture-url") hubid = u'linkedin-%s' % linkedin_id user = HubUser.find(hubid) if user is None: #This is the first time this LinkedIn user has signed in #to hub-ology. We'll need to create a new HubUser for them. user = HubUser(socnet=u'linkedin', userid=linkedin_id, hubid=hubid, name=name) user.profile_image_url = profile_image_url user.link = link #Save the user user.put() login_user(user) #Redirect the user to the 'hub' return redirect(url_for('hub', _external=True)) else: logging.error('Unable to load profile information for linkedin user') return redirect(next_url)
def signin(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): password = form.password.data email = form.email.data user = model.User.query.filter_by(email_addr=email).first() if user and user.check_password(password): login_user(user, remember=True) msg_1 = lazy_gettext("Welcome back") + " " + user.fullname flash(msg_1, 'success') return redirect(request.args.get("next") or url_for("home")) elif user: msg, method = get_user_signup_method(user) if method == 'local': msg = lazy_gettext("Ooops, Incorrect email/password") flash(msg, 'error') else: flash(msg, 'info') else: msg = lazy_gettext("Ooops, we didn't find you in the system, \ did you sign in?") flash(msg, 'info') if request.method == 'POST' and not form.validate(): flash(lazy_gettext('Please correct the errors'), 'error') auth = {'twitter': False, 'facebook': False, 'google': False} if current_user.is_anonymous(): # If Twitter is enabled in config, show the Twitter Sign in button if ('twitter' in current_app.blueprints): auth['twitter'] = True if ('facebook' in current_app.blueprints): auth['facebook'] = True if ('google' in current_app.blueprints): auth['google'] = True return render_template('account/signin.html', title="Sign in", form=form, auth=auth, next=request.args.get('next')) else: # User already signed in, so redirect to home page return redirect(url_for("home"))
def oauth_authorized(resp): #print "OAUTH authorized method called" next_url = url_for('home') if resp is None or request.args.get('error'): flash(u'You denied the request to sign in.', 'error') flash(u'Reason: ' + request.args['error'], 'error') if request.args.get('error'): return redirect(url_for('account.signin')) return redirect(next_url) headers = {'Authorization': ' '.join(['OAuth', resp['access_token']])} url = 'https://www.googleapis.com/oauth2/v1/userinfo' try: r = requests.get(url, headers=headers) except requests.exceptions.http_error: # Unauthorized - bad token if r.status_code == 401: return redirect(url_for('account.signin')) return r.content access_token = resp['access_token'] session['oauth_token'] = access_token import json user_data = json.loads(r.content) user = manage_user(access_token, user_data, next_url) if user is None: # Give a hint for the user user = db.session.query(model.User)\ .filter_by(email_addr=user_data['email'])\ .first() msg, method = get_user_signup_method(user) flash(msg, 'info') if method == 'local': return redirect(url_for('account.forgot_password')) else: return redirect(url_for('account.signin')) else: login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') return redirect(next_url)
def signup(): form = SignupForm(next=request.args.get("next")) if form.validate_on_submit(): user = User() form.populate_obj(user) user.save() # Flask-Login login_user(user) # Flask-principal identity_changed.send(current_app._get_current_object(), identity=Identity(user.username)) flash(u"欢迎, %s" % user.username, "successfully") next_url = form.next.data if not next_url or next_url == request.path: next_url = url_for('user.posts', username=user.username) return redirect(next_url) return render_template("account/signup.html", form=form)
def oauth_authorized(resp): next_url = request.args.get('next') or url_for('home') if resp is None: flash(u'You denied the request to sign in.', 'error') flash( u'Reason: ' + request.args['error_reason'] + ' ' + request.arts['error_description'], 'error') return redirect(next_url) # We have to store the oauth_token in the session to get the USER fields access_token = resp['access_token'] session['oauth_token'] = (resp['access_token'], '') user_data = facebook.oauth.get('/me').data user = manage_user(access_token, user_data, next_url) if user is None: # Give a hint for the user user = db.session.query(model.User)\ .filter_by(email_addr=user_data['email'])\ .first() msg, method = get_user_signup_method(user) flash(msg, 'info') if method == 'local': return redirect(url_for('account.forgot_password')) else: return redirect(url_for('account.signin')) else: first_login = False login_user(user, remember=True) flash("Welcome back %s" % user.fullname, 'success') request_email = False if (user.email_addr == "None"): request_email = True if request_email: if first_login: flash("This is your first login, please add a valid e-mail") else: flash("Please update your e-mail address in your profile page") return redirect(url_for('account.update_profile')) return redirect(next_url)
