def load_user(user_id): """ user loader hier wird beim aufruf von login.required dekorierten punkten der in der session gespeicherte benutzer geladen wenn vorhanden Args: user_id: Returns: """ if user_id > 0: user = BeUser() user.set("id", user_id) user.load() session = Session() session.set_user_id(user.get_id()) if session.load(): session_user = user.create_session_user() ip_address = get_real_ip() session_user.ip_address = ip_address session_user.user_agent = request.user_agent session_user.token = session.get_token() session_user.timestamp = session.get_timestamp() hash = session.get_user_hash_string(session_user) if session.is_valid(session.encryption.get_generic_hash(hash)): return session_user else: debug_logger.debug("session nicht valid") session.delete() return SessionUser()
def login(): """ Login Endpunkt Returns: Rendert das Login Template oder leitet an das Dashboard weiter nach erfolgreichem Login """ form = LoginForm() ip_address = get_real_ip() if request.method == "POST": if form.validate_on_submit(): be_user = BeUser() be_user.set("username", escape(request.form["username"])) be_user.temp_password = escape(request.form["password"]) if be_user.validate_login(): be_user.load() session = Session() session.set_user_id(be_user.get_id()) if session.session_exists(): session.delete() session = Session() session.set_user_id(be_user.get_id()) ip_address = escape(ip_address) user_agent = escape(request.user_agent) token = session.encryption.create_random_token(32) session.set_ip_address(ip_address) session.set_user_agent(user_agent) session.set_token(token) time = datetime.now() session.set_timestamp(time) if session.save() is not False: session_user = be_user.create_session_user() if login_user(session_user): debug_logger.log( 10, "User mit der ID {0} eingeloggt".format( session_user.get_id())) return redirect(url_for("backend.dashboard")) else: failed_login_record = FailedLoginRecord() failed_login_record.set_user_id(be_user.get_id()) failed_login_record.set_username(be_user.get_username()) failed_login_record.set_ip_address(request.remote_addr) failed_login_record.set_user_agent(str(request.user_agent)) failed_login_record.save() else: flash(form.errors) return render_template("login.html", form=form)
def delete_user(user_id): try: result = False sess = Session() user = sess.query(User).get(user_id) if user: sess.delete(user) sess.commit() result = True except Exception: result = False return result
def delete_book(book_id): try: result = False sess = Session() book = sess.query(Book).get(book_id) if book: sess.delete(book) sess.commit() result = True except Exception: result = False return result
def logout(): """ Returns: """ user = current_user session = Session() session.set_user_id(user.get_id()) session.load() session.delete() if logout_user(): flash("Erfolgreich abgemeldet", "success") return redirect(url_for("backend.login"))
def post_new_class(new_class_name): session = Session() new_class_obj = ClassName(class_name=new_class_name) session.add(new_class_obj) session.commit() archives = session.query(Archive).filter_by(class_id=new_class_obj.id) [session.delete(archive) for archive in archives] session.commit() session.close() response = create_schedules_data() return response