def login():
try:
if session['user_id']:
return redirect("/index")
except:
pass
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(users_db.get_connection())
true_pass = user_model.password_check(user_name)
exists = user_model.exists(user_name, true_pass)
if check_password_hash(true_pass, password) and exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
session['block'] = exists[2]
return redirect("/index")
else:
all_data = user_model.get_all()
for x in all_data:
if user_name == x[1]:
return render_template('login.html',
title='Авторизация',
form=form,
alert='Неправильный пароль')
return render_template('login.html',
title='Авторизация',
form=form,
alert='Такой пользователь не существует')
return render_template('login.html',
title='Авторизация',
form=form,
alert='')
def login():
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(users_db.get_connection())
true_pass = user_model.password_check(user_name)
exists = user_model.exists(user_name, true_pass)
if check_password_hash(true_pass, password) and exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/index")
return render_template('login.html', title='Sign in', form=form)
def api_auth():
if not request.json:
return json.dumps({'error': 'Empty request'})
elif not all(key in request.json for key in ['pass', 'login']):
return json.dumps({'error': 'Bad request'})
password = request.json['pass']
user_name = request.json['login']
user_model = UsersModel(users_db.get_connection())
true_pass = user_model.password_check(user_name)
exists = user_model.exists(user_name, true_pass)
if check_password_hash(true_pass, password) and exists[0]:
token = generate_password_hash(str(password) + str(user_name))
user_model.add_token(token, exists[1])
return json.dumps({'token': token})
else:
return json.dumps({'error': 'Incorrect info'})
