def login():
"""
Login form
"""
if 'user_id' in session:
return redirect(url_for('users.home'))
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and verify_password(form.password.data, user.password):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
authorize(user)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash(gettext(u'Welcome') + " " + user.name)
if not user.is_confirmed():
return redirect(url_for('users.pleaseconfirm', next=url_for('home.home')))
return redirect(url_for('home.home'))
flash(gettext(u'Wrong email or password'), 'error-message')
return render_template('users/login.html', form=form)
def dispatch_request(self):
if user_authenticated():
return redirect(url_for('users.Dashboard'))
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
username = form.username.data
password = form.password.data
try:
if credential_valid(username, password):
current_user = db_user(username=username)
session['active_user'] = {
'id': current_user.id,
'username': current_user.username,
'is_authenticated': True
}
return redirect(url_for('users.Dashboard'))
else:
flash(
f'Login Unsuccessful. Please check username and password again.',
'error')
return redirect(url_for(request.endpoint))
except Exception as e:
flash(
'Login Unsuccessful. Please check username and password again.',
'error')
return redirect(url_for(request.endpoint))
return render_template('login.html', form=form)
def login():
""" Login authorization will be handled by flask_login package , it will generate user_id withing flask session"""
form = LoginForm()
if form.validate_on_submit():
# Query user table with email data sent by post request after submiting and form validation.
user = User.query.filter_by(email=form.email.data).first()
if user is None:
flash(Markup('Vaša email adresa nije registrovana molimo Vas da izvršite registraciju , kliknite link <a href="/register" class="alert-link">here</a>!'))
return redirect(url_for('users.login'))
# Checking the user query , if there is an user registered with the submited email adress
# We proceed to check his password with verify_password method
if user is not None and user.verify_password(form.password.data):
# Using flask_login
login_user(user)
flash('Uspješno ste se logovali !')
next = request.args.get('next')
if next is None or not next.startswith('/'):
next = url_for('users.profile')
return redirect(next)
flash('Pogrešna lozinka ili email !')
return render_template('users/login.html', form=form)
def login():
form = LoginForm(next=request.args.get('next'))
if form.validate_on_submit():
u = User.find_by_identity(request.form.get('email'))
if u and u.authenticated(password=request.form.get("password")):
print(" YOU MADE IT")
login_user(u)
#handle optional redirecting
next_url = request.form.get('next')
print(next_url)
#caution checking path of url
if next_url:
return redirect(safe_next_url(next_url))
return redirect(url_for('core.index'))
else:
flash("Email or password is incorrect.", "warning")
print("error")
return render_template('users/login.html', form=form)
def login():
errors = False
form = LoginForm()
if form.validate_on_submit():
# Check username first.
user = User.query.filter(User.username == form.username.data).first()
if user is None:
errors = True
# Check password.
password = form.password.data or ''
hashed_password = unicode(sha512_string(password))
if hashed_password != getattr(user, 'password', ''):
errors = True
# If correct credentials, login and redirect to home.
if not errors:
if login_user(user):
flash('U bent ingelogd.')
