def user_loader(username):
if username not in users:
return
user = User()
user.id = username
return user
def loginApi():
name = str(request.form['name'])
if request.form['password'] == users[name]['password']:
user = User()
user.id = name
flask_login.login_user(user)
return jsonify({'status': 'OK'})
return jsonify({'status': 'bad login'})
def request_loader(request):
name = request.form.get('name')
if name not in users:
return
user = User()
user.id = name
# DO NOT ever store passwords in plaintext and always compare password
# hashes using constant-time comparison!
user.is_authenticated = request.form['password'] == users[name]['password']
return user
def loginApi():
mobile = str(request.form['phone'])
idCode = str(request.form['idCode'])
if idCode == cache.get(mobile):
return jsonify({'status': 'bad idCode'})
if request.form['password'] == users[mobile]['password']:
user = User()
user.id = mobile
flask_login.login_user(user)
cache.delete(mobile)
return jsonify({'status': 'OK'})
return jsonify({'status': 'bad login'})
def login():
if request.method == 'GET':
if flask_login.current_user.is_authenticated:
return redirect('/admin')
return render_template('login.html')
username = request.form['username']
if request.form['password'] == users[username]['password']:
user = User()
user.id = username
flask_login.login_user(user)
return redirect(url_for('protected'))
return 'Bad login'
def login():
if request.method == 'GET':
if flask_login.current_user.is_authenticated:
return redirect('/admin')
return render_template('login.html')
username = request.form['username']
if username not in users:
return 'wrong username'
md5 = hashlib.md5()
psswd = md5.update(request.form['password']).hexdigest()
if psswd == users[username]['password']:
user = User()
user.id = username
flask_login.login_user(user)
return redirect(url_for('protected'))
return 'Bad login'
