Esempio n. 1
0
def login_user():
    if request.method == 'POST':
        form = request.form
        email = form['email']
        password = form['password']
        cur = mysql.connection.cursor()
        usercheck = cur.execute("SELECT * FROM user WHERE email=%s", ([email]))
        if usercheck > 0:
            user = cur.fetchone()
            checker = check(user[-2], password)
            if checker:
                session['logged_in'] = True
                session['full_name'] = user[1]
                session['district'] = user[3]
                session['id'] = user[0]
                flash(
                    f"Welcome {session['full_name']}!! Your Login is Successful",
                    'success')
            else:
                cur.close()
                flash('Wrong Password!! Please Check Again.', 'danger')
                return render_template('login.html')
        else:
            cur.close()
            flash('User Does Not Exist!! Please Enter Valid Username.',
                  'danger')
            return render_template('login.html')
        cur.close()
        return redirect('/home/')
    return render_template('login.html', role='user')
Esempio n. 2
0
def is_account_valid():
    username = request.form['username']
    config = configparser.ConfigParser()
    config.read(conf)

    if config['auth']['method'] == 'ldap':
        server = config['ldap']['server']
        port = int(config['ldap']['port'])
        base_dn = config['ldap']['base_dn']
        user_dn = 'uid=' + username + ',' + base_dn

        s = Server(server, port=port, get_info=ALL)
        try:
            Connection(s,
                       auto_bind=True,
                       client_strategy=SYNC,
                       user=user_dn,
                       password=request.form['password'],
                       authentication=SIMPLE,
                       check_names=True)
            return True
        except:
            return False
    if config['auth']['method'] == 'local':
        con = sqlite3.connect(db)
        cur = con.cursor()
        sql = 'SELECT password FROM user WHERE username=(?)'
        cur.execute(sql, (username, ))
        fetched = cur.fetchone()
        if fetched is not None and check(fetched[0], request.form['password']):
            return True

    return False
Esempio n. 3
0
File: app.py Progetto: trileg/WebTeX
def is_account_valid():
    username = request.form['username']
    config = configparser.ConfigParser()
    config.read(conf)

    if config['auth']['method'] == 'ldap':
        server = config['ldap']['server']
        port = int(config['ldap']['port'])
        base_dn = config['ldap']['base_dn']
        user_dn = 'uid=' + username + ',' + base_dn

        s = Server(server, port=port, get_info=ALL)
        try:
            Connection(s, auto_bind=True, client_strategy=SYNC,
                       user=user_dn, password=request.form['password'],
                       authentication=SIMPLE, check_names=True)
            return True
        except:
            return False
    if config['auth']['method'] == 'local':
        con = sqlite3.connect(db)
        cur = con.cursor()
        sql = 'SELECT password FROM user WHERE username=(?)'
        cur.execute(sql, (username,))
        fetched = cur.fetchone()
        if fetched is not None and check(fetched[0], request.form['password']):
            return True

    return False
Esempio n. 4
0
def update_password_by_id(id_user, old_pass, new_pass):
    """
    Mettre a jour le mot de passe d'un utilisateur. Pour verification, on utilise son ancien mot de passe

    :param id_user: user id_user
    :param old_pass: ancien mot de passe, doit être vérifié pour voir si on a le droit d'update (mieux qu'un fresh login)
    :param new_pass: nouveau mot de passe

    :rtype : bool

    :return : True si ok, False si nok
    """
    result = False
    res = __select_user_by_id(id_user)
    if old_pass is None:
        old_pass = ""
    if res is not None and new_pass is not None:
        row = res.first()
        if row is not None and check(row['password'], old_pass) and new_pass is not None:
            up = __utilisateur.update(
            ).where(
                __utilisateur.c.id_utilisateur == id_user
            ).values(
                password = gen(new_pass,'pbkdf2:sha512:1000', 12)
            )
            engine.execute(up)
            result = True
    return result
Esempio n. 5
0
    def login():
        """
        Login Router Function.

        Returns
        -------
        str
            HTML content to be displayed.
        """
        if request.method == 'POST':
            db = database.getdb()
            user = db.execute("SELECT * FROM flaskuser WHERE username=?", (request.form['username'],)).fetchone()
            if check(user["pword"], request.form["password"]):
                session.clear()
                session["user_id"] = 'admin'
                return redirect(url_for('index'))
        return render_template('login.html', title='Log In')
Esempio n. 6
0
def confirm_password(id_user, password):
    """
    verifier que l'utilisateur a bien saisi le bon mot de passe

    :params :
    id_user         -- user id
    password    -- pass

    :return : True si c'est le bon pass, False si c'est le mauvais
    """
    result = False
    if password is None:
        password = ""
    res = __select_user_by_id(id_user)
    if res is not None:
        row = res.first()
        if row is not None and check(row['password'], password):
            result = True
    return result
Esempio n. 7
0
def find_user_by_mail_and_password(mail, password, actif_only=True):
    """
    Rechercher un utilisateur dans l'annuaire

    :param form: request form
    :rtype: Utilisateur
    :return: un utilisateur
    """
    res = None
    if password is None:
        password = ""
    if mail is not None:
        condition = __utilisateur.c.mail == mail.lower()
        if actif_only:
            condition &= __utilisateur.c.actif
        sel = select([__utilisateur]).where(condition)
        res = engine.execute(sel)
    if res is not None:
        row = res.first()
        if row is not None and check(row['password'], password):
            return Utilisateur(row['id_utilisateur'], row['mail'], row['id_ancien'], row['actif'], row['admin'])
    return None