return redirect(url_for('home'))
else:
errors = True
return render_template('users/login.html', form=form, errors=errors)
def landing_page():
if session.get('logged_in'):
return redirect(url_for('users.show_entries'))
if not session.get('logged_in'):
"""
Login form
"""
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and check_password_hash(user.password, form.password.data):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
session['user_id'] = user.id
session['logged_in'] = True
flash('Welcome %s' % user.name)
return redirect(url_for('users.show_entries'))
flash('Wrong email or password', 'error-message')
return (
render_template(
'base.html', form=form)
)
def login():
# Pressed 'forgot password' button
if 'forgot_password' in request.form:
return forgot_password()
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user:
if check_password_hash(user.password, form.password.data):
login_user(user, remember=True)
after_login = request.args.get('next') or url_for('home')
return redirect(after_login)
form.password.errors = (_("Invalid email or password"), )
# Ambiguate which field has the error
if form.email.errors or form.password.errors:
form.email.errors = (_("Invalid email or password"), )
form.password.errors = ()
return render_template('users/login.html', form=form)
def login():
"""
Login form
"""
if 'user_id' in session:
return redirect(url_for('users.home'))
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and verify_password(form.password.data, user.password):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
authorize(user)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash(gettext(u'Welcome') + " " + user.name)
return redirect(url_for('home.home'))
flash(gettext(u'Wrong email or password'), 'error-message')
return render_template('users/login.html', form=form)
def login():
# Pressed 'forgot password' button
if 'forgot_password' in request.form:
return forgot_password()
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user:
if check_password_hash(user.password, form.password.data):
login_user(user, remember=True)
after_login = request.args.get('next') or url_for('home')
return redirect(after_login)
form.password.errors = (_("Invalid email or password"),)
# Ambiguate which field has the error
if form.email.errors or form.password.errors:
form.email.errors = (_("Invalid email or password"),)
form.password.errors = ()
return render_template('users/login.html', form=form)
def login():
# If user already logged in redirect to homepage
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
# Finds and returns the user with the specified email address
user = User.query.filter_by(email=form.email.data.lower()).first()
# Verbose error messages vulnerability
if user is None:
flash(
f'Failed login. No account exists with the provided email address',
'danger')
elif user and bcrypt.check_password_hash(user.password,
form.password.data):
login_user(user, remember=form.remember_me.data)
session['_id'] = '123abc' # weak session ids !
next_page = request.args.get(
'next') # get next value from url query string
if next_page:
return redirect(url_for(next))
else:
return redirect(url_for('main.home'))
else:
# Verbose error messages vulnerability
flash(f'Failed login. Password invalid', 'danger')
return render_template('login.html', title='Login', form=form)
def login(path):
# define login form here
form = LoginForm(request.form)
# Flask message injected into the page, in case of any errors
msg = None
# custommize your page title / description here
page_title = 'Login - ipNX vCPE'
page_description = 'Online ipNX virtual Customer Premises Equipment.'
# check if both http method is POST and form is valid on submit
if form.validate_on_submit():
# assign form data to variables
username = request.form.get('username', '', type=str)
password = request.form.get('password', '', type=str)
# filter User out of database through username
user = User.query.filter_by(user=username).first()
if user:
if bcrypt.check_password_hash(user.password, password):
login_user(user)
return redirect(url_for('main.index'))
else:
msg = "Wrong password. Please try again."
else:
msg = "Unknown user. Check again and re-enter."
# try to match the pages defined in -> themes/light-bootstrap/pages/
return render_template('layouts/logindefault.html',
title=page_title,
content=render_template('pages/' + path,
form=form,
msg=msg))
def forgot_password():
""" No route, as this is triggered from the `login` view, if the user
presses the 'forgot password' button
"""
form = LoginForm(request.form)
form.validate_on_submit() # Trigger email validation
if form.email.errors:
form.password.errors = () # Ignore password field for forgot-password
else:
email = form.email.data
user = User.query.filter_by(email=email).first()
if user:
send_password_reset_email(user)
# Don't notify whether we found a user, to prevent fishing for valid
# email addresses
flash(_(
'An email has been sent with '
'instructions for resetting your password'
))
form = LoginForm() # Reset the form
return render_template('users/login.html', form=form)
def register():
form_r = RegistrationForm()
form_l = LoginForm()
if form_r.validate_on_submit():
user = User(username=form_r.username.data,
email=form_r.email.data,
password=form_r.password.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('controla.index'))
if form_l.validate_on_submit():
user = User.query.filter_by(email=form_l.email_l.data).first()
if user.check_password(
password=form_l.password_l.data) and user is not None:
login_user(user)
flash('Log in success!')
