def post(self): args = self.parser.parse_args() username = args.get('userName') password = args.get('password') user = User.query.filter_by( username=username ).first() # return 'hello' if user and user.check_password(password): login_user(user) identity_changed.send( current_app._get_current_object(), identity=Identity(user.id) ) return {'token': user.generate_auth_token().decode('ascii'), 'msg': '登录成功!'} else: return {'msg': '密码或用户名不正确!!!!'}, 401
def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash('Invalid username or password') return redirect(url_for('login')) login_user(user, remember=form.remember_me.data) # Testing Principal identity - change identity identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) # End test next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index') return redirect(next_page) return render_template('login.html', title='Sign In', form=form)
def login(): username = request.form.get('user') password = request.form.get('pwd') if request.form.get('rmb') is None: remember = False else: remember = True user = users.query.filter_by(username=username).first() if not user: return render_template('new_login.html', error=u"用户不存在") if not user.check_password(password): return render_template('new_login.html', error=u"密码不匹配") login_user(user, remember=remember) identity_changed.send( current_app._get_current_object(), identity=Identity(user.username) ) return redirect(url_for('stock.home', usersname=user.username))
def login(): """ Login route: 1. authenticate the user 2. login_user """ email = request.form.get('email') password = request.form.get('password') remember = request.form.get('remember', False) user = authenticate_user(email, password) login_user(user, remember) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return jsonify(user_schema.dump(user))
def _check_token(): header_key = _security.token_authentication_header args_key = _security.token_authentication_key header_token = request.headers.get(header_key, None) token = request.args.get(args_key, header_token) if request.get_json(silent=True): if not isinstance(request.json, list): token = request.json.get(args_key, token) user = _security.login_manager.token_callback(token) if user and user.is_authenticated: app = current_app._get_current_object() _request_ctx_stack.top.user = user identity_changed.send(app, identity=Identity(user.id)) return True return False
def login(): if request.method == 'POST': username = request.form.get('username') password = request.form.get('password') remember = request.form.get('remember-me') user = User.query.filter_by(username=username).first() if user: if user.check_password(password): login_user(user, remember=remember) identity_changed.send( current_app._get_current_object(), identity=Identity(user.id) ) flash(u'登录成功。', category='success') return redirect(url_for('index')) flash(u'用户名和密码不匹配。', category='error') return render_template('login_user.html')
def login(): data = utils.get_request_data() try: user = models.User.objects.get(username=data["username"]) except models.User.DoesNotExist: user = None if not user or not user.verify_password(data["password"]): raise exception_handler.Unauthorized( "username or password does not match") success = login_user(user, data["remember_me"], True) user.last_login = datetime.datetime.now() user.save() identity_changed.send(current_app._get_current_object(), identity=Identity(user.username)) return utils.make_json_response(200, user.to_dict())
def reload_app(server_hostname): # Close any existing connection. close_db_filter(None) # Reload the database config. app.config['SERVER_HOSTNAME'] = server_hostname[len('http://'):] configure(app.config) # Reload random after the process split, as it cannot be used uninitialized across forks. Random.atfork() # Required for anonymous calls to not exception. g.identity = Identity(None, 'none') if os.environ.get('DEBUGLOG') == 'true': logging.config.fileConfig(logfile_path(debug=True), disable_existing_loggers=False) return 'OK'
