def login(): if request.method == 'POST': user = request.form.to_dict() #incomplete data #incomplete data errors = {} user['username'] = user['username'].strip().lower() if len(user['username']) == 0: errors['username'] = '******'t be blank' if len(user['password']) == 0: errors['password'] = '******' user_found = db.users.find_one({ 'username': user['username'], 'password': user['password'] }) #username or password incorrect if not user_found: errors['not_valid'] = 'username or password is not valid' return render_template('login.html', user=user, errors=errors) user = UserMixin() user.username = user_found['username'] user.id = user_found['_id'].__str__() login_user(user) g.user = user return redirect(request.args.get("next") or url_for("index")) return render_template('login.html', user={'username': '', 'password': ''})
def connexion(): if request.method == 'GET': if current_user.is_anonymous: return render_template("connexion.html") else: return redirect(url_for('main')) elif request.method == 'POST': email = request.form['email'] password = request.form['password'] results = c.execute( "SELECT prenom, password FROM utilisateur WHERE email=?", (email, )).fetchone() if results: passwordEnBase = results[1] if sha256_crypt.verify(password, passwordEnBase): user = UserMixin() user.id = email user.prenom = results[0] login_user(user) return redirect(url_for('main')) else: flash( "Votre email et/ou votre mot de passe est incorrect. Veuillez les saisir à nouveau ", "danger") return render_template("connexion.html") else: flash( "Votre email et/ou votre mot de passe est incorrect. Veuillez les saisir à nouveau ", "danger") return render_template("connexion.html")
def login(): if current_user.is_authenticated: return redirect('/') try: if request.method == 'POST': email = request.form['email'] password = request.form['password'] if not (email and password): error="Empty field detected" return render_template('login.html',error=error) cursor=g.conn.execute("SELECT password FROM Users WHERE email='%s'"%email) real='' for result in cursor: real=result['password'] cursor.close() if real==password: cur_user = UserMixin() cur_user.id=email login_user(cur_user) print("login successfully") #_next=request.args.get('next') #print(_next) #if not next_is_valid(_next): # return abort(400) return redirect('/') else: error="Email and password don't match" return render_template('login.html',error=error) else: return render_template('login.html') except: return redirect('/login')
def get_user(user_id=None, username=None): global _users_data if not _users_data: _users_data = {} with open(os.path.join(const.DATA_DIR, "users.csv")) as f: user_dict = util.csv_to_array_of_dicts(f) for user in user_dict: new_user = UserMixin() new_user.id = user["id"] new_user.username = user["name"] new_user.password = user["password"] _users_data[new_user.get_id()] = new_user if user_id is None: for user in _users_data.values(): if user.username == username: return user if user_id in _users_data: return _users_data[user_id] else: return False
def register(): if request.method == 'POST': new_user = request.form.to_dict() #incomplete data errors = {} new_user['username'] = new_user['username'].strip().lower() if len(new_user['username']) == 0: errors['username'] = '******'t be blank' if len(new_user['password']) == 0: errors['password'] = '******' #user already registered if db.users.find_one({'username':new_user['username']}): errors['username'] = '******' % new_user['username'] if len(errors) > 0: return render_template('register.html', new_user=new_user, errors=errors) db.users.save(new_user) user = UserMixin() user.username = new_user['username'] user.id = new_user['_id'].__str__() login_user(user) return redirect(request.args.get("next") or url_for("index")) elif request.method == 'GET': return render_template('register.html', new_user= {'username':'', 'password':'', 'email':''})
def user_loader(login): db_manager = DbManager.Manager() if db_manager.get_user(login) is None: return user = UserMixin() user.id = login return user
def create_root(config): from flask_login import UserMixin import pickle root_user = UserMixin() root_user.id = 1 with open(config['ROOT_FILE'], 'wb') as f: pickle.dump(root_user, f)
