def do_login():
"""Authenticate users of the web-UI"""
if not admin_exists():
return redirect('/create_admin')
elif flask_login.current_user.is_authenticated:
flash(gettext(u"Cannot access login page if you're already logged in"),
"error")
return redirect(url_for('general_routes.home'))
form_login = forms_authentication.Login()
# Check if the user is banned from logging in (too many incorrect attempts)
if banned_from_login():
flash(
gettext(
u"Too many failed login attempts. Please wait %(min)s "
u"minutes before attempting to log in again",
min=(int(LOGIN_BAN_SECONDS - session['ban_time_left']) / 60) +
1), "info")
else:
if request.method == 'POST':
username = form_login.username.data.lower()
user_ip = request.environ.get('REMOTE_ADDR', 'unknown address')
user = User.query.filter(func.lower(User.name) == username).first()
if not user:
login_log(username, 'NA', user_ip, 'NOUSER')
failed_login()
elif form_login.validate_on_submit():
if User().check_password(
form_login.password.data,
user.password_hash) == user.password_hash:
login_log(username, user.roles.name, user_ip, 'LOGIN')
# flask-login user
login_user = User()
login_user.id = user.id
remember_me = True if form_login.remember.data else False
flask_login.login_user(login_user, remember=remember_me)
return redirect(url_for('general_routes.home'))
else:
login_log(username, user.roles.name, user_ip, 'FAIL')
failed_login()
else:
login_log(username, 'NA', user_ip, 'FAIL')
failed_login()
return redirect('/login')
return render_template(
'login.html',
form_login=form_login,
)
def remote_admin_login():
"""Authenticate Remote Admin login"""
password_hash = request.form.get('password_hash', None)
username = request.form.get('username', None)
if username and password_hash:
user = User.query.filter(func.lower(User.name) == username).first()
else:
user = None
if user and user.password_hash == password_hash:
login_user = User()
login_user.id = user.id
flask_login.login_user(login_user, remember=False)
return "Logged in via Remote Admin"
def login_keypad_code(code):
"""Check code from keypad."""
if not admin_exists():
return redirect('/create_admin')
elif flask_login.current_user.is_authenticated:
flash(gettext("Cannot access login page if you're already logged in"),
"error")
return redirect(url_for('routes_general.home'))
# Check if the user is banned from logging in (too many incorrect attempts)
if banned_from_login():
flash(
gettext(
"Too many failed login attempts. Please wait %(min)s "
"minutes before attempting to log in again",
min=int(
(LOGIN_BAN_SECONDS - session['ban_time_left']) / 60) + 1),
"info")
else:
user = User.query.filter(User.code == code).first()
user_ip = request.environ.get('HTTP_X_FORWARDED_FOR',
'unknown address')
if not user:
login_log(code, 'NA', user_ip, 'FAIL')
failed_login()
flash("Invalid Code", "error")
time.sleep(2)
else:
role_name = Role.query.filter(Role.id == user.role_id).first().name
login_log(user.name, role_name, user_ip, 'LOGIN')
# flask-login user
login_user = User()
login_user.id = user.id
remember_me = True
flask_login.login_user(login_user, remember=remember_me)
return redirect(url_for('routes_general.home'))
return render_template('login_keypad.html',
dict_translation=TRANSLATIONS,
host=socket.gethostname())
def login_password():
"""Authenticate users of the web-UI."""
if not admin_exists():
return redirect('/create_admin')
elif flask_login.current_user.is_authenticated:
flash(gettext("Cannot access login page if you're already logged in"),
"error")
return redirect(url_for('routes_general.home'))
form_login = forms_authentication.Login()
# Check if the user is banned from logging in (too many incorrect attempts)
if banned_from_login():
flash(
gettext(
"Too many failed login attempts. Please wait %(min)s "
"minutes before attempting to log in again",
min=int(
(LOGIN_BAN_SECONDS - session['ban_time_left']) / 60) + 1),
"info")
else:
if request.method == 'POST':
username = form_login.username.data.lower()
user_ip = request.environ.get('HTTP_X_FORWARDED_FOR',
'unknown address')
user = User.query.filter(func.lower(User.name) == username).first()
if not user:
login_log(username, 'NA', user_ip, 'NOUSER')
failed_login()
elif form_login.validate_on_submit():
matched_hash = User().check_password(form_login.password.data,
user.password_hash)
# Encode stored password hash if it's a str
password_hash = user.password_hash
if isinstance(user.password_hash, str):
password_hash = user.password_hash.encode('utf-8')
if matched_hash == password_hash:
user = User.query.filter(User.name == username).first()
role_name = Role.query.filter(
Role.id == user.role_id).first().name
login_log(username, role_name, user_ip, 'LOGIN')
# flask-login user
login_user = User()
login_user.id = user.id
remember_me = True if form_login.remember.data else False
flask_login.login_user(login_user, remember=remember_me)
return redirect(url_for('routes_general.home'))
else:
user = User.query.filter(User.name == username).first()
role_name = Role.query.filter(
Role.id == user.role_id).first().name
login_log(username, role_name, user_ip, 'FAIL')
failed_login()
else:
login_log(username, 'NA', user_ip, 'FAIL')
failed_login()
return redirect('/login')
return render_template('login_password.html',
dict_translation=TRANSLATIONS,
form_login=form_login,
host=socket.gethostname())
def do_login():
"""Authenticate users of the web-UI"""
if not admin_exists():
return redirect('/create_admin')
elif flask_login.current_user.is_authenticated:
flash(gettext(u"Cannot access login page if you're already logged in"),
"error")
return redirect(url_for('general_routes.home'))
form = flaskforms.Login()
form_notice = flaskforms.InstallNotice()
misc = Misc.query.first()
dismiss_notification = misc.dismiss_notification
stats_opt_out = misc.stats_opt_out
# Check if the user is banned from logging in (too many incorrect attempts)
if banned_from_login():
flash(gettext(
u"Too many failed login attempts. Please wait %(min)s "
u"minutes before attempting to log in again",
min=(int(LOGIN_BAN_SECONDS - session['ban_time_left']) / 60) + 1),
"info")
else:
if request.method == 'POST':
username = form.username.data.lower()
user_ip = request.environ.get('REMOTE_ADDR', 'unknown address')
form_name = request.form['form-name']
if form_name == 'acknowledge':
try:
mod_misc = Misc.query.first()
mod_misc.dismiss_notification = 1
db.session.commit()
except Exception as except_msg:
flash(gettext(u"Acknowledgement unable to be saved: "
u"%(err)s", err=except_msg), "error")
elif form_name == 'login' and form.validate_on_submit():
user = User.query.filter(
User.name == username).first()
if not user:
login_log(username, 'NA', user_ip, 'NOUSER')
failed_login()
elif User().check_password(
form.password.data,
user.password_hash) == user.password_hash:
login_log(username, user.roles.name, user_ip, 'LOGIN')
# flask-login user
login_user = User()
login_user.id = user.id
remember_me = True if form.remember.data else False
flask_login.login_user(login_user, remember=remember_me)
return redirect(url_for('general_routes.home'))
else:
login_log(username, user.roles.name, user_ip, 'FAIL')
failed_login()
else:
login_log(username, 'NA', user_ip, 'FAIL')
failed_login()
return redirect('/login')
return render_template('login.html',
form=form,
formNotice=form_notice,
dismiss_notification=dismiss_notification,
stats_opt_out=stats_opt_out)