def login(request):
if request.method == 'GET':
return render(request, 'login.html')
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
# 通过合理性校验
user = User.objects.filter(username=form.cleaned_data.get('username')).first()
if not user:
# 用户不存在
return render(request, 'login.html', {'msg1': '该账号不存在'})
flag = check_password(form.cleaned_data.get('pwd'), user.password)
if not flag:
# 密码错误
return render (request, 'login.html', {'msg2': '密码错误'})
# 向cookie中设置sessionid值
# 向django_session表中存sessionid值
if request.user.id:
return render(request, 'login.html', {'msg3': '一个浏览器只能等录一个账号'})
request.session['user_id'] = user.id
return HttpResponseRedirect(reverse('goods:index'))
else:
return render(request, 'login.html', {'errors': form.errors})
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(username=form.username.data).first()
if user:
if bcrypt.hashpw(form.password.data.encode('utf-8'),
user.password.encode(
'utf-8')) == user.password.encode('utf-8'):
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
message = 'Login efetuado com sucesso.'
return redirect(
url_for('user_app.profile', username=user.username))
else:
user = None
if not user:
error = 'Senha ou nome de usuário incorreto'
return render_template('user/login.html', form=form, error=error)
def login_view(request):
if request.method == "POST":
form = LoginForm(request.POST)
if form.is_valid():
user = authenticate(username=form.cleaned_data["username"],
password=form.cleaned_data["password"])
if user is not None and user.is_confirmed != "NOT_CONFIRMED":
login(request, user)
return redirect(reverse('root'))
else:
return render(
request, "login.html", {
"form":
form,
"errors": [
"Incorrect login or password or you need to confirm your account"
]
})
else:
return render(request, "login.html", {"form": form})
else:
if request.user.is_authenticated:
return redirect(reverse('profile'))
form = LoginForm()
return render(request, "login.html", {"form": form})
def user_login(request):
'''username = request.POST.get('username','')
password = request.POST.get('password','')
user = authenticate(request, username=username, password=password)
#current_http = request.META.get('HTTP_REFERER','/') #获得当前网址,'/'为默认的网址,首页
current_http = request.META.get('HTTP_REFERER', reverse('home')) #反向解析home获得home的网址
if user is not None:
login(request, user)
# Redirect to a success page.
return redirect(current_http)
else:
# Return an 'invalid login' error message.
return render(request,'blog/error.html',{'messege':'用户名或密码不正确'})'''
if request.method == 'POST':
login_form = LoginForm(request.POST)
if login_form.is_valid():
user = login_form.cleaned_data['user']
login(request, user)
# Redirect to a success page.
return redirect(request.GET.get('from', reverse('home')))
else:
login_form = LoginForm()
context = {}
context['login_form'] = login_form
return render(request, 'login.html', context)
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(
username=form.username.data
).first()
if user:
if bcrypt.hashpw(form.password.data, user.password) == user.password:
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
return 'User logged in'
else:
user = None
if not user:
error = 'Incorrect credentials'
return render_template('user/login.html', form=form, error=error)
def login_view(request):
if request.method == "POST":
login_form = LoginForm(request.POST)
if login_form.is_valid():
cd = login_form.cleaned_data
user = authenticate(username=cd['username'],
password=cd['password'])
if user:
# request.session["info"] = "infomation"
'''用户登陆后,Django会自动调用默认的session应用,
将用户的id存至session中,通常情况下,login与authenticate
配合使用'''
login(request, user)
# request.session.set_expiry(0) # 关闭浏览器自动退出登录
return HttpResponseRedirect(reverse('file:file'))
else:
return render(
request, 'user/login.html', {
"form": login_form,
'status': 'ERROR Incorrect username or password'
})
else:
return render(request, 'user/login.html', {
"form": login_form,
'status': '输入不合法'
})
elif request.method == "GET":
if request.user.is_authenticated:
return HttpResponseRedirect(reverse('file:file'))
else:
login_form = LoginForm()
return render(request, 'user/login.html', {"form": login_form})
def login_account(request):
try:
args={}
form = LoginForm()
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
cd = form.cleaned_data
username = cd['username']
password = cd['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
# update last login in database
result = User.objects.filter(username=username).update(last_login=datetime.datetime.now())
login(request, user) #Django buildin login method
# request.session['bookserviceUser'] = username
# response = HttpResponse()
# response.set_cookie('bookserviceLogin', 'True')
return HttpResponseRedirect('/test/')
else:
messages.add_message(request, messages.INFO, 'This account has been disabled.')
