def login():
# forget any user_id
session.clear()
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
# Ensure username or password was submitted
if not username or not password:
flash('Input valid username or password')
return render_template("login.html")
# check if user exists in table
if count_user(username) != 1 or check_password(username,
password) == False:
flash('Invalid username or password')
return render_template("/login.html")
# Query database for username
userid = get_userid(username, password)
# Remember which user has logged in
session["user_id"] = userid
# Redirect user to home page
return redirect("/")
else:
return render_template("login.html")
def login():
if request.method == 'GET':
return render_template('users/login.html',
mlh_oauth_url=helpers.mlh_oauth_url())
# handle login POST logic
email = request.form.get('email')
password = request.form.get('password')
if not email or not password:
flash('Please fill out the required fields!', 'error')
return redirect(
request.url
) # redirect to original url to prevent loss of possible url parameters
user = User.query.filter_by(email=email).first()
if user is None:
flash(
"We couldn't find an account related with this email. Please verify the email entered.",
'error')
return redirect(request.url)
elif not user.password: # they signed up with MLH or are a corporate account and have no password
flash('An error occurred. Please contact us for more information.',
'error')
return redirect(request.url)
elif not helpers.check_password(user.password, password):
flash('Invalid password. Please try again.', 'warning')
return redirect(request.url)
login_user(user, remember=True)
target = request.args.get('next')
if (target and is_safe_url(target)):
return redirect(target)
else:
flash('Logged in successfully!', 'success')
return redirect(url_for(get_default_dashboard_for_role()))
def login(email, password):
login = False
user = User.get_user_by_email(email)
if user:
if helpers.check_password(password, user.password) == user.password:
login = True
now = datetime.now()
user.last_login = now
user.login_history.insert(0, str(now))
user.put()
return login, user
def login():
...
"""
if 'user_id' in session:
user is already logged in
redirect to dashboard
if username and password match
get the user from db
session['user_id'] = user.id
else
bhul login ache, hobe na
"""
username = request.form.get('username')
if request.method == 'POST':
missing_val = []
password = request.form.get('password')
if not username:
missing_val.append('username')
elif not password:
missing_val.append("password")
error = ' '
if missing_val:
error = (' ').join(missing_val) + " are required"
return render_template('login.html', error=error)
userrow = db.execute(
'''
Select password from users where username=:username
''', {
"username": username
}).fetchone()
if not userrow:
error = " Sorry {username} doesn't exist. Please register."
return redirect(url_for('user_blueprint.register'), error=error)
for row in userrow:
hash_password = row
if not check_password(hash_password, password):
return render_template('login.html',
error="Password Doesn't match ")
else:
session['username'] = username
return redirect(url_for('book_blueprint.search'))
else:
# session['username']=username
# return redirect( url_for('user_blueprint.login'))
return render_template('login.html')
def login():
if request.method == 'GET':
if current_user.is_authenticated:
return redirect(url_for('dashboard'))
return render_template('users/login.html')
email = request.form['email'].lower().strip()
password = request.form['password']
user = User.query.filter_by(email=email).first()
if user is None or not check_password(user.password, password):
flash(u"Invalid username or password.",
'warning')
return redirect(url_for('login'))
login_user(user, remember=True)
flash(u'Logged in successfully!', 'success')
return redirect(request.args.get('next') or url_for('dashboard'))
def login():
if request.method == 'GET':
if current_user.is_authenticated:
return redirect(url_for('dashboard'))
return render_template('users/login.html')
email = request.form['email']
password = request.form['password']
user = User.query.filter_by(email=email).first()
if user is None:
flash("We couldn't find an account related with this email. Please verify the email entered.", "warning")
return redirect(url_for('login'))
elif not check_password(user.password, password):
flash("Invalid Password. Please verify the password entered.", 'warning')
return redirect(url_for('login'))
login_user(user, remember=True)
flash('Logged in successfully!', 'success')
return redirect(request.args.get('next') or url_for('dashboard'))
def login():
if request.method == 'GET':
if current_user.is_authenticated:
return redirect(url_for('dashboard'))
return render_template('users/login.html')
email = request.form['email']
password = request.form['password']
user = User.query.filter_by(email=email).first()
if user is None:
flash("We couldn't find an account related with this email. Please verify the email entered.", "warning")
return redirect(url_for('login'))
elif not check_password(user.password, password):
flash("Invalid Password. Please verify the password entered.", 'warning')
return redirect(url_for('login'))
login_user(user, remember=True)
flash('Logged in successfully!', 'success')
return redirect(request.args.get('next') or url_for('dashboard'))
def post(self):
username = self.get_argument('username')
password = self.get_argument('password')
try:
user = User.objects(username=username)[0]
if not check_password(user, password):
raise ValueError()
self.set_secure_cookie('auth', username)
result = {
'type': 'redirect',
'redirect_url': self.reverse_url('home')
}
except Exception as e:
result = {'type': 'error', 'message': 'Invalid credentials'}
self.write(result)
def login():
username = request.form['username']
password = request.form['password']
category = request.form['category']
session['username'] = username
pass_hash = hashlib.md5(password.encode())
session['password'] = pass_hash.hexdigest()
session['category'] = category
status, message = helpers.check_password(username, password, category)
if status:
session['logged_in'] = True
else:
flash(message)
return index()
def post(self):
user_username = self.request.get('username')
user_password = self.request.get('password')
user_verify = self.request.get('verify')
user_email = self.request.get('email')
username_error = helpers.check_username(user_username)
password_error = helpers.check_password(user_password)
verify_error = ''
if not password_error:
verify_error = helpers.check_verify(user_verify, user_password)
email_error = helpers.check_email(user_email)
if (username_error or password_error or verify_error or email_error):
self.write_form(user_username, '', '',
user_email, username_error, password_error, verify_error,
email_error)
else:
self.redirect('/welcome?username=%s' % user_username)
def sign_in():
#First, if someone is trying to sign in
if request.method == "POST":
#Check if all the fields are filled in
if not request.form.get("username"):
return render_template("sign_in.html",
error="Please fill in your username.")
elif not request.form.get("password"):
return render_template("sign_in.html",
error="Please fill in your password.")
