def login():
''' USER LOGIN ROUTE AND LOGIC
'''
if request.method == 'GET':
return render_template('login.html')
else:
username = request.form['username']
validated_password = request.form['pw']
try:
curruser = session.query(Users).filter_by(username=username).one()
if validate_password(validated_password + curruser.salt,
curruser.password) is True:
user = User()
user.id = curruser.username
flask_login.login_user(user)
flash('You were successfully logged in')
return redirect(url_for('recent'))
else:
flash('Incorrect Password')
return redirect(url_for('login'))
except NoResultFound as e:
flash('Username doesnt exist')
return render_template('login.html')
def test_password_missing_chars():
assert not validate_password('UPPERCASE')
assert not validate_password('lowercase')
assert not validate_password('PW_no_digits')
assert not validate_password('Pw9NoPunc')
assert not validate_password('_password_')
assert not validate_password('@#$$)==1')
def test_password_missing_chars():
assert not validate_password("UPPERCASE")
assert not validate_password("lowercase")
assert not validate_password("PW_no_digits")
assert not validate_password("Pw9NoPunc")
assert not validate_password("_password_")
assert not validate_password("@#$$)==1")
def login():
if request.method == 'GET':
# {% if current_user.is_authenticated %}
# Hi {{ current_user.name }}!
# {% endif %}
return render_template('login.html')
else:
email = request.form['email']
validated_password = request.form['pw']
curruser = session.query(Users).filter_by(email = email).one()
#salted_password = create_password(validated_password, new_salt)
#if validate_password('password', 'retrivedsalt') == True:
if validate_password(validated_password + curruser.salt, curruser.password) == True:
print("validated password XD")
user = User()
user.id = curruser.email
flask_login.login_user(user)
return redirect('/public/domain')
#return redirect(url_for('protected'))
return 'Bad login'
def test_password_len():
assert not validate_password('short')
assert not validate_password('waytoolongpassword')
def test_password_cache_cannot_reuse():
num_passwords_use = len(used_passwords)
assert validate_password('go1@PW')
assert len(used_passwords) == num_passwords_use + 1
assert not validate_password('go1@PW')
def test_password_not_used_before():
assert not validate_password('PassWord@1')
assert not validate_password('PyBit$s9')
def test_validate_password_good_pws():
assert validate_password('passWord9_')
assert validate_password('another>4Y')
assert validate_password('PyBites@1912')
assert validate_password('We<3Python')
def test_password_only_one_letter():
assert not validate_password('@#$$)==1a')
def test_password_len():
assert not validate_password("short")
assert not validate_password("waytoolongpassword")
def test_password_not_used_before():
assert not validate_password("PassWord@1")
assert not validate_password("PyBit$s9")
def test_validate_password_good_pws():
assert validate_password("passWord9_")
assert validate_password("another>4Y")
assert validate_password("PyBites@1912")
assert validate_password("We<3Python")
