def test_get(self):
username = uuid.uuid4().hex
password = uuid.uuid4().hex
user = User.create(username, password)
user_by_id = User.get(user.id)
self.assertEqual(user_by_id.id, user.id)
user_by_name = User.get(user.username)
self.assertEqual(user_by_name.id, user.id)
with self.assertRaises(TypeError):
User.get(None)
def test_get(self):
username = uuid.uuid4().hex
password = uuid.uuid4().hex
user = User.create(username, password)
user_by_id = User.get(user.id)
self.assertEqual(user_by_id.id, user.id)
user_by_name = User.get(user.username)
self.assertEqual(user_by_name.id, user.id)
with self.assertRaises(TypeError):
User.get(None)
def validate_password(self, field):
if self.dbuser is False:
self.dbuser = User.get(request.form["username"])
if self.dbuser:
password = str(field.data)
if self.dbuser.hash_password(password) != self.dbuser.password:
raise ValidationError("invalid password")
def load_user(user):
"""
callback for :func:`flask_login.LoginManager.user_loader`
When the user id is is not present in the session this function
is used to load the user from the database directly.
"""
return User.get(user)
def validate_password(self, field):
if self.dbuser is False:
self.dbuser = User.get(request.form["username"])
if self.dbuser:
password = str(field.data)
if self.dbuser.hash_password(password) != self.dbuser.password:
raise ValidationError("invalid password")
def load_user(user):
"""
callback for :func:`flask_login.LoginManager.user_loader`
When the user id is is not present in the session this function
is used to load the user from the database directly.
"""
return User.get(user)
def load_token(token):
"""
callback for :func:`flask_login.LoginManager.token_loader`
When a user is already loaded check the token provided to be sure
the password matches and that the token has not expired.
"""
# The token was encrypted using itsdangerous.URLSafeTimedSerializer which
# allows us to have a max_age on the token itself. When the cookie is
# stored on the users computer it also has a expiry date, but could be
# changed by the user, so this feature allows us to enforce the exipry
# date of the token server side and not rely on the users cookie to expire.
try:
userid, password = login_serializer.loads(
token,
max_age=app.config["REMEMBER_COOKIE_DURATION"].total_seconds())
user = User.get(userid)
return user if user and user.password == password else None
except BadTimeSignature:
return None
def login_page():
"""display and process the login for or action"""
if request.method == "POST" and request.content_type == "application/json":
user = User.get(request.json["username"])
if user and user.check_password(request.json["password"]):
login_user(user, remember=True)
return jsonify(None)
return jsonify(None), UNAUTHORIZED
form = LoginForm(request.form)
if request.method == "POST" and form.validate():
login_user(form.dbuser, remember=True)
return redirect(request.args.get("next") or "/")
if request.content_type == "application/json":
abort(BAD_REQUEST)
return render_template("pyfarm/login.html", form=form,
next=request.args.get("next") or "/")
def load_token(token):
"""
callback for :func:`flask_login.LoginManager.token_loader`
When a user is already loaded check the token provided to be sure
the password matches and that the token has not expired.
"""
# The token was encrypted using itsdangerous.URLSafeTimedSerializer which
# allows us to have a max_age on the token itself. When the cookie is
# stored on the users computer it also has a expiry date, but could be
# changed by the user, so this feature allows us to enforce the exipry
# date of the token server side and not rely on the users cookie to expire.
try:
userid, password = login_serializer.loads(
token,
max_age=app.config["REMEMBER_COOKIE_DURATION"].total_seconds())
user = User.get(userid)
return user if user and user.password == password else None
except BadTimeSignature:
return None
def login_page():
"""display and process the login for or action"""
if request.method == "POST" and request.content_type == "application/json":
user = User.get(request.json["username"])
if user and user.check_password(request.json["password"]):
login_user(user, remember=True)
return jsonify(None)
return jsonify(None), UNAUTHORIZED
form = LoginForm(request.form)
if request.method == "POST" and form.validate():
login_user(form.dbuser, remember=True)
return redirect(request.args.get("next") or "/")
if request.content_type == "application/json":
abort(BAD_REQUEST)
return render_template("pyfarm/login.html",
form=form,
next=request.args.get("next") or "/")
def validate_username(self, field):
if self.dbuser is False:
self.dbuser = User.get(request.form["username"])
if self.dbuser is None:
raise ValidationError("invalid username")
def validate_username(self, field):
user = User.get(request.form["username"])
if user is not None:
raise ValidationError("%s already exists" %
request.form["username"])
def validate_username(self, field):
if self.dbuser is False:
self.dbuser = User.get(request.form["username"])
if self.dbuser is None:
raise ValidationError("invalid username")
def validate_username(self, field):
user = User.get(request.form["username"])
if user is not None:
raise ValidationError(
"%s already exists" % request.form["username"])