def login(): if request.method == 'POST': user = request.form.to_dict() #incomplete data #incomplete data errors = {} user['username'] = user['username'].strip().lower() if len(user['username']) == 0: errors['username'] = '******'t be blank' if len(user['password']) == 0: errors['password'] = '******' user_found = db.users.find_one({'username':user['username'], 'password':user['password']}) #username or password incorrect if not user_found: errors['not_valid'] = 'username or password is not valid' return render_template('login.html', user = user, errors = errors) user = UserMixin() user.username = user_found['username'] user.id = user_found['_id'].__str__() login_user(user) g.user = user return redirect(request.args.get("next") or url_for("index")) return render_template('login.html', user= {'username':'', 'password':''})
def login(): if request.method == "GET": next_ = '/' if ("next" not in request.args) else request.args.get("next") params = { 'formAction': url_for("login_api.login"), 'next': next_ } return render_template("login.html", **params) # unpack the params dictionary, using its values as named parameters elif request.method == "POST": data = request.form password = str(data["password"]) username = str(data["username"]) next_ = str(data["next"]) # find the hashed password associated with the given username passwordHash = database.getPasswordHash(username) # error if there is no such username, or the password is incorrect if passwordHash == -1 or not util.checkHash(passwordHash, password): flash("Invalid username or password", "error") return redirect(url_for(".login")) userId = database.getUserByName(username)['id'] user = UserMixin() user.id = userId login_user(user) flash("Log in successful", "success") # don't render a template directly off of a POST request; redirect to a GET request, avoiding problems if the user manually reloads the page return redirect(next_)
def load_user(userid): #get the user 3 user_found = db.users.find_one({'_id': ObjectId(userid)}) user = UserMixin() user.username = user_found['username'] user.id = user_found['_id'].__str__() g.user = user return user
def load_user(user_id): userDansLaBase = c.execute("SELECT email, prenom, pro FROM utilisateur WHERE email=?", (user_id,)).fetchone() if userDansLaBase is None: return None user = UserMixin() user.id = user_id user.prenom = userDansLaBase[1] user.pro = userDansLaBase[2] return user
def user_loader(user_id): # user_id為表單資料的['user_id'] # user_loader是特殊method,雖然接受的是UserMixin() 但會自動取出其中的.id屬性 print("檢查登入狀態") user = UserMixin() user.id = user_id # 產生新的UserMixin()預設是沒有.id這個東西,但在自身的method中卻需要用到, 要補給他才會在current_user.id有紀錄 # user.is_anonymous 匿名用戶為T 登入用戶為 F # user.is_active 帳號啟用 且 登入成功 # user.get_id() == user.id # .is_authenticated是個T/F 這個是辨認有無登入的關鍵 為T時才可以使用@login_required method return user
def load_user(user_id): with db_connection.cursor() as cursor: cursor.execute('SELECT username FROM "user" WHERE username=%s', (user_id,)) entry = cursor.fetchone() if not entry: return None user = User() user.id = entry[0] return user
def login(): if request.method == 'GET': logged_in = 'true' if current_user.get_id( ) == ADMIN_USERNAME else 'false' return render_template('login.html', logged_in=logged_in) if request.form['username'] == ADMIN_USERNAME and request.form[ 'password'] == ADMIN_PASSWORD: user = UserMixin() user.id = request.form['username'] login_user(user) print(f'Logged in as {user.id}') return redirect('/browse.html') return render_template('login.html')
def load_user(editor_id): # looks for extra info in session, and updates the user object with that. # If session isn't loaded/valid, should return None if (not session.get('editor')) or (not session.get('api_token')): return None editor = session['editor'] token = session['api_token'] user = UserMixin() user.id = editor_id user.editor_id = editor_id user.username = editor['username'] user.is_admin = editor['is_admin'] user.token = token return user
def load_user(editor_id: str) -> UserMixin: # looks for extra info in session, and updates the user object with that. # If session isn't loaded/valid, should return None if (not session.get("editor")) or (not session.get("api_token")): return None editor = session["editor"] token = session["api_token"] user = UserMixin() user.id = editor_id user.editor_id = editor_id user.username = editor["username"] user.is_admin = editor["is_admin"] user.token = token return user
def login(): error = None user = UserMixin() user.id = "admin" #User[user] = 1 if request.method == 'POST': if request.form['username'] != 'admin' or request.form['password'] != '123': error = 'Invalid Credentials. Please try again.' else: #session['username'] = request.form['username'] #session.add(user) login_user(user) return redirect(url_for('home_page')) return render_template('login.html', error=error)
