def user(): url = __check_login('user') if url: return redirect(url) usererrors = [] userform = UserForm(prefix="user") user = get_user(session['email']) if request.method == 'GET': # Add default values userform.email.data = user.email userform.first_name.data = user.short_name userform.last_name.data = user.family_name userform.alias.data = user.alias elif userform.validate_on_submit(): if (validate_login(session['email'], userform.password.data)): # Update info user.email = userform.email.data user.short_name = userform.first_name.data user.family_name = userform.last_name.data user.full_name = userform.first_name.data + " " + userform.last_name.data user.alias = userform.alias.data if userform.alias.data != "" else None if (userform.new_password.data): user.password = hash_password(userform.new_password.data) save_user(user) flash(_(u'Information updated')) else: usererrors.append(_(u'Invalid password')) if userform.errors: for key, value in userform.errors.items(): usererrors.append(key + ': ' + value[0]) return render_template('user.html', userform=userform, usererrors=usererrors)
def login(): loginerrors = [] regerrors = [] regform = RegistrationForm(prefix="register") loginform = LoginForm(prefix="login") if loginform.email.data and loginform.validate_on_submit(): user = validate_login(loginform.email.data, loginform.password.data) if (user != False): session['email'] = user.email session['language'] = user.preferred_language flash(_(u'You were logged in')) destination = url_for('troikas') if 'destination' in session: destination = session['destination'] session.pop('destination', None) return redirect(destination) else: loginerrors.append(_(u'Invalid email/password')) if loginform.errors: for key, value in loginform.errors.items(): loginerrors.append(key + ': ' + value[0]) forgotform = ForgotForm() if regform.email.data and regform.validate_on_submit(): if (user_exists(email=regform.email.data, alias=regform.alias.data)): regerrors.append(_(u'User with given email or alias already exists')) else: if regform.alias.data == "": regform.alias.data = None register(regform.first_name.data, regform.last_name.data, regform.alias.data, regform.email.data, regform.password.data); session['email'] = regform.email.data flash(_(u'Registration successful, you were logged in')) destination = url_for('troikas') if 'destination' in session: destination = session['destination'] session.pop('destination', None) return redirect(destination) if regform.errors: for key, value in regform.errors.items(): regerrors.append(key + ': ' + value[0]) return render_template('login.html', loginform=loginform, forgotform=forgotform, regform=regform, loginerrors=loginerrors, regerrors=regerrors)
def login_user(user_id): response = create_generic_response_dict() if request.method == 'POST': data = request.form password = data.get("password", None) datastore = UserStore() user = datastore.get_user_by_id(user_id) if user == None or password == None or not security.validate_login(user, password): response['error'] = True response['message'] = 'User and password combination does not validate.' else: auth_token = AuthTokenStore().register(user) user_data = user.get_values_as_dict() user_data['token'] = auth_token.get_values_as_dict() response['data'] = user_data response['message'] = 'User successfully logged in' logger.info('Caught login request for user_id:' + str(user_id) + '->' + response['message']) return jsonify(response)