def login(): if current_user.is_authenticated: return redirect(request.args.get('next') or url_for('portal.index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(name=form.username.data).first() password = form.password.data if user is not None and user.verify_password(password): login_user(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return redirect( request.args.get('next') or url_for('portal.index')) else: flash(u'用户名或密码错误。') return render_template('auth/login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('choices')) form = LoginForm() if form.validate_on_submit(): Employee = employee.query.filter_by(username=form.username.data).first() if Employee.verified == False: flash("Id is not yet approved by admin, please contact Brandon/Ken","danger") return redirect(url_for('home')) elif Employee and bcrypt.check_password_hash(Employee.password, form.password.data): login_user(Employee, remember=form.remember.data) identity_changed.send(current_app._get_current_object(), identity=Identity(Employee.employeeID)) return redirect(url_for('front')) else: flash('Login Unsuccessful. Please confirm password', 'danger') return render_template('signin.html', form=form)
def request_reissue(certificate, commit): """ Reissuing certificate and handles any exceptions. :param certificate: :param commit: :return: """ # set the lemur identity for all cli commands identity_changed.send(current_app._get_current_object(), identity=Identity(1)) details = get_certificate_primitives(certificate) print_certificate_details(details) if commit: new_cert = reissue_certificate(certificate, replace=True) metrics.send('certificate_reissue_success', 'counter', 1) print("[+] New certificate named: {0}".format(new_cert.name))
def login(): form = forms.LoginForm() if form.validate_on_submit(): try: user = models.User.objects.get(username=form.username.data) except models.User.DoesNotExist: user = None if user and user.verify_password(form.password.data): login_user(user, form.remember_me.data) user.last_login = datetime.datetime.now user.save() identity_changed.send(current_app._get_current_object(), identity=Identity(user.username)) return redirect(request.args.get('next') or url_for('blog_admin.index')) flash('Invalid username or password', 'danger') return render_template('accounts/login.html', form=form)
def login(): data = request.values if hasattr(request, "json") and request.json: data = request.json if octoprint.server.userManager.enabled and "user" in data and "pass" in data: username = data["user"] password = data["pass"] if "remember" in data and data["remember"] in valid_boolean_trues: remember = True else: remember = False if "usersession.id" in session: _logout(current_user) user = octoprint.server.userManager.findUser(username) if user is not None: if octoprint.server.userManager.checkPassword(username, password): if not user.is_active(): return make_response(("Your account is deactivated", 403, [])) if octoprint.server.userManager.enabled: user = octoprint.server.userManager.login_user(user) session["usersession.id"] = user.session g.user = user login_user(user, remember=remember) identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id())) remote_addr = get_remote_address(request) logging.getLogger(__name__).info("Actively logging in user {} from {}".format(user.get_id(), remote_addr)) response = user.asDict() response["_is_external_client"] = s().getBoolean(["server", "ipCheck", "enabled"]) \ and not util_net.is_lan_address(remote_addr, additional_private=s().get(["server", "ipCheck", "trustedSubnets"])) return jsonify(response) return make_response(("User unknown or password incorrect", 401, [])) elif "passive" in data: return passive_login() return NO_CONTENT
def decorated_function(*args, **kwargs): if not request.headers.get('Authorization'): response = jsonify(message='Missing authorization header') response.status_code = 401 return response try: token = request.headers.get('Authorization').split()[1] except Exception as e: return dict(message='Token is invalid'), 403 try: payload = jwt.decode(token, current_app.config['LEMUR_TOKEN_SECRET']) except jwt.DecodeError: return dict(message='Token is invalid'), 403 except jwt.ExpiredSignatureError: return dict(message='Token has expired'), 403 except jwt.InvalidTokenError: return dict(message='Token is invalid'), 403 if 'aid' in payload: access_key = api_key_service.get(payload['aid']) if access_key.revoked: return dict(message='Token has been revoked'), 403 if access_key.ttl != -1: current_time = datetime.utcnow() expired_time = datetime.fromtimestamp(access_key.issued_at + access_key.ttl) if current_time >= expired_time: return dict(message='Token has expired'), 403 user = user_service.get(payload['sub']) if not user.active: return dict(message='User is not currently active'), 403 g.current_user = user if not g.current_user: return dict(message='You are not logged in'), 403 # Tell Flask-Principal the identity changed identity_changed.send(current_app._get_current_object(), identity=Identity(g.current_user.id)) return f(*args, **kwargs)
