def verify_password(email_or_token, password): user_id = User.verify_auth_token(email_or_token) if user_id: user = session.query(User).filter_by(id=user_id).first() else: user = session.query(User).filter_by(email=email_or_token).first() if not user or not user.check_pw(password): return False g.user = user return True
def verify_password(username_or_token, password): # Try to see if it's a token first user_id = User.verify_auth_token(username_or_token) if user_id: user = session.query(User).filter_by(id=user_id).one() else: user = session.query(User).filter_by(email=username_or_token).first() if not user or not user.verify_password(password): return False g.user = user return True
def verify_password(email_or_token, password): user_id = User.verify_auth_token(email_or_token) if user_id: user = session.query(User).filter_by(id=user_id).one() else: user = session.query(User).filter_by(email=email_or_token).first() if not user or not user.verify_password(password): return False login_session['email'] = user.email login_session['id'] = user.id login_session['name'] = user.name return True
def verify_password(email_or_token, password): session = databaseConnection() # Try to see if it's a token first user_id = User.verify_auth_token(email_or_token) if user_id: user = session.query(User).filter_by(id=user_id).one() else: user = session.query(User).filter_by(email=email_or_token).first() if not user or not user.verify_password(password): return False g.user = user return True
def verify_password(username_or_token, password): DBSession = sessionmaker(bind=engine) session = DBSession() #Try to see if it's a token first user_id = User.verify_auth_token(username_or_token) if user_id: user = session.query(User).filter_by(id = user_id).one() else: user = session.query(User).filter_by(username = username_or_token).first() if not user or not user.verify_password(password): return False g.user = user return True
def landingPage(): """landing page displays items recently added to the db""" user = None # if a user is logged in, then 'token' will be in login session if 'token' in login_session: # verify the user user = User.verify_auth_token(login_session['token']) recentItems = session.query(Item).order_by(Item.id.desc())[0:8] # get categories for sidebar categories = session.query(Category).all() # pass the user parameter to determine if 'add new item' and 'signout' # button is shown return render_template('landing.html', recentItems=recentItems, user=user, categories=categories, CLIENT_ID=CLIENT_ID)
def showCategory(category): """displays the items listed under a specific category""" # if a user is logged in, then 'token' will be in login session user = None if 'token' in login_session: # verify the user user = User.verify_auth_token(login_session['token']) cat_id = session.query(Category).filter_by(name=category).first().id items = session.query(Item).filter_by(cat_id=cat_id).all() # get categories for sidebar categories = session.query(Category).all() # pass the user parameter to determine if 'signout' button is shown return render_template("category.html", items=items, category=category, categories=categories, user=user, CLIENT_ID=CLIENT_ID)
def verify_password(username_or_token, password): if request.method == "GET": return True session = DBSession() user_id = User.verify_auth_token(username_or_token) if user_id: user = session.query(User).filter_by(id=user_id).first() else: user = session.query(User).filter_by(name=username_or_token).first() if not user or not user.verify_password(password): return False login_session["userId"] = user.id login_session["admin"] = user.admin session.close() return True
def exchageToken(): client_id = request.args.getlist('client_id') client_secret = request.args.getlist('client_secret') code = request.args.getlist('code') grant_type = request.args.getlist('grant_type') if grant_type == authorization_code: user_id = User.verify_auth_token(code) if user_id: user = session.query(User).filter_by(id=user_id).one() token = user.generate_access_token() #update the db with this token # Return Below JSON Objcet # { # token_type: "bearer", # access_token: "ACCESS_TOKEN", # refresh_token: "REFRESH_TOKEN" # } else: return False return True
def verify_password(email, password): """ Verify password or login token for JSON requests Args: email (string) password (string) Returns: True if verification ok, else false """ user_id = User.verify_auth_token(email) if user_id: user = session.query(User).filter_by(id=user_id).one_or_none() else: user = session.query(User).filter_by(email=email).first() if not user or not user.verify_password(password): return False if user: g.user = user return True else: return False
def showItem(category, itemTitle): """shows the profile of a specific item""" user = None # if a user is logged in, then 'token' will be in login session if 'token' in login_session: user = User.verify_auth_token(login_session['token']) cat_id = session.query(Category).filter_by(name=category).first().id item = session.query(Item).filter_by( cat_id=cat_id, title=itemTitle).first() # if there is a user, check if they're the item's creator (Authorization) if user: # if item's credentials do not match up with user's, prevent editing if item.creator_id != login_session['userid']: user = None flash("Not authorized to edit or delete this item.") # pass the user parameter to determine if 'edit', 'delete', and 'signout' # button is shown return render_template("item.html", item=item, user=user, CLIENT_ID=CLIENT_ID)