def login(): form = UserLoginForm(request.form) if request.method == "POST" and form.validate(): cur = mysql.connection.cursor() # Get form data email = form.email.data pin_candidate = form.pin.data result = cur.execute("SELECT * FROM User WHERE email = %s", [email]) if result > 0: data = cur.fetchone() pin = data['pin'] # Successful Login if pin_candidate == pin: # Store current users email session['email'] = email print(session['email']) return redirect(url_for('index')) # Failed pin else: flash('Pin is incorrect', 'danger') return render_template('login.html', form=form) # Failed Email else: flash('No user exists with that email', 'danger') return render_template('login.html', form=form) return render_template('login.html', form=form)
def login(): """ Get requests return a log in form Post requests authenticate the user, and redirects to the home page. :return: """ form = UserLoginForm() if request.method == 'POST': # When the request is post, we want to send a JSON back if not form.validate(): # If the form isn't properly validated, return a json saying why return jsonify( { 'success': False, 'errors': form.errors } ) # We get here if form has been validated, login the user user = User.query.filter_by(username=form.username.data).first() remember = form.remember login_user(user, remember=remember) next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('home') return jsonify( { 'success': True, 'nextpage': next_page } ) return render_template('login-form.html', form=form)
def login(): if request.method == 'POST': form = UserLoginForm(request.form) if form.validate(): user = User.query.filter_by(name=form.name.data).first() if user is not None: if user.password == form.password.data: session['name'] = form.name.data if session['name'] == "admin": return redirect(url_for('admin')) return redirect(url_for('list')) return redirect(url_for('login')) else: flash('All fields are required.') form = UserLoginForm() return render_template('login.html', form=form)
def login(): if request.method == 'POST': form = UserLoginForm(request.form) if form.validate(): user = User.query.filter_by(name=form.name.data).first() if user is not None: if user.password == form.password.data: session['name'] = form.name.data if session['name'] == "admin": return redirect(url_for('admin')) return redirect(url_for('list')) return redirect(url_for('login')) else: flash('All fields are required.') form = UserLoginForm() return render_template('login.html', form=form)
def login(): # chiamata post -> controllo credenziali if request.method == 'POST': form = UserLoginForm(request.form) if form.validate(): user = login_user(form) if user: if session['user']['active']: logging(session['user']['user_id'], 'LOGIN') if session['user']['superuser'] == True: return redirect( url_for('admin.index')) #amministratore return redirect(url_for('main.index')) #utente comune else: session.pop('user', None) return render_template( 'login/not_allowed.html') #utente non valido else: flash('Invalid credentials!') return render_template('login/login.html', form=form) #credenziali errate # chiamata get -> controllo utente in sessione else: if 'user' in session: if session['user']['active']: if session['user']['authenticated'] == True and session[ 'user']['superuser'] == False: return redirect(url_for('main.index')) #utente comune elif session['user']['authenticated'] == True and session[ 'user']['superuser'] == True: return redirect(url_for('admin.index')) #amministratore else: return render_template( 'login/not_allowed.html') #utente non valido return render_template('login/login.html', form=UserLoginForm()) #pagina log in
def login(): error = None form = UserLoginForm() if request.method == 'POST': if form.validate(): user = query_db('SELECT * from users WHERE username = ?', [form.username.data], one=True) if user is None: error = 'Invalid username/password.' elif not check_password_hash(user['pw_hash'], form.password.data): error = 'Invalid username/password.' else: session['personal_name'] = user['name'] session['logged_in'] = True session['uid'] = user['uid'] session['role'] = user['role'] return redirect(url_for('two_factor_auth')) else: error = 'Invalid username/password.' return render_template('login.html', error=error, form=form)
def login(): """ Handle user login. Takes in { user: { username, password }} Returns JWT token if authenticated; otherwise, returns error messages { token } """ user_data = request.json.get("user") form = UserLoginForm(data=user_data) if form.validate(): user = User.authenticate(form.username.data, form.password.data) if user: return do_login(user) return (jsonify(errors=["Invalid credentials."]), 401) else: errors = [] for field in form: for error in field.errors: errors.append(error) return (jsonify(errors=errors), 400)