def example_data(base_app): """Create a collection of example records, datasets and DMPs.""" records = [] rec_dir = os.path.join(os.path.dirname(__file__), "data", "records") service = BibliographicRecordService() identity = Identity(1) identity.provides.add(any_user) # create some records from the example data for fn in sorted(f for f in os.listdir(rec_dir) if f.endswith(".json")): ffn = os.path.join(rec_dir, fn) with open(ffn, "r") as rec_file: data = json.load(rec_file) rec = service.create(identity, data) records.append(rec._record) # create some datasets datasets = [] for i in range(7): ds_id = "dataset-%s" % (i + 1) rec = records[i] rec_pid = rec.pid ds = Dataset.create(ds_id, rec_pid) datasets.append(ds) unused_records = records[7:] # create some DMPs dss = datasets dmp1 = DataManagementPlan.create("dmp-1", [dss[0]]) dmp2 = DataManagementPlan.create("dmp-2", [dss[0], dss[1], dss[2]]) dmp3 = DataManagementPlan.create("dmp-3", [dss[2], dss[3]]) dmp4 = DataManagementPlan.create("dmp-4", [dss[4], dss[5]]) unused_datasets = [dss[6]] used_datasets = datasets[:6] return { "records": records, "unused_records": unused_records, "datasets": datasets, "used_datasets": used_datasets, "unused_datasets": unused_datasets, "dmps": [dmp1, dmp2, dmp3, dmp4], }
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] user = User.get_one_user(username, password) if username == '': flash('请输入用户名') return render_template('login.html') elif password == '': flash('请输入密码') return render_template('login.html') elif user is not None: login_user(user, remember=True) identity_changed.send(current_app._get_current_object(), identity=Identity(user.user_id)) return redirect(url_for('main.pagecs')) else: flash('用户名或密码不正确') return render_template('login.html')
def get_identity(permission_name: str = "any_user", role_name: str = None): """Get an identity to perform tasks. Default permission is "any_user" """ identity = Identity(0) permission = any_user if permission_name == "system_process": permission = system_process if role_name: role = current_accounts.datastore.find_role(role_name) if role: identity.provides.add(RoleNeed(role_name)) else: raise Exception(f"Role {role_name} does not exist") identity.provides.add(permission) return identity
def reset_password(): """GET /reset-password: choose new password """ # get password-reset entry f = (PasswordResetRequest.key == request.args.get('key'), User.email == request.args.get('email')) r = PasswordResetRequest\ .query\ .filter(*f)\ .filter(PasswordResetRequest.fk_user == User.id)\ .first() # return error response if link doesn't exist or wrong email if r == None or r.user.email != request.args['email']: return render_template('/auth/reset-password-error.html'), 400 # expired if older than 1 day delta = datetime.datetime.utcnow() - r.create_ts if delta.days > 0: db.session.delete(r) db.session.flush() return render_template('/auth/reset-password-error.html'), 400 # handle form form = ResetPasswordForm() if form.validate_on_submit(): # save new password u = r.user u.password = generate_password_hash(form.password.data) db.session.add(u) # login user login_user(u, remember=True) identity_changed.send(current_app._get_current_object(), identity=Identity(u.id)) # delete password reset db.session.delete(r) db.session.flush() return render_template('/auth/reset-password-followup.html') return render_template('/auth/reset-password.html', form=form)
def login(): # if the user is already logged in redirect to homepage. if g.user is not None and g.user.is_authenticated: return redirect(url_for('flicket_bp.index')) # load the LogInForm from forms.py form = LogInForm() if form.validate_on_submit(): user = FlicketUser.query.filter_by(username=form.username.data).first() session['remember_me'] = form.remember_me.data identity_changed.send(app, identity=Identity(user.id)) login_user(user) # set the user token, authentication token is required for api use. user.get_token() db.session.commit() flash(gettext('You were logged in successfully.'), category='success') return redirect(url_for('flicket_bp.index')) return render_template('login.html', title='Log In', form=form)
