def signin(): error = None if request.method == 'POST': email = request.form['email'] name = request.form['name'] password = request.form['password'] password1 = request.form['password1'] if (password != password1): flash('两次输入的密码不一致') return render_template('signin.html') if not check_the_password(password): flash('密码不符合要求,密码长度应该在4到25之间并不能仅为数字') return render_template('signin.html') if not check_the_email(email): flash('邮箱格式错误') return render_template('signin.html') check_email = User.query.filter(User.email == email).first() if check_email: flash('邮箱已被注册>_<') else: flash('已经发送邮件到你的邮箱,请立刻激活帐号') new_user = User(name, email, password) session['unconfirm'] = True session['user_email'] = new_user.email db_session.add(new_user) db_session.commit() """ send_email_for_confirm(email, new_user.email, new_user.reg_time, new_user.confirm) """ return redirect(url_for('signined')) return render_template('signin.html')
def createUser(login_session): newUser = User(name=login_session['username'], email=login_session['email'], picture=login_session['picture']) session.add(newUser) session.commit() user = session.query(User).filter_by(email=login_session['email']).one() return user.id
def setUp(self): application.app_context().push() application.config['TESTING'] = True application.config['WTF_CSRF_ENABLED'] = True application.config['DEBUG'] = False # using test database application.config['SQLALCHEMY_DATABASE_URI'] = TEST_DB self.client = application.test_client() db.drop_all() db.create_all() # create a testing user db.session.add(User('*****@*****.**', 'testing', '123456')) db.session.commit() self.assertEqual(application.debug, False)
def signup(): form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data, username=form.username.data, password=form.password.data) try: form.check_email(form.email, form.username) flash("Thank for registration!") except validators.ValidationError as e: flash(str(e)) return redirect(url_for('signup')) db.session.add(user) db.session.commit() return redirect(url_for('login')) return render_template('signup.html', form=form)
def setUp(self): application.app_context().push() application.config['TESTING'] = True application.config['WTF_CSRF_ENABLED'] = True application.config['DEBUG'] = False # using test database application.config['SQLALCHEMY_DATABASE_URI'] = TEST_DB self.client = application.test_client() db.drop_all() db.create_all() # create a testing user and testing dogs db.session.add(User('*****@*****.**', 'testing', '123456')) db.session.add(Dogs(1, "testDog1", "Male", "Adult", "http/pic")) db.session.add(Dogs(2, "testDog2", "Male", "Adult", "http/pic")) db.session.commit() user = User.query.filter_by(email='*****@*****.**').first() #login_user(user) user_id = user.id db.session.add(Favorites(1, 2)) db.session.add(Favorites(1, 1)) db.session.commit() self.assertEqual(application.debug, False)
# declaratives can be accessed through a DBSession instance Base.metadata.bind = engine DBSession = sessionmaker(bind=engine) # A DBSession() instance establishes all conversations with the database # and represents a "staging zone" for all the objects loaded into the # database session object. Any change made against the objects in the # session won't be persisted into the database until you call # session.commit(). If you're not happy about the changes, you can # revert all of them back to the last commit by calling # session.rollback() session = DBSession() # Add 1 user user1 = User(name="Oliver", email="*****@*****.**", picture="") session.add(user1) session.commit() category1 = MusicCategory(name="Rock", description="broad genre of popular music that originated as 'rock and roll' in the United " "States in the early 1950s, and developed into a range of different styles in " "the 1960s") session.add(category1) session.commit() song1 = Song(name="Chop Suey", band="System of a down", lyrics="Wake up \ Grab a brush and put a little (makeup)\
def login(provider): """Logs in the user with the given provider. Args: provider as string (currently only supports 'google') Stores the user info in the session.""" # Parse the auth code auth_code = request.data if provider == 'google': # Exchange for a token try: # Upgrade the authorization code into a credentials object oauth_flow = \ flow_from_clientsecrets(json_url, scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(auth_code) except FlowExchangeError: response = \ make_response( json.dumps('Failed to upgrade the authorization code.'), 401 ) response.headers['Content-Type'] = 'application/json' return response # Check that the access token is valid. access_token = credentials.access_token url = \ ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' # # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: response = \ make_response( json.dumps("Token's user ID doesn't match given user ID."), 401 ) response.headers['Content-Type'] = 'application/json' return response # # Verify that the access token is valid for this app. if result['issued_to'] != CLIENT_ID: response = \ make_response( json.dumps("Token's client ID does not match app's."), 401 ) response.headers['Content-Type'] = 'application/json' return response stored_credentials = session.get('access_token') stored_gplus_id = session.get('gplus_id') if stored_credentials is not None and gplus_id == stored_gplus_id: response = \ make_response( json.dumps('Current user is already connected.'), 200 ) response.headers['Content-Type'] = 'application/json' return response # store the credentials session['access_token'] = access_token session['gplus_id'] = gplus_id # Find User or make a new one # Get user info userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} answer = requests.get(userinfo_url, params=params) data = answer.json() name = data['name'] picture = data['picture'] email = data['email'] # store user info session['username'] = name session['email'] = email session['picture'] = picture # see if user exists, if it doesn't make a new one user = db.session.query(User).filter_by(email=email).first() if not user: user = User(username=name, picture=picture, email=email) db.session.add(user) db.session.commit() session['user_id'] = user.id # Make token - not really using this for anything anymore (since I # couldn't figure out how to store it token = user.generate_auth_token(600) # request.headers['WWW-Authenticate'] = token # user.token = token.decode('ascii') # db.session.commit() # Send back token to the client flash('You are now logged in as ' + name, 'success') return jsonify({'token': token.decode('ascii')}) else: return 'Unrecognized Provider'