def twitter_authorized(resp): next_url = request.args.get('next') or url_for('index') if resp is None: return redirect(next_url) session['twitter_token'] = (resp['oauth_token'], resp['oauth_token_secret']) #Fetch twitter profile information info = twitter.get('users/show.json', data={'user_id': resp['user_id']}) if info.status == 200: hubid = u'twitter-%s' % resp['user_id'] user = HubUser.find(hubid) if user is None: #This is the first time this twitter user has signed in #to hub-ology. We'll need to create a new HubUser for them. user = HubUser(socnet=u'twitter', userid=resp['user_id'], hubid=hubid, name=info.data.get('name')) user.profile_image_url = info.data.get('profile_image_url') user.location_name = info.data.get('location') user.set_location(geocode_location(user.location_name)) user.url = info.data.get('url') user.username = resp['screen_name'] user.link = u'https://twitter.com/#!/%s' % resp['screen_name'] #Save the user user.put() login_user(user) #Redirect the user to the 'hub' return redirect(url_for('hub', _external=True)) else: logging.error( 'Unable to load profile information for twitter user: %s' % session['twitter_user']) return redirect(url_for('sign_in', _external=True))
def login(): if request.method == 'GET': return render_template('login.html') elif request.method == 'POST': user = User.query.filter_by(username=request.form['username']).first() if user and user.check_password(request.form['password']): # refresh last auth time since it's used to check login user.lastauth = datetime.datetime.now() db.session.add(user) db.session.commit() login_user(user) app.logger.info('Successful login for user %s' % request.form['username']) flash('Logged In Successfully!') return redirect(request.args.get('next') or url_for('.index')) else: app.logger.info('FAILED login for user %s' % request.form['username']) flash('Login Failed! Please Try again!') return render_template('login.html')
def signin_user_db(user_db): if not user_db: return flask.redirect(flask.url_for('signin')) flask_user_db = FlaskUser(user_db) if login.login_user(flask_user_db): user_db.put_async() flask.flash('Hello %s, welcome to %s!!!' % ( user_db.name, config.CONFIG_DB.brand_name, ), category='success') return flask.redirect(util.get_next_url()) else: flask.flash('Sorry, but you could not sign in.', category='danger') return flask.redirect(flask.url_for('signin'))
def login(): if not current_user.is_active(): to_page = request.args.get("next") if to_page == url_for("logout"): to_page = False form = LoginForm() if form.is_submitted(): if form.validate(): user = check_login(form.username.data, form.password.data) if user: login_user(user, form.remember_me.data) flash("Logged in successfully.", "success") return redirect(to_page or url_for("index")) else: flash("Invalid Username/Password", "error") else: for key, msg in form.errors.items(): flash("Could not validate " + key + ": " + ", ".join(msg), "error") return render_template("login.html", form=form) else: flash("You are already logged in!", "info") return redirect(request.args.get("next") or url_for("index"))
def signin_user_db(user_db): if not user_db: return flask.redirect(flask.url_for('signin')) flask_user_db = FlaskUser(user_db) if login.login_user(flask_user_db): flask.flash(__( 'Hello %(name)s, welcome to %(brand)s!!!', name=user_db.name, brand=config.CONFIG_DB.brand_name, ), category='success') response = flask.redirect(util.get_next_url()) util.set_locale(user_db.locale, response) return response else: flask.flash(__('Sorry, but you could not sign in.'), category='danger') return flask.redirect(flask.url_for('signin'))
def login(data): data = LoginSchema().to_python(data) user = get(data['login']) # TODO: get rid of raising these exceptions in here. if user is None: raise Invalid('Invalid user name', data['login'], None, error_dict={'login': '******'}) if not validate_password(user.password, data['password']): raise Invalid('Password is incorrect', data['password'], None, error_dict={'password': '******'}) if not login_user(user): raise BadRequest('This account is not activated.') return user