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] check = request.form.get('check') user = User.query.filter_by(username=username).first() if user and user.check_password_hash(password): if check: login_user(user,remember=True) else: login_user(user) #登录时的身份变化 identity_changed.send( current_app._get_current_object(), identity=Identity(user.id)) return redirect(url_for('main.index')) else: flash("账户或密码错误!") return render_template('login.html')
def user_signup(): form = RegistrationForm(request.form) if not current_user.is_anonymous: if form.type.data == 'json': return jsonify({'result': 'error', 'message': 'Already logged!'}) return render_template( 'user/logout.html', title='Logout', name=current_user.name, next=url_for('user_signup'), ) if request.method == 'POST': if form.validate(): user = User( email=form.email.data, name=form.name.data, password=form.password.data, ) db.session.add(user) db.session.commit() login_user(form.user, remember=form.remember.data) identity_changed.send(app, identity=Identity(form.user.id)) if form.type.data == 'json': return jsonify({'result': 'ok'}) flash('Thank you for registering!') return redirect(get_next()) else: if form.type.data == 'json': return jsonify({'result': 'error', 'message': 'Invalid data!'}) return render_template( 'user/signup.html', title='Registering new user', form=form, next=get_next(), )
def validate_pin(): pin = request.values["pin"] if pin: user = octoprint.server.userManager.getLoggedUser() if user: if user.check_pin(pin): #log the use in login_user(user, remember=False) identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id())) return OK else: return make_response(("Invalid PIN", 401, [])) return make_response(("No logged user", 403, [])) return make_response(("Invalid data", 400, []))
def dummy_login(): if request.method == 'GET': return render_template('login.html') else: user = User.query.filter_by(username=request.form['username']).first() if user is None: flash("Given username doesn't exist!", 'danger') return render_template('login.html') elif validate_password(user, request.form['password']): log_user = LoginUser(user.username, user.permission) login_user(log_user) identity_changed.send(app, identity=Identity(current_user.id)) flash("User successfully logged", 'success') return redirect(url_for('home')) else: flash("Username/Password combination doesn't match!", 'danger') return render_template('login.html')
def auth(): #定义了用户,真正开发此功能,可以把用户从数据库中取出,改变其中的某个状态,赋给功能 #字段中的role表示的是权限,特征就是角色\职位 userinfo = {"name": "lili", "roles": "admin"} #用户登陆了,必然session中会有数据.flask-principal根据session来工作. #把用户的数据写在了session中 session["userinfo"] = userinfo #把当前用户的权限通知给Principal,又由于Principal把app作为参数使用 #就相当于通知了当前的应用当前用户的状态,这个方法必须要有的通知. #identity_changed表示身份的变更,用send方法发送给当前的app #flask可以获取当前app,flask里有current_app表示的就是当前app #current_app._get_current_object功能是把当前的app作为对象拿出 #参数identity表示的就是身份 #下面这句话的功能,就是通知当前app有一种身份用户登录了系统,这种人身份名字是lili identity_changed.send(current_app._get_current_object(), identity=Identity(userinfo["name"])) #加一个提示信息, 表示执行了这个内容 return "login"
def login(): if current_user.is_authenticated: return redirect(url_for('auth.account')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash('Invalid username or password', 'warning') return redirect(url_for('auth.login')) flash('Successful login.', 'info') login_user(user, remember=form.remember_me.data) next = request.args.get('next') if not is_safe_url(next): return abort(400) if user.role == 'admin': identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return redirect(next or url_for('main.index')) return render_template('auth/login.html', title='Sign In', form=form)
def _check_token(): print('Flask security - decorators - _check_token') print('request', request) #help(request.__str__) #help(_security.login_manager) print(request.headers) #print('ha l\'attributo _request_callback',hasattr(_security.login_manager, "_request_callback")) #print('ha l\'attributo request_callback',hasattr(_security.login_manager, "request_callback")) user = _security.login_manager._request_callback(request) print('user', user, 'is_authenticated', user.is_authenticated) if user and user.is_authenticated: app = current_app._get_current_object() _request_ctx_stack.top.user = user identity_changed.send(app, identity=Identity(user.id)) return True return False