next = request.args.get('next')
if next == None or not next[0] == '/':
next = url_for('controla.index')
return redirect(next)
return render_template('register.html', form_r=form_r, form_l=form_l)
def login():
"""
Login form
"""
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if form.validate_on_submit():
#user = User.query.filter_by(email=form.email.data).first()
try:
user = User.objects.get(username=form.username.data)
# we use werzeug to validate user's password
if check_password_hash(user.password, form.password.data): #optional: bool(user)
# the session can't be modified as it's signed,
# it's a safe place to store the user id
session['user_id'] = str(user.id)
session['user'] = user.username
# user.current_user = True
# user.save()
#flash('Success! Welcome %s!' % user.name)
return redirect(url_for('home'))
except errors.DoesNotExist:
#raise#flash('Wrong email or password', 'error-message')
return render_template("users/login.html",
doesnt_exist=True,
form=form,
user=None)
return render_template("users/login.html", form=form, user=None)
def login():
if current_user.is_authenticated and login_fresh():
return redirect(url_for("main.home"))
form = LoginForm()
picture = generate_header_picture()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if not form.validate_email(form.email):
flash("Email does not exist. Please try again", "danger")
elif not bcrypt.check_password_hash(user.password, form.password.data):
flash("Incorrect password. Please try again", "danger")
else:
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
if next_page:
return redirect(next_page)
else:
return redirect(url_for("main.home"))
return render_template("login.html",
form=form,
picture=picture,
current_login_type="personal account",
needed_login_type="company")
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
login_user(user=user, remember=request.form.get("remember"))
return redirect(url_for('auth.profile'))
return render_template("auth/sign_in.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(
url_for('main.home')
) # Redirect to home page -- Prevent's already logged in user's from logging in again!
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first(
) # Look for user email in db, and store it as user
if user.blacklisted == True and user.chance == True: # Basically what this does: IF the user is on the BL, but he/she has ONE last chance to do some final processing ...
if user and bcrypt.check_password_hash(
user.password, form.password.data
): # If the provided email exists AND Password Hash matches with user input from the form
login_user(
user, remember=form.remember.data
) # The user is logged in for that session as normal!
next_page = request.args.get('next')
user.chance = False # We set this to False so that they can never log in AGAIN afterwards!!!!
db.session.commit() # commit changes into DB
flash('This is your Last chance to do some final processing!',
'danger')
return redirect(next_page) if next_page else redirect(
url_for('main.home')
) # And redirected to the home page, ONE LAST TIME!
else:
flash('Login Unsuccessful. Please check username and password',
'danger')
if user.blacklisted == True and user.chance == False:
flash(
'Login Unsuccessful. You have been black listed!', 'danger'
) # A black listed user with no chances can never log in again!
if user.blacklisted == False:
if user and bcrypt.check_password_hash(
user.password, form.password.data
): # If the provided email exists AND Password Hash matches with user input from the form
login_user(
user, remember=form.remember.data
) # login_user is part of flask_login, and like UserMixin it's really useful, it accepts two paramters, the user object, and the remember form data which is a boolean
next_page = request.args.get(
'next'
) # using .get prevents us from getting a null pointer exception
return redirect(next_page) if next_page else redirect(
url_for('main.home')
) # If the next page exists redirect to the next page, if it doesn't exist redirect to Home page
else:
flash(
'Login Unsuccessful. Please check username and password',
'danger'
) # For anyone wondering 'danger' is just a bootstrap class, it gives a red-ish/pink-ish hue for an error message
return render_template('login.html', title='Login', form=form)
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
flash('Welcome %s' %user.name)
return redirect(url_for('users.home'))
flash('Wrong email or password', 'error-message')
return render_template("users/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user)
flash('Welcome to Home Money!')
return redirect(url_for('users.index'))
flash('Wrong email or password', "error")
return render_template("login.html", form=form, title='Sign In')
def login():
form = LoginForm()
if form.validate_on_submit():
login_user(current_app.config['USERS'][form.username.data])
return (redirect(request.args.get('next')
or url_for(current_app.config['USERS_REDIRECT_LOGIN'])))
return render_template('users/login.html', form=form)
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
login_user(user, remember=form.remember.data)
return redirect(url_for('users.profile'))
flash('Wrong email or password', 'login-error')
return render_template("users/login.html", form=form)
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
flash('Welcome %s' % user.username)
return redirect(url_for('index'))
flash('Invalid credentials.')
