def login():
'''
Performs the login of a user.
It checks whether the input is the username or the e-mail address,
the password and performs the authentication.
Returns:
302 -> redirection to the user's homepage if the authentication is succesful
200 -> the login page with the corresponding error message
'''
form = LoginForm()
form.password.errors = []
if current_user.is_authenticated:
return redirect('/')
if form.validate_on_submit():
cred, password = form.data['usrn_eml'], form.data['password']
if '@' in cred:
user = User.query.filter_by(email=cred).one_or_none()
else:
user = User.query.filter_by(username=cred).one_or_none()
if user is not None and user.authenticate(password):
login_user(user)
return redirect(url_for('home.index'))
form.password.errors.append('Wrong username or password.')
return render_template('login.html', form=form)
def login():
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
user, status = get_getaway().get_users(email=request.form['email'])
if status == 200 and user is not None:
password = request.form['password']
user = user[0]
password_hash = user['password']
checked = check_password_hash(password_hash, password)
if checked:
usr = User(user['id'], user['is_operator'],
user['is_admin'], user['is_health_authority'],
password_hash, user['rest_id'],
user['is_positive'])
login_user(usr)
return redirect('/')
else:
flash('Wrong password', 'error')
return make_response(
render_template('login.html', form=form), 401)
flash('Wrong email', 'error')
return make_response(render_template('login.html', form=form), 401)
flash('Bad form', 'error')
return make_response(render_template('login.html', form=form), 400)
return make_response(render_template('login.html', form=form), 200)
def login():
form = LoginForm()
if form.validate_on_submit():
email, password = form.data["email"], form.data["password"]
q = db.session.query(User).filter(User.email == email)
user = q.first()
if user is not None and user.authenticate(password):
login_user(user)
q = db.session.query(Role).filter(Role.id == user.role_id)
role = q.first()
if role is not None:
session["ROLE"] = role.value
# if is operator, load restaurant information and load in session
if role.value == "OPERATOR":
q = db.session.query(Restaurant).filter(
Restaurant.owner_id == user.id
)
restaurant = q.first()
if restaurant is not None:
session["RESTAURANT_ID"] = restaurant.id
session["RESTAURANT_NAME"] = restaurant.name
return redirect("/")
else:
return render_template(
"login.html", form=form, _test="error_login", message="User not exist"
)
return render_template("login.html", _test="first_visit_login", form=form)
def login():
if hasattr(
current_user, 'is_authenticated'
) and current_user.is_authenticated is True: ## The connected user cannot create other users
return make_response(
index(),
403) ## They are redirect instantaneously to the main page
form = LoginForm()
if form.validate_on_submit():
email, password = form.data['email'], form.data['password']
q = db.session.query(User).filter(User.email == email
and User.password == password)
user = q.first()
# print(user is None)
# print(user.authenticate(password))
if user is not None and user.authenticate(password):
login_user(user)
return redirect('/')
else:
flash('Wrong email or password', category='error')
return make_response(render_template('login.html', form=form), 401)
return render_template('login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
email, password = form.data['email'], form.data['password']
q = db.session.query(User).filter(User.email == email)
user = q.first()
if user is not None and user.authenticate(password):
login_user(user)
return redirect('/')
return render_template('login.html', form=form)
def login(message=''):
if not current_user.is_anonymous:
return redirect("/", code=302)
form = LoginForm()
form.message = message
if form.validate_on_submit():
email, password = form.data['email'], form.data['password']
q = db.session.query(User).filter(User.email == email)
user = q.first()
if user is not None and user.authenticate(password):
login_user(user)
return redirect('/')
else:
form.message = "User or Password not correct!"
return render_template('login.html', form=form, notlogged=True)
def login():
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
email, password = form.data['email'], form.data['password']
q = db.session.query(User).filter(User.email == email)
user = q.first()
if user is None:
flash('This email does not exist.', 'error')
elif user is not None and not user.authenticate(password):
flash('Password is incorrect.', 'error')
else:
login_user(user)
return redirect('/')
return render_template('login.html', form=form, home_url=HOME_URL)
def login():
form = LoginForm()
message = ""
error = False
if form.validate_on_submit():
email, password = form.data['email'], form.data['password']
q = db.session.query(User).filter(User.email == email)
user = q.first()
if user is not None and user.authenticate(password):
login_user(user)
return redirect('/')
else:
message = "User not found"
error = True
return render_template('login.html',
form=form,
error=error,
message=message)
def login():
if current_user is not None and hasattr(current_user, 'id'):
return redirect('/')
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
email, password = form.data['email'], form.data['password']
q = db.session.query(User).filter(User.email == email)
user = q.first()
if user is not None and user.authenticate(
password) and user.is_active:
login_user(user)
return redirect('/')
else:
form.password.errors.append("Invalid credentials.")
return make_response(render_template('login.html', form=form),
401)
else:
return make_response(render_template('login.html', form=form), 400)
return render_template('login.html', form=form)
def delete_user():
""" Delete the current user profile and log out
The user must confirm the request by entering email and password.
The request is approved only if the user is not positive.
If the user is an operator, the restaurant is also deleted.
In that case, a notification is sent to all users who had active bookings,
and bookings are canceled.
The functionality is not active for the health authority or for the admin.
Error status codes:
400 -- The request is not valid, the form is filled out incorrectly or a generic error has occurred
401 -- The current user is not a customer or operator
Success codes:
200 -- The form is sent
302 -- The elimination was carried out
"""
if current_user.is_admin or current_user.is_health_authority:
return make_response(render_template('error.html', error='401'), 401)
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
users, status_code = get_getaway().get_users(
email=form.data['email'])
if status_code != 200:
flash('Wrong password or mail', 'success')
return make_response(
render_template('error.html', title="Unregister"), 400)
if users is not None:
email, password = form.data['email'], form.data['password']
user = users[0].toDict()
else:
flash('Wrong email', 'error')
return make_response(
render_template('delete_profile.html',
form=form,
title="Unregister"), 400)
checked = check_password_hash(user['password'], password)
if checked:
usr, status = get_getaway().delete_user(user['id'])
if status == 204:
flash('Account deleted', 'success')
logout_user()
return redirect("/")
if status == 400:
flash(usr.detail, 'warning')
return make_response(
render_template('error.html', title="Unregister"), 400)
if status == 500:
flash('Please try again', 'error')
return make_response(
render_template('error.html', title="Unregister"), 500)
else:
flash('Wrong password', 'error')
return make_response(
render_template('delete_profile.html',
form=form,
title="Unregister"), 400)
else:
flash('Bad form', 'error')
return make_response(
render_template('delete_profile.html',
form=form,
title="Unregister"), 400)
return render_template('delete_profile.html',
form=form,
title="Unregister")
