def login():
if flask.request.method == 'GET':
show_message = flask.request.args.get('show_message') or ''
username = flask.request.args.get('username') or ''
return render_template("login.html", show_message=show_message, username=username)
username = flask.request.form['username']
account = Account.find_account_by_username(username)
password = flask.request.form['password']
if account.valid_password(password):
circles = account_management.get_circles_for_account(account.id)
logger.info("User {} logged in, circles={}".format(username, circles))
authenticated_account = auth.AuthenticatedAccount(account, circles)
flask_login.login_user(authenticated_account)
return flask.redirect(flask.url_for('core.index'))
return flask.redirect(flask.url_for('.login', show_message='bad-login', username=username))
def service_authz_login():
username = request.json["username"]
account = Account.find_account_by_username(username)
password = request.json["password"]
if not account:
logger.info("Login: Bad login attempt, no such user: {}".format(username))
raise P2k16UserException("Invalid credentials")
if not account.valid_password(password):
logger.info("Login: Bad login attempt, wrong password: {}".format(username))
raise P2k16UserException("Invalid credentials")
circles = account_management.get_circles_for_account(account.id)
badges = badge_management.badges_for_account(account.id)
logger.info("Login: username={}, circles={}".format(username, circles))
authenticated_account = auth.AuthenticatedAccount(account, circles)
flask_login.login_user(authenticated_account)
return jsonify(account_to_json(account, circles, badges))