return render_template('users/login.html', form=form)
def login():
if g.user is not None and g.user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = Users.query.filter_by(email=form.email.data).first()
login_user(user)
flash('Logged in successfully.', category='success')
return redirect(request.args.get('next') or url_for('index'))
return render_template('signin.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
login_user(current_app.config['USERS'][form.username.data])
return (redirect(
request.args.get('next')
or url_for(current_app.config['USERS_REDIRECT_LOGIN'])))
return render_template('users/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(name=form.name.data).first()
if user is not None and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
flash('Logged in successfully.')
next_page = form.next_page.data
return redirect(next_page or abort(HTTPStatus.BAD_REQUEST))
flash('Invalid email or password.')
return render_template('users/login.html', form=form)
def login():
login_form = LoginForm()
# import pdb; pdb.set_trace()
if login_form.validate_on_submit():
user = User.query.filter_by(email=login_form.email.data).first()
# import pdb; pdb.set_trace()
if user is not None and user.verify_password(login_form.password.data):
login_user(user, login_form.remember.data)
return redirect(request.args.get('next') or url_for('main.home'))
else:
flash('Invalid Username or Password')
return render_template('login.html', form=login_form)
def login_post():
if request.method == 'POST':
form = LoginForm(request.form)
if form.validate_on_submit():
user = db.session\
.query(User)\
.filter_by(user_name=form.user_name.data)\
.first()
if user is not None:
if User.decryptpassword(pwdhash=user.password_hash,
password=form.password_hash.data):
if user.locked == 0:
user.fails = 0
db.session.add(user)
db.session.commit()
login_user(user)
current_user.is_authenticated()
current_user.is_active()
return redirect(url_for('index'))
else:
return redirect(url_for('users.account_locked'))
else:
x = user.fails
y = x + 1
user.fails = y
db.session.add(user)
db.session.commit()
if int(user.fails) >= 5:
user.locked = 1
db.session.add(user)
db.session.commit()
return redirect(url_for('users.account_locked'))
else:
flash("Please retry user name or password.",
category="danger")
return redirect(url_for('users.login'))
else:
flash("Please retry user name or password", category="danger")
return redirect(url_for('users.login'))
else:
flash("Please retry user name or password.", category="danger")
return redirect(url_for('users.login'))
else:
flash("Incorrect form.", category="danger")
return redirect(url_for('index'))
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('users.home'))
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
flash('Welcome %s' % user.nickname)
login_user(user, False)
return redirect(request.args.get('next') or url_for('users.home'))
flash('Wrong email or password', 'error-message')
return render_template("users/login.html", form=form)
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('users.home'))
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
flash('Welcome %s' % user.nickname)
login_user(user, False)
return redirect(request.args.get('next') or url_for('users.home'))
flash('Wrong email or password', 'error-message')
return render_template("users/login.html", form=form)
def login():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('Home.show_home'))
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user and check_password_hash(user.password, form.password.data):
user.authenticated = True;
login_user(user);
return redirect(url_for('Home.show_home'))
flash('Wrong username or password', 'error-message')
return render_template("users/login.html", form=form)
def login():
login_form = LoginForm()
# import pdb; pdb.set_trace()
if login_form.validate_on_submit():
user = User.query.filter_by(email=login_form.email.data).first()
# import pdb; pdb.set_trace()
if user is not None and user.verify_password(login_form.password.data):
login_user(user, login_form.remember.data)
return redirect(request.args.get('next') or url_for('main.home'))
else:
flash('Login Unsuccessful. Please check email and password',
'danger')
return render_template('login.html', title='Login', form=login_form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form=LoginForm()
if form.validate_on_submit():
user=User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember=form.remember.data) #if the user checks the remember me box, then it'll be true, else false.
