def login():
if current_user.is_authenticated:
return redirect(url_for('shop'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(url_for('shop'))
else:
flash('Login Unsuccessful. Please check email and password', 'danger')
return render_template('login.html', title='Login', form=form)
def login_seller():
form = LoginForm()
if form.validate_on_submit():
seller = Seller.query.filter_by(email=form.email.data).first()
if seller and bcrypt.check_password_hash(seller.password, form.password.data):
login_user(seller, remember=form.remember.data)
flash('Login Successful Seller', 'success')
return redirect(url_for('home'))
else:
flash('Login Unsuccessful. Please Check Username and Password', 'danger')
return render_template('login_seller.html', title='Seller Login', form=form)
def login():
ip = request.environ.get('HTTP_X_REAL_IP', request.remote_addr)
if current_user.is_authenticated:
return redirect(url_for('shop'))
form = LoginForm()
for item in [form.email.data, form.password.data]:
for char in ['"', "'", "--", ';', '=']:
if char in str(item):
flash('Login Unsuccessful. Please check your email and password', 'danger')
return render_template('login.html', title='Login', form=form)
if Timeout.query.filter_by(ip=ip).first() == None:
print('new entry created')
new = Timeout(ip=ip, attempts=1)
db.session.add(new)
db.session.commit()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password, form.password.data):
if Timeout.query.filter_by(ip=ip).first():
check=Timeout.query.filter_by(ip=ip).first()
if check.release > datetime.now():
flash('You have been locked out for entering too many wrong passwords', 'danger')
return render_template('login.html')
else:
check.attempts = 0
db.session.commit()
login_user(user, remember=form.remember.data)
perms = 'user'
if current_user.admin_rights:
perms = 'admin'
s = user.password
return render_template('afterLogin.html', email=form.email.data, role=perms, checkval=s[0] + s[12] + s[24] + s[36] + s[48] + s[50] + s[59])
else:
c = Timeout.query.filter_by(ip=ip).first()
c.attempts += 1
db.session.commit()
if c.attempts >= 5:
if c.release > datetime.now():
flash('You have been locked out for entering too many wrong passwords', 'danger')
c.attempts = 0
db.session.commit()
return render_template('login.html')
c.release = datetime.now() + timedelta(minutes=1)
db.session.commit()
print(c.ip,'-', c.attempts, '-', c.release)
flash('Login Unsuccessful. Please check email and password', 'danger')
return render_template('login.html', title='Login', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('shop'))
form = LoginForm()
if form.validate_on_submit():
# KEITH: START
conn = create_engine('sqlite:///flaskshop/site.db')
c = conn.connect()
userdb = c.execute('SELECT email, password FROM user')
userdb = userdb.fetchall()
user = None
tentative = [None, None]
for val in userdb:
if val[0] in form.email.data:
tentative = val
break
try:
print('SELECT * FROM user WHERE email = "{}" AND {}'.format(form.email.data, int(
bcrypt.check_password_hash(
tentative[1],
form.password.data))))
user = c.execute('SELECT * FROM user WHERE email = "{}" AND {}'.format(form.email.data, int(
bcrypt.check_password_hash(
tentative[1],
form.password.data))))
user = user.fetchall()
except TypeError:
print('Invalid Login detected.')
if user:
# IF SUCCESSFUL THEN
user = User.query.filter_by(email=val[0]).first()
login_user(user, remember=form.remember.data)
# ck = make_response(redirect(url_for('home')))
# print(current_user.get_id() + ' ' + str(current_user.is_admin()))
# ck.set_cookie('userdata', value=current_user.get_id() + ' ' + str(current_user.is_admin()))
# print('[LOGIN] Cookie generated')
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(url_for('shop'))#ck(returning ck results in TypeError)
else:
user = User.query.filter_by(email=form.email.data).first()
if user:
flash('Login Unsuccessful. Email is valid but password is incorrect', 'danger')
else:
flash('Login Unsuccessful. Email is invalid as it has not been registered yet', 'danger')
# KEITH: END
# JQ: DISABLED
# user = User.query.filter_by(email=form.email.data).first()
# print(user)
# if user and bcrypt.check_password_hash(user.password, form.password.data):
# login_user(user, remember=form.remember.data)
# next_page = request.args.get('next')
# return redirect(next_page) if next_page else redirect(url_for('shop'))
# else:
# flash('Login Unsuccessful. Please check email and password', 'danger')
# JQ: END
return render_template('login.html', title='Login', form=form)