def verify(): print('try login') user_id = request.form['user_id'] # Flask.request if ((user_id in usersinfo['user_id']) and (request.form['password'] == users[usersinfo['user_id'].index(user_id)][1])): # 如果帳密符合資料庫內容 就產生一個UserMixin()紀錄Session 存取id user = UserMixin() user.id = user_id # 會將Session送到@login_manager.user_loader 將其激活 login_user(user) #需要@login_manager.user_loader來接收資料 print('驗證成功') return redirect(url_for('success')) # 這裡的from_start是指method名稱 else: return redirect(url_for('fail'))
def signup(): if flask.request.method == 'GET': if flask_login.current_user.is_authenticated: return flask.redirect(f'/users/{flask_login.current_user.id}') return flask.render_template('signup.html') else: error_flag, bday, bmonth, byear, email, first_name, last_name, password, re_password, username = \ validate_form_data() if error_flag: return flask.redirect(flask.request.referrer) with db_connection: with db_connection.cursor() as cursor: cursor.execute('SELECT username FROM "user" WHERE username=%s', (username,)) if cursor.fetchone(): flask.flash('Username already in use') return flask.redirect(flask.request.referrer) if password != re_password: flask.flash('Passwords don\'t match') return flask.redirect(flask.request.referrer) password_hash = hashlib.sha256(password.encode()).hexdigest() birth_date = datetime.date(int(byear), int(bmonth), int(bday)) # If this fails, it's a programming error and should be detected, the user will get an internal # server error cursor.execute('INSERT INTO' ' "user" (' ' username, ' ' password_hash, ' ' first_name, ' ' last_name, ' ' email, ' ' birth_date)' 'VALUES(%s, %s, %s, %s, %s, %s)', (username, password_hash, first_name, last_name, email, birth_date)) user = User() user.id = username flask_login.login_user(user) return flask.redirect(f'/users/{username}')
def login_view(): users = {'testteam': '123321a', 'dev': 'dev2016', 'admin': 'admin.com'} for k, v in request.args.iteritems(): print(k, v) result = None form = LoginForm() if form.validate_on_submit(): if form.user.data in users and form.password.data == users.get(form.user.data): user = UserMixin() user.id = form.user.data login_user(user=user, remember=True) flash(u"登录成功.") return redirect(request.args.get("next") or "/") else: result = u'登录失败,账号不存在或者密码错误' return render_template('home/login.html', form=form, result=result)
def login(): if request.method == 'GET': return render_template('login.html') else: email = request.form.get('email') password = request.form.get('password') print(email, password) SQL = """ SELECT password FROM `movie.users` WHERE email='%s' """ % (email) try: df = pandas_gbq.read_gbq(SQL) print('success') print(df) if len(df) > 0: if df.iloc[0].password == password: #print('iam here') cur_user = UserMixin() cur_user.id = email login_user(cur_user) session['user_email'] = email SQL = """ SELECT uid FROM `movie.users` WHERE email='%s' """ % (email) df = pandas_gbq.read_gbq(SQL) session['user_id'] = int(df.iloc[0].uid) session.permenant = True return redirect(url_for('index')) else: error = 'email or password is wrong, try again' return render_template('login.html', error=error) else: error = 'user does not exist' return render_template('login.html', error=error) except: error = 'something wrong try again' return render_template('login.html', error=error)
def register(): if request.method == 'POST': new_user = request.form.to_dict() #incomplete data errors = {} new_user['username'] = new_user['username'].strip().lower() if len(new_user['username']) == 0: errors['username'] = '******'t be blank' if len(new_user['password']) == 0: errors['password'] = '******' #user already registered if db.users.find_one({'username': new_user['username']}): errors[ 'username'] = '******' % new_user[ 'username'] if len(errors) > 0: return render_template('register.html', new_user=new_user, errors=errors) db.users.save(new_user) user = UserMixin() user.username = new_user['username'] user.id = new_user['_id'].__str__() login_user(user) return redirect(request.args.get("next") or url_for("index")) elif request.method == 'GET': return render_template('register.html', new_user={ 'username': '', 'password': '', 'email': '' })