def _check_token(): # N.B. this isn't great Flask-Login 0.5.0 made this protected # Issue https://github.com/maxcountryman/flask-login/issues/471 # was filed to restore public access. We want to call this via # login_manager in case someone has overridden the login_manager which we # allow. if hasattr(_security.login_manager, "request_callback"): # Pre 0.5.0 user = _security.login_manager.request_callback(request) else: user = _security.login_manager._request_callback(request) if user and user.is_authenticated: app = current_app._get_current_object() _request_ctx_stack.top.user = user identity_changed.send(app, identity=Identity(user.fs_uniquifier)) return True return False
def request_reissue(certificate, commit): """ Reissuing certificate and handles any exceptions. :param certificate: :param commit: :return: """ status = FAILURE_METRIC_STATUS try: print("[+] {0} is eligible for re-issuance".format(certificate.name)) # set the lemur identity for all cli commands identity_changed.send(current_app._get_current_object(), identity=Identity(1)) details = get_certificate_primitives(certificate) print_certificate_details(details) if commit: new_cert = reissue_certificate(certificate, replace=True) print("[+] New certificate named: {0}".format(new_cert.name)) status = SUCCESS_METRIC_STATUS except Exception as e: sentry.captureException( extra={"certificate_name": str(certificate.name)}) current_app.logger.exception( f"Error reissuing certificate: {certificate.name}", exc_info=True) print( f"[!] Failed to reissue certificate: {certificate.name}. Reason: {e}" ) metrics.send( "certificate_reissue", "counter", 1, metric_tags={ "status": status, "certificate": certificate.name }, )
def login(): login_form = UserLogin() register_form = UserRegistration() if login_form.validate_on_submit(): username = login_form.username.data password = login_form.password.data remember_me = login_form.remember_me.data user = User.query.filter(func.lower(User.username) == func.lower(username)).first() if login_user(user, remember_me): flash("You were logged in.", "success") if user.invitations.count(): markup = f'You have {user.invitations.count()} team invitations' markup += f'- click <a href="{url_for("invitations")}">here</a> to view them.' flash(Markup(markup), "info") # Tell Flask-Principal the identity changed identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) return redirect(request.args.get("next") or url_for('index')) else: flash("Login failed, user not validated", "error") return redirect(url_for("verify_status", username=username)) elif register_form.validate_on_submit(): username = register_form.username.data.strip() password = register_form.password.data email = register_form.email.data new_user = User(username, password, email) body = render_template("emails/account/verification.txt", recipient=new_user, email_changed=False) mail.send_message(subject=f"Welcome to {app.config['LONG_NAME']}, {username}", recipients=[new_user.email], body=body) db.session.add(new_user) db.session.commit() flash("Your account has been created, confirm your email to verify.", "success") return redirect(url_for('verify_status', username=username)) return render_template('account/login.html', login_form=login_form, register_form=register_form)
def login(): if current_user.is_authenticated: return redirect(url_for('.get_reports')) if request.method == 'POST': username = request.form.get('username', '') password = request.form.get('password', '') try: user = User.get(login=username) if user is None: raise ValueError except ValueError: current_app.logger.warning( f'пользователь с именем {username} не существует') flash('пользователь не существует') return render_template('login.html', r=request) try: User.try_login(user.dn, password) except ldap.INVALID_CREDENTIALS: flash('неверный логин или пароль') return render_template('login.html', r=request) except ldap.SERVER_DOWN: current_app.logger.error(f'Error connect to LDAP', exc_info=True) flash('невозможно связаться с сервером LDAP для авторизации') return render_template('login.html', r=request) if user: login_user(user) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) try: db_log_user(user.id, request.path) except Exception as e: current_app.logger.error( f'Error writing user logon to DB : {user.login}, url: {request.path}', exc_info=True) return redirect( request.args.get('next') or url_for('.get_reports')) else: flash('пользователь не существует') return render_template('login.html', r=request) return render_template('login.html', r=request)