def login(): ''' USER LOGIN ROUTE AND LOGIC ''' if request.method == 'GET': return render_template('login.html') else: username = request.form['username'] validated_password = request.form['pw'] try: curruser = session.query(Users).filter_by(username=username).one() if validate_password(validated_password + curruser.salt, curruser.password) is True: user = User() user.id = curruser.username flask_login.login_user(user) flash('You were successfully logged in') return redirect(url_for('recent')) else: flash('Incorrect Password') return redirect(url_for('login')) except NoResultFound as e: flash('Username doesnt exist') return render_template('login.html')
def test_password_missing_chars(): assert not validate_password('UPPERCASE') assert not validate_password('lowercase') assert not validate_password('PW_no_digits') assert not validate_password('Pw9NoPunc') assert not validate_password('_password_') assert not validate_password('@#$$)==1')
def test_password_missing_chars(): assert not validate_password("UPPERCASE") assert not validate_password("lowercase") assert not validate_password("PW_no_digits") assert not validate_password("Pw9NoPunc") assert not validate_password("_password_") assert not validate_password("@#$$)==1")
def login(): if request.method == 'GET': # {% if current_user.is_authenticated %} # Hi {{ current_user.name }}! # {% endif %} return render_template('login.html') else: email = request.form['email'] validated_password = request.form['pw'] curruser = session.query(Users).filter_by(email = email).one() #salted_password = create_password(validated_password, new_salt) #if validate_password('password', 'retrivedsalt') == True: if validate_password(validated_password + curruser.salt, curruser.password) == True: print("validated password XD") user = User() user.id = curruser.email flask_login.login_user(user) return redirect('/public/domain') #return redirect(url_for('protected')) return 'Bad login'
def test_password_len(): assert not validate_password('short') assert not validate_password('waytoolongpassword')
def test_password_cache_cannot_reuse(): num_passwords_use = len(used_passwords) assert validate_password('go1@PW') assert len(used_passwords) == num_passwords_use + 1 assert not validate_password('go1@PW')
def test_password_not_used_before(): assert not validate_password('PassWord@1') assert not validate_password('PyBit$s9')
def test_validate_password_good_pws(): assert validate_password('passWord9_') assert validate_password('another>4Y') assert validate_password('PyBites@1912') assert validate_password('We<3Python')
def test_password_only_one_letter(): assert not validate_password('@#$$)==1a')
def test_password_len(): assert not validate_password("short") assert not validate_password("waytoolongpassword")
def test_password_not_used_before(): assert not validate_password("PassWord@1") assert not validate_password("PyBit$s9")
def test_validate_password_good_pws(): assert validate_password("passWord9_") assert validate_password("another>4Y") assert validate_password("PyBites@1912") assert validate_password("We<3Python")