else:
messages.add_message(request, messages.INFO, 'Invalid Username and Password')
else:
args['form'] = form
return render(request, 'user/login.html', args)
else:
return render(request, 'user/login.html', {'form':form})
except:
messages.add_message(request, messages.ERROR, sys.exc_info()[1])
return render(request, 'user/login.html', {'form':form})
def loginUser(request):
if request.method == "POST":
form = LoginForm(request.POST)
if form.is_valid():
messages.success(request, 'Successfully Logged in')
username = form.cleaned_data.get("username")
password = form.cleaned_data.get("password")
user = authenticate(username=username, password=password)
login(request, user)
return redirect("index")
else:
context = {
"form": form
}
return render(request, "login.html", context)
else:
form = LoginForm()
context = {
"form": form
}
return render(request, "login.html", context)
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(username=form.username.data).first()
if user:
pw_in = form.password.data
pw_check = maxx_encode(pw_in)
if user.password == pw_check:
# if bcrypt.hashpw(form.password.data, user.password) == user.password:
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
return redirect(url_for('home_app.home'))
# return "<h3 style='color:#CB4154'>Successful login</h3><h4 >Waiting to implement 'home_app.home'</h4>"
else:
user = None
if not user:
error = 'Incorrect credentials'
return render_template('user/login.html', form=form, error=error)
def loginView(request):
context = {}
user = request.user
if user.is_authenticated:
return HttpResponseRedirect(reverse('home'))
if request.POST:
form = LoginForm(request.POST)
if form.is_valid():
email = request.POST['email']
password = request.POST['password']
user = authenticate(username=email, password=password)
if user:
login(request, user)
return HttpResponseRedirect(reverse('home'))
else:
form = LoginForm()
context['form'] = form
return render(request, "user/login.html", context)
def post(self, request):
# 类实例化需要一个字典参数dict:request.POST就是一个QueryDict所以直接传入
# POST中的usernamepassword,会对应到form中
login_form = LoginForm(request.POST)
# is_valid判断我们字段是否有错执行我们原有逻辑,验证失败跳回login页面
if login_form.is_valid():
# 取不到时为空,username,password为前端页面name值
user_name = request.POST.get("email", "")
pass_word = request.POST.get("password", "")
# 成功返回user对象,失败返回null
user = authenticate(username=user_name, password=pass_word)
# 如果不是null说明验证成功
if user is not None:
login(request, user)
return HttpResponseRedirect(reverse("index"))
# 即用户未激活跳转登录,提示未激活
else:
return render(request, "login.html", {"msg": "用户名或密码错误!"})
# 验证不成功跳回登录页面
# 没有成功说明里面的值是None,并再次跳转回主页面
else:
return render(request, "login.html", {"login_form": login_form})
def user_login(request):
if request.method == 'GET':
lform = LoginForm()
return render(request,
'../../Web/templates/login.html',
context={'form': lform})
# else:
# lform = LoginForm(request.POST)
# if lform.is_valid():
# data = lform.cleaned_data
# user = User.objects.filter(username=data.get('username')).first()
#
# # password = lform.cleaned_data.get('password')
# # user = User.objects.filter(username=username).first()
# flag = check_password(data.get('password'), user.password)
# if user and user.is_active:
# flag = check_password(data.get('password'), user.password)
# if flag:
# # token 令牌
# # uid = uuid.uuid4()
# # token = str(uid).replace('-', '')
# # print("++++++++>token :", token)
# # cache.set(token, user, timeout=60 * 30)
#
# # 创建response对象
# # request.session['username'] = username
# # return redirect('user:index', context={'form': lform})
# # return HttpResponseRedirect('/')
# # return render(request, '../../Web/templates/login.html', context={'form': lform, 'msg': '用户名或者密码有误!'})
# username = lform.cleaned_data.get('username')
# request.session['username'] = username
# return HttpResponseRedirect('/')
# else:
# return render(request, '../../Web/templates/login.html', context={'form': lform, 'msg': '请检查用户名或者用户没有激活!'})
# return render(request, '../../Web/templates/login.html', context={'form': lform, 'msg': '用户名或者密码有误!'})
else:
lform = LoginForm(request.POST)
if lform.is_valid():
username = lform.cleaned_data.get('username')
password