def test_verify_password(self, testdir_class, test_utils):
testdir_class.activate()
username = test_utils.random_string(5)
password = '******'
Users.create_user(username, password)
assert Users.verify_password(username, password)
assert not Users.verify_password(username, 'invalid_password')
def login():
if current_user is not None and current_user.is_authenticated:
return redirect(url_for('webapp.index'))
if request.method == 'POST':
errors = []
username = request.form['username']
password = request.form['password']
next_url = request.form['next']
if not username:
errors.append('Username is required')
elif not password:
errors.append('Password is required')
elif not Users.user_exists(username):
errors.append('Username does not exists')
elif not Users.verify_password(username, password):
errors.append('Username and password do not match')
if errors:
return render_template('login.html',
next_url=next_url,
errors=errors)
else:
login_user(Users.get_user_by_username(username))
if not next_url or not is_safe_url(next_url):
next_url = '/'
return redirect(next_url)
else:
next_url = request.args.get('next')
if not next_url or not is_safe_url(next_url):
next_url = '/'
return render_template('login.html', next_url=next_url, errors=[])