next_page=request.args.get('next') #if user checks profile without logging in.
return redirect(next_page) if next_page else redirect(url_for('main.home'))
else:
flash("Unsuccessful login",'danger')
return render_template('login.html',title='Login',form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(url_for('main.index'))
else:
flash('Login unsuccessful. Please check your email and password', 'danger')
return render_template('login.html', title='Login', form=form)
def login():
try:
if current_user.is_authenticated:
return redirect(url_for("main.home"))
form = LoginForm()
if form.validate_on_submit():
if access.login(form.username.data, form.password.data):
return redirect(url_for("main.home"))
else:
flash("Неправильный логин или пароль!", 'danger')
return render_template("authorisation.html", form=form)
except Exception as e:
print(e)
def login():
"""
Login form
"""
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
flash('Welcome %s' % user.name)
return redirect(url_for('users.home'))
flash('Wrong email or password', 'error-message')
return render_template("users/login.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('users.home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(url_for('users.home'))
flash('You have been logged in!', 'success')
else:
flash('login Unsuccessful. Please check your email and password', 'danger')
return render_template('user/login.html', form=form)
def login(db):
"""
Login form
:param db: SQLAlchemy database
"""
form = LoginForm(request.form)
if form.validate_on_submit():
user = db.session.query(User).filter(User.email == form.email.data).one()
if user and check_password_hash(user.password, form.password.data):
session["user_id"] = user.id
flash("Welcome %s" % user.name)
return redirect(url_for("users.home"))
flash("Wrong email or password", "error-message")
return render_template("users/login.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
login = LoginForm()
if login.validate_on_submit():
user_login = UserLogin.query.filter_by(
username=login.username.data).first()
if user_login and bcrypt.check_password_hash(user_login.password,
login.password.data):
login_user(user_login, remember=login.remember.data)
return redirect(url_for('main.index'))
else:
flash('Login unsuccessful', 'danger')
return render_template("login.html", login=login)
def login_view():
if g.user is not None and g.user.is_authenticated():
return redirect(url_for('main_flow.index'))
form = LoginForm()
openid = request.form.get('openid',None)
if form.validate_on_submit():
print "logging"
session['remember_me'] = form.remember_me.data
return oid.try_login(form.openid.data, ask_for = ['nickname', 'email','country','fullname','dob'])
return render_template('login.html',
title = 'Sign In',
form = form,
providers = app.config['OPENID_PROVIDERS'])
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and check_password_hash(user.password, form.password.data):
login_user(user)
flash('Logged in', 'success')
return redirect('/')
flash('Wrong email or password', 'danger')
return render_template('users/login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password,
form.password.data):
login_user(user)
return redirect(url_for('main.home'))
else:
flash('Login Unsuccessful. Please check username and password',
'danger')
return render_template('login.html', title='Login', form=form)
def login(token=None):
form = LoginForm()
if token:
token_manager = TokenManager(app)
invited_by_id, invited_id = \
token_manager.verify_token(token, expiration_in_seconds=app.config['INVITE_EXPIRATION_TIME'])
if invited_by_id is None or invited_id is None:
flash('Your invitation has expired. Please ask the person who '
'sent the invitation to send a new invitation')
else:
user = User.query.get(invited_id)
if user:
if user.email:
form.login.data = user.email
else:
form.login.data = user.mobile_phone
else:
flash('Your invitation has expired. Please ask the person who '
'sent the invitation to send a new invitation')
if form.validate_on_submit():
user = get_user_by_login(form.login.data)
if user and bcrypt.check_password_hash(user.password,
form.password.data):
if user.is_active:
login_user(user, remember=form.remember.data)
user.last_login = datetime.utcnow()
if user.login_count:
user.login_count += 1
else:
user.login_count = 1
flash(
'Please review your profile so that we can communicate with you effectively. Please ensure '
'that you choose either e-mail or sms as an communication method.'