#Save their data into variables
username = request.form.get("username")
password = request.form.get("password")
#Then, check if that user already exists
if db.execute("SELECT * FROM users WHERE username = :username", {
"username": username
}).rowcount == 0:
return render_template(
"sign_in.html", error="Invalid credentials. Please try again.")
#Since they do exist, check their password
passkey = db.execute(
"SELECT passkey FROM users WHERE username = :username", {
"username": username
}).fetchone()
#Since the password is right, store session and redirect them to home
if check_password(password, passkey.passkey):
session["USERNAME"] = username
return redirect(url_for('home'))
#Since that's not the case, return invalid credentials
return render_template("sign_in.html",
error="Invalid credentials. Please try again.")
#If they just brought up the page, then don't do anything, just wait
else:
return render_template("sign_in.html")
def post(self):
self.user_username = self.request.get('username')
self.user_password = self.request.get('password')
self.user_verify = self.request.get('verify')
self.user_email = self.request.get('email')
username_error = helpers.check_username(self.user_username)
password_error = helpers.check_password(self.user_password)
verify_error = ''
if not password_error:
verify_error = helpers.check_verify(self.user_verify, self.user_password)
email_error = helpers.check_email(self.user_email)
if (username_error or password_error or verify_error or email_error):
self.write_form(self.user_username, '', '',
self.user_email, username_error, password_error, verify_error,
email_error)
else:
self.done()
def index():
# POST-request to this route means the user tries to log in
if request.method == "POST":
# Check if all required fields were filled in
if not request.form.get("username"):
return render_template("sorry.html", error="Username field not filled in")
if not request.form.get("password"):
return render_template("sorry.html", error="Must fill in password")
# Get data from form
username = request.form.get("username")
password = request.form.get("password")
# Query database for user
userrow = db.execute("SELECT passwordhash FROM users WHERE username = :username",
{"username": username}).fetchone()
# If we get no data back here, the user is not in our database=
if not userrow:
return render_template("sorry.html", error="We could not find that username. Have you signed up yet?")
# Get passwordhash from userrow
for row in userrow:
userhash = row
# We found the user. Continue to check if filled-in password was correct
if not check_password(userhash, password):
return render_template("sorry.html", error="Password incorrect.")
# If we get here, we found the user and the password is correct. Continue to log in.
else:
session["user"] = username
return redirect("/loginhome")
# Branch for GET-request to index page; prompt for login
else:
if session.get("user") is None:
return render_template("welcome.html")
else:
return redirect("/loginhome")
def login():
if request.method == 'GET':
return render_template('users/login.html')
email = request.form['email']
password = request.form['password']
remember_me = False
if 'remember_me' in request.form:
remember_me = True
user = User.query.filter_by(email=email).first()
if user is None:
flash(
"We can't find an account related with this Email id. Please verify the Email entered.",
"error")
return redirect(url_for('login'))
elif not check_password(user.password, password):
flash("Invalid Password. Please verify the password entered.")
return redirect(url_for('login'))
login_user(user, remember=remember_me)
flash('Logged in successfully')
return redirect(request.args.get('next') or url_for('dashboard'))
def login():
if request.method == 'GET':
if current_user.is_authenticated():
return redirect(url_for('dashboard'))
return render_template('users/login.html')
email = request.form['email']
password = request.form['password']
remember_me = False
if 'remember_me' in request.form:
remember_me = True
user = User.query.filter_by(email=email).first()
if user is None:
flash("We can't find an account related with this Email id. Please verify the Email entered.", "error")
return redirect(url_for('login'))
elif not check_password(user.password, password):
flash("Invalid Password. Please verify the password entered.")
return redirect(url_for('login'))
login_user(user, remember = remember_me)
# flash('Logged in successfully') # this is ugly
return redirect(request.args.get('next') or url_for('dashboard'))
def login():
if request.method == 'GET':
if current_user.is_authenticated:
return redirect(url_for('corp-dash'))
return render_template('corporate/login.html')
else:
email = request.form['email'].lower()
password = request.form['password']
user = User.query.filter_by(email=email).first()
if user is None:
flash("We couldn't find an account related with this email. Please verify the email entered.", "warning")
return redirect(url_for('corp-login'))
elif user.password is None:
flash('This account has not been setup yet. Please click the login link in your setup email.')
return redirect(url_for('corp-login'))
elif not check_password(user.password, password):
flash("Invalid Password. Please verify the password entered.", 'warning')
return redirect(url_for('corp-login'))
login_user(user, remember=True)
flash('Logged in successfully!', 'success')
if 'ADMIN' in user.roles:
return redirect(url_for('admin-dash'))
return redirect(url_for('corp-dash'))
