def verify(self, submit=True):
"""Show form for TOTP verification token.
:param bool submit: Whether form was submitted
(False if shown after login form)
"""
if not TOTP_ENABLED or 'login_uid' not in session:
# TOTP not enabled or not in login process
return redirect(url_for('login'))
user = self.load_user(session.get('login_uid', None))
if user is None:
# user not found
return redirect(url_for('login'))
form = VerifyForm()
if submit and form.validate_on_submit():
if self.user_totp_is_valid(user, form.token.data):
# TOTP verified
target_url = session.pop('target_url', '/')
self.clear_verify_session()
return self.__login_response(user, target_url)
else:
flash('Invalid verification code')
form.token.errors.append('Invalid verification code')
form.token.data = None
if user.failed_sign_in_count >= MAX_LOGIN_ATTEMPTS:
# redirect to login after too many login attempts
return redirect(url_for('login'))
return render_template('verify.html', title='Sign In', form=form)
def setup_totp(self, submit=True):
"""Show form with TOTP QR Code and token confirmation.
:param bool submit: Whether form was submitted
(False if shown after login form)
"""
if not TOTP_ENABLED or 'login_uid' not in session:
# TOTP not enabled or not in login process
return redirect(url_for('login'))
user = self.load_user(session.get('login_uid', None))
if user is None:
# user not found
return redirect(url_for('login'))
totp_secret = session.get('totp_secret', None)
if totp_secret is None:
# generate new secret
totp_secret = pyotp.random_base32()
# store temp secret in session
session['totp_secret'] = totp_secret
form = VerifyForm()
if submit and form.validate_on_submit():
if pyotp.totp.TOTP(totp_secret).verify(form.token.data,
valid_window=1):
# TOTP confirmed
# save TOTP secret
user.totp_secret = totp_secret
# update last sign in timestamp and reset failed attempts
# counter
user.last_sign_in_at = datetime.utcnow()
user.failed_sign_in_count = 0
self.user_query().session.commit()
target_url = session.pop('target_url', '/')
self.clear_verify_session()
return self.__login_response(user, target_url)
else:
flash('Invalid verification code')
form.token.errors.append('Invalid verification code')
form.token.data = None
# enable one-time loading of QR code image
session['show_qrcode'] = True
# show form
resp = make_response(
render_template('qrcode.html',
title='Two Factor Authentication Setup',
form=form,
totp_secret=totp_secret))
# do not cache in browser
resp.headers.set('Cache-Control',
'no-cache, no-store, must-revalidate')
resp.headers.set('Pragma', 'no-cache')
resp.headers.set('Expires', '0')
return resp
def __verify(self, db_session, submit=True):
"""Show form for TOTP verification token.
:param Session db_session: DB session
:param bool submit: Whether form was submitted
(False if shown after login form)
"""
if not TOTP_ENABLED or 'login_uid' not in session:
# TOTP not enabled or not in login process
return redirect(url_for('login'))
user = self.find_user(db_session, id=session.get('login_uid', None))
if user is None:
# user not found
return redirect(url_for('login'))
form = VerifyForm(meta=wft_locales())
if submit and form.validate_on_submit():
if self.user_totp_is_valid(user, form.token.data, db_session):
# TOTP verified
target_url = session.pop('target_url', self.tenant_prefix())
self.clear_verify_session()
return self.__login_response(user, target_url)
else:
flash(i18n.t('auth.verfication_invalid'))
form.token.errors.append(i18n.t('auth.verfication_invalid'))
form.token.data = None
if user.failed_sign_in_count >= MAX_LOGIN_ATTEMPTS:
# redirect to login after too many login attempts
return redirect(url_for('login'))
return render_template('verify.html', form=form, i18n=i18n,
title=i18n.t("auth.verify_page_title"))
def verify_otp(name, user_email, user_password):
global otp
form = VerifyForm()
if request.method == "GET":
flash(f"An OTP is send to your email ({user_email}) address.")
otp = randint(123456, 987654)
send_otp = SendOTP(user_name=name, user_email=user_email, otp=otp)
send_otp.register_msgBody()
send_otp.send_otp()
if request.method == "POST" and form.validate_on_submit():
enter_otp = int(request.form.get("otp"))
if enter_otp == otp:
new_user = User(name=name, email=user_email, password=user_password)
db.session.add(new_user)
db.session.commit()
# This line will authenticate the user with Flask-Login
login_user(new_user)
return redirect(url_for('get_all_posts'))
else:
flash("OTP mismatched, another OTP send to your email address.")
return redirect(url_for('verify_otp', name=name, user_email=user_email, user_password=user_password))
return render_template("email-verification.html", form=form)
def verify(user_id=-1):
if user_id is not -1:
form = VerifyForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(id=user_id).first_or_404()
otp = OTP.query.filter_by(user_id=user.id).first_or_404()
print('after gettig user'+str(user.id))
print(form.otp_num.data)
if form.otp_num.data == 'open':
login_user(user)
flash('مرحبا بك في جمعة', 'success')
return redirect(url_for('index'))
#check otp if correct redirect to index and Login
#else return to page with error msg
return render_template('verify.html', form=form)
else:
return redirect(url_for('index'))
def verify():
form = VerifyForm()
if form.validate_on_submit():
user = Users.query.filter_by(email=form.email.data).first()
if user is not None and user.numberverification == form.numbercode.data:
if user.verified == 0 or user.verified == False:
user.verified = True
db.session.commit()
db.session.close()
flash('Verified!')
return redirect(url_for('login'))
else:
flash('You are already verified!')
return redirect(url_for('login'))
else:
flash('Invalid code or email!')
return redirect(url_for('verify'))
return render_template('verify.html', form=form)
def verify():
verifyform = VerifyForm()
if verifyform.validate_on_submit():
session['loggedin'] = 'True'
if session['otp'] == verifyform.otp.data:
db.execute(
"INSERT INTO users (username, email, password) VALUES (:username, :email, :password)",
{
"username": session["username"],
"email": session['email'],
"password": session['password']
})
db.commit()
flash(f"Account created for {session['username']}!", 'success')
return redirect(url_for('home'))
flash("verification code didn't match", 'danger')
return render_template("verify.html",
email=session['email'],
verifyform=verifyform)
def verify():
form = VerifyForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user:
if form.mantra.data == "secret":
user.tdr_mark = int(form.mark.data)
user.tdr_school = form.school.data
db.session.commit()
return redirect(url_for('verify'))
else:
flash("Aquest mantra no és vàlid")
else:
flash("No existeix cap usuari amb aquest correu")
return render_template('verify.html', form=form)
def verify_user_otp(name, user_email):
global otp
form = VerifyForm()
if request.method == "GET":
otp = randint(123456, 987654)
otp_send = SendOTP(user_name=name, user_email=user_email, otp=otp)
otp_send.forgot_password_msgBody()
otp_send.send_otp()
if request.method == "POST" and form.validate_on_submit():
user_otp = int(request.form.get("otp"))
if user_otp == otp:
print(user_otp, otp)
flash("Enter your new password, and note it in your dairy.")
return redirect(url_for('reset_password', user_email=user_email))
else:
flash("Wrong credentials provided, Please try again !")
return redirect(url_for('login'))
return render_template("forgot-password.html", form=form)
