def login():
form = LoginForm()
if form.validate_on_submit():
# find whether the user exists in db
user = db2.users.find_one( { 'username': form.username.data })
app.logger.debug("User Exists! " + str(user))
# verify users password
hashed_pass = user['password']
passVerify = verify_password(form.password.data,hashed_pass)
app.logger.debug("Password Verified? " + str(passVerify))
if passVerify == False:
return render_template("401.html"), 401
def makeToken():
username = request.form['username']
password = request.form['password']
if username is None or password is None:
return render_template("400.html"), 400
if userdb.users.find_one({'username':username})==None:
return render_template("401.html"), 401
user = userdb.users.find_one({'username':username})
if verify_password(password,user['password'])==False:
return render_template("401.html"), 401
token = generate_auth_token(app.config['SECRET_KEY'],{'id':str(user['_id'])})
return jsonify(result={'token':str(token) ,'duration':30}), 201
def makeToken():
app.logger.debug("MAKING TOKEN")
# get username and password
username = request.form['username']
password = request.form['password']
app.logger.debug("UserName: "******"Password: "******"ENTER BOTH A USERNAME AND A PASSWORD")
return render_template("400.html"), 400
# check to make sure user is in database
if db2.users.find_one({'username': username}) == None:
app.logger.debug("USER IS NOT IN THE DATABASE")
return render_template("401.html"), 401
else:
user = db2.users.find_one({'username': username})
app.logger.debug("User Exists! " + str(user))
hashed_pass = user['password']
passVerify = verify_password(password, hashed_pass)
app.logger.debug("Password Verified? " + str(passVerify))
if passVerify == False:
return render_template("401.html"), 401
else:
user_id = user['_id']
id = {'id': str(user_id)}
app.logger.debug("USER ID " + str(id))
token = generate_auth_token(app.config['SECRET_KEY'], id)
app.logger.debug("Token: " + str(token))
result = {'token': str(token), 'duration': 30}
return jsonify(result=result), 201
def validate_login(password, hashed_pass):
return verify_password(password, hashed_pass)
if request.method == 'POST' and form.validate_on_submit():
user = db2.users.find_one( { 'username': form.username.data })
if user and User.validate_login(form.password.data,user['password']):
user_obj = User(user['_id'])
login_user(user_obj)
flash("Successful Login!", category='success')
return redirect(request.args.get("next") or url_for("token"))
flash("Wrong username or password", category='error')
return render_template('login.html',title='login',form=form)
else:
user = db2.users.find_one( { 'username': username })
app.logger.debug("User Exists! " + str(user))
hashed_pass = user['password']
passVerify = verify_password(password,hashed_pass)
app.logger.debug("Password Verified? " + str(passVerify))
if passVerify == False:
return render_template("401.html"), 401
else:
user_id = user['_id']
id = {'id' : str(user_id)}
app.logger.debug("USER ID " + str(id))
token = generate_auth_token(app.config['SECRET_KEY'],id)
app.logger.debug("Token: " + str(token))
result = { 'token': str(token) , 'duration': 30 }
return jsonify(result=result), 201
class all(Resource): # USE 5001 TO ACCESS!