def test_verify_password(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) password = '******' Users.create_user(username, password) assert Users.verify_password(username, password) assert not Users.verify_password(username, 'invalid_password')
def login(): if current_user is not None and current_user.is_authenticated: return redirect(url_for('webapp.index')) if request.method == 'POST': errors = [] username = request.form['username'] password = request.form['password'] next_url = request.form['next'] if not username: errors.append('Username is required') elif not password: errors.append('Password is required') elif not Users.user_exists(username): errors.append('Username does not exists') elif not Users.verify_password(username, password): errors.append('Username and password do not match') if errors: return render_template('login.html', next_url=next_url, errors=errors) else: login_user(Users.get_user_by_username(username)) if not next_url or not is_safe_url(next_url): next_url = '/' return redirect(next_url) else: next_url = request.args.get('next') if not next_url or not is_safe_url(next_url): next_url = '/' return render_template('login.html', next_url=next_url, errors=[])