def login(): if flask.request.method == 'GET': if flask_login.current_user.is_authenticated: return flask.redirect(f'/users/{flask_login.current_user.id}') return flask.render_template('login.html') else: username = flask.request.form['username'] password = flask.request.form['password'] with db_connection.cursor() as cursor: try: cursor.execute('SELECT username, password_hash FROM "user" WHERE username=%s', (username,)) except psycopg2.DatabaseError: flask.flash('Invalid credentials supplied') return flask.redirect(flask.request.referrer) entry = cursor.fetchone() if not entry: flask.flash('The specified user does not exist') return flask.redirect(flask.request.referrer) password_hash = hashlib.sha256(password.encode()).hexdigest() if password_hash == entry[1]: user = User() user.id = username flask_login.login_user(user) if username == 'admin': return flask.redirect('/admin') else: return flask.redirect(f'/users/{username}') else: flask.flash('Wrong password, contact the admin to implement "Forgot your password"') return flask.redirect(flask.request.referrer)
def signup(): if request.method == 'POST': uid=request.form['userid'] first=request.form['firstname'] last=request.form['lastname'] age=request.form['age'] gender=request.form['gender'] age=request.form['age'] email=request.form['email'] password=request.form['password'] if not (uid and first and last and age and gender and age and email and password): error="Empty fields detected" return render_template('login.html',error_signup=error) try: g.conn.execute("INSERT INTO Users VALUES ('%s','%s','%s','%s','%s','%s',%s)"%(email,last,first,gender,uid,password,age)) cur_user = UserMixin() cur_user.id=email login_user(cur_user) return redirect('/') except: error="Some fields failed" return render_template('login.html',error_signup=error) else: return redirect('login')
def login(): db_manager = DbManager.Manager() if current_user.is_authenticated: return redirect(url_for('store.download')) if request.method == 'GET': return render_template('login.html') login = request.form['login'] match = db_manager.check_validity( login, request.form['password'] ) if match: user = UserMixin() user.id = login login_user(user) return redirect(url_for('store.download')) return render_template( 'login.html', )
def load_user(user_id): users = {'testteam': '123321a', 'dev': 'dev2016', 'admin': 'admin.com'} if user_id in users: user = UserMixin() user.id = user_id return user
def load_user(user_id): user=UserMixin() user.id=user_id return user
def load_user(user_id): if user_id == app.config['ADMIN_LOGIN']: user = UserMixin() user.id = user_id return user return None
def signup(): if request.method == 'GET': return render_template('signup.html') else: email = request.form.get('email') first_name = request.form.get('first_name') last_name = request.form.get('last_name') gender = request.form.get('gender') age = request.form.get('age') password1 = request.form.get('password1') password2 = request.form.get('password2') print(type(email), first_name, last_name, gender, age) #查看是否有未填写 if not (email and first_name and last_name and gender and age and password1 and password2): error = "Empty fields detected" return render_template('signup.html', error_signup=error) #验证密码是否相等 if password1 != password2: return '2 passwords not matched' #'email'验证,是否被注册过 SQL1 = """ SELECT email FROM `movie.users` WHERE email='%s' """ % (email) SQL2 = """ SELECT uid FROM `movie.users` """ try: df1 = pandas_gbq.read_gbq(SQL1, project_id=g.project_id, credentials=g.credentials) df2 = pandas_gbq.read_gbq(SQL2, project_id=g.project_id, credentials=g.credentials) print('success') if len(df1) > 0: error = "email already exists, please change an email" print(error) return render_template('signup.html', error_signup=error) else: print('heloo') uid = df2.uid.unique().max() + 1 print('uid', uid) print('i am here') SQL3 = """ INSERT INTO movie.users VALUES (%d,'%s','%s','%s',%d,'%s','%s') """ % (int(uid), first_name, last_name, gender, int(age), email, password1) pandas_gbq.read_gbq(SQL3, project_id=g.project_id, credentials=g.credentials) print('success2') session['user_id'] = uid session['user_email'] = email cur_user = UserMixin() cur_user.id = email login_user(cur_user) #注册成功,跳转到登陆页面 return redirect(url_for('index')) except: error = "Some fields failed" return render_template('signup.html', error_signup=error)
def get_user(user_id): user = UserMixin() user.id = user_id user.is_authenticated = lambda: user.id in app.config['ALLOWED_USERS'] return user
def load_user(username): userId = database.getUser(username)['id'] user = UserMixin() user.id = userId return user