)
db.session.commit()
next_url = request.args.get('next', None)
if next_url:
return redirect(next_url)
else:
return redirect(url_for('main.home'))
else:
flash(
'This account is not not active. If you want to reactivate you account, please click '
'<a href={}>here</a>'.format(
url_for('users.forgot_password', with_reset=1)),
'error')
else:
flash('Log in unsuccessful. Please check login and password.',
'error')
return render_template('login.html', form=form, forgot_password=True)
def login():
form = LoginForm()
if form.validate_on_submit():
# login and validate the user...
user = authenticate(request.form['username'], request.form['password'])
if user is not None:
login_user(user)
flash("Logged in successfully.")
return redirect(
request.args.get("next") or url_for("user_stats_page"))
else:
flash("Error.")
return render_template("users/user_login_page.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
try:
user = Users.objects(email=form.email.data).get()
if user.verify_password(form.password.data):
login_user(user,form.remember_me.data)
return redirect(request.args.get('next') or url_for('wall.list'))
else:
raise Exception('Not authorised')
except Exception as err:
flash('Invalid username or password!', category='alert-danger')
return render_template('users/login.html', pagetitle='Login',form=form,login=True)
def login():
"""
Let Flask-WTF validate the form. If success, we attempt to validate the
login, then redirect them to the home view
"""
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# Validate password with Flask-Bcrypt
if user and bcrypt.check_password_hash(user.password, BCRYPT_SECRET):
session['user_id'] = user.id
flash('Welcome %s' % user.name)
return redirect(url_for('users.home'))
flash('Wrong email or password', 'error-message')
return render_template("users/login.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email = form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember = form.remember.data)
next_page = request.args.get('next')
#redirect to the next page if it exists, else render home
#if there is not a next page, always render home
return redirect(next_page) if next_page else redirect(url_for('main.home'))
else:
flash(f'Login Unsuccesfull. Kindly recheck email and password.', 'danger')
return render_template('login.html', title = 'Login', form = form)
def login():
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and check_password_hash(user.password, form.password.data):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
session[SESSION_NAME_USER_ID] = user.id
flash('Welcome %s' % user.name)
return redirect(url_for('users.index'))
flash('Wrong email or password', 'error-message')
return render_template( 'users/login.html', form=form)
def login():
form = LoginForm(request.form)
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data, password=form.password.data).first()
if user:
session['user_id'] = user.id
flash("Welcome %s " % user.name)
return redirect(url_for("terms.terms_dash"))
flash("Wrong password or email", "error")
return render_template("users/login.html", form=form)
else:
flash("Verify the fields bellow", "error")
return render_template("users/login.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.telephones'))
login_form = LoginForm()
if login_form.validate_on_submit():
user = User.query.filter_by(username=login_form.username.data).first()
if user and bcrypt.check_password_hash(user.password, login_form.password.data):
login_user(user)
flash(f'Welcome {user.username}!', 'success')
next_page = request.args.get('next')
if next_page:
return redirect(next_page)
else:
return redirect(url_for('users.login'))
else:
flash('Login unsuccessful, please check your credentials!', 'danger')
return render_template('login.html', loginform=login_form)
def login():
"""Login view
:return:
"""
form = LoginForm()
if form.validate_on_submit():
print()
user = Users.check_identifier(form.identifier.data)
if not user:
flash("Your email or password doesn't match!", "error")
else:
if check_password_hash(user.password, form.password.data):
login_user(user)
flash("You've been logged in!", "success")
return redirect(url_for('index'))
else:
flash("Your identifier or password doesn't match!", "error")
return render_template('users/login.html', form=form)
def login():
"""
Login form
"""
if 'user_id' in session:
return redirect(url_for('users.home'))
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and check_password_hash(user.password, form.password.data):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
session['user_id'] = user.id
flash('Welcome back %s' % user.name, 'success')
return redirect(url_for('users.home'))
flash('Wrong email or password', 'error')
return render_template("users/login.html", form=form)
def login():
'''Login user after checking credentials, which are their email and password.'''
# If user is already logged in, redirect them to their profile.
if g.user is not None and g.user.is_authenticated:
return redirect(url_for('.user', nickname=g.user.nickname))
# Load login form, see if it's valid.
form = LoginForm()
if form.validate_on_submit():
email = form.email.data
password = form.password.data
remember = bool(form.remember.data)
user_query = User.query.filter_by(email=email,
password=password).first()
if user_query is None:
flash('Email or Password is invalid', 'error')
else:
login_user(user_query, remember=remember)
return redirect(request.args.get('next') or
url_for('.user', nickname=user_query.nickname))
# Render login form template
return render_template('users/login.html',
form=form)
def login():
"""
Login form
"""
if 'user_id' in session:
return redirect(url_for('users.home'))
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and check_password_hash(user.password, form.password.data):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
authorize(user)
flash(gettext(u'Welcome') + " " + user.name)
return redirect(url_for('users.home'))
flash(gettext(u'Wrong email or password'), 'error-message')
return render_template('users/login.html', form=form)
def login():
"""Handels user login"""
# get form
form = LoginForm(request.form)
if request.method == 'GET':
return render_template('users/login.html', form=form)
# verify the login form
if form.validate_on_submit():
registered_user = User.query.filter_by(email=form.email.data).first()
if ((registered_user is not None)
and check_password_hash(registered_user.password, form.password.data)):
# login user to system
login_user(registered_user, remember=form.remember_me.data)
registered_user.update_login_info()
return redirect(request.args.get('next') or url_for('simple_page.index'))
flash(gettext(u'Incorrect email or password'), 'danger')
return render_template('users/login.html', form=form)
def login():
"""
Login form
"""
form = LoginForm(request.form)
errors = []
# make sure data are valid, but doesn't validate password is right
if form.is_submitted():
is_validated = True
#validate email
if form.email.data.strip() == '':
is_validated = False
errors.append(gettext('Email is required'))
#validate valid email
match = re.search(r'^.+@([^.@][^@]+)$', form.email.data.strip())
if not match:
is_validated = False
errors.append(gettext('Invalid email address'))
if form.password.data.strip() == '':
is_validated = False
errors.append(gettext('Password field is required'))
if is_validated:
user = User.query.filter_by(email=form.email.data.lower()).first() # @UndefinedVariable
# we use werzeug to validate user's password
if user is None:
errors.append(gettext('Wrong email or password'))
return render_template("users/login.html", form=form, errors=errors)
elif user and not check_password_hash(user.password, form.password.data):
user.last_login_attempt = datetime.datetime.now()
user.login_attempts += 1
db.session.commit()
errors.append(gettext('Wrong email or password'))
return render_template("users/login.html", form=form, errors=errors)
elif user and check_password_hash(user.password, form.password.data) and user.banned == 1:
errors.append(gettext('The account was banned, please contact an admin for more information'))
return render_template("users/login.html", form=form, errors=errors)
elif user and check_password_hash(user.password, form.password.data) and user.banned == 2:
errors.append(gettext('The account is not activated, please check your email for verification. <a href="%(resend_activation_email)s">Resend activation email</a>', resend_activation_email=url_for('users.resend_activation_email', code=user.verification_code)))
return render_template("users/login.html", form=form, errors=errors)
elif user and check_password_hash(user.password, form.password.data):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
session['user_id'] = user.id
user.last_login = datetime.datetime.now()
user.last_login_attempt = None
user.login_attempts = 0
g.user = user
user_session = UserSession(user.id)
db.session.add(user_session)
db.session.commit()
response = make_response(redirect(url_for('users.own_profile')))
cookie_value = str(user.id) + '|' + user_session.token
response.set_cookie('session_id', cookie_value, expires=datetime.datetime.now() + datetime.timedelta(days=5), path='/')
return response
else:
return render_template("users/login.html", form=form, errors=errors)
return render_template("users/login.html", form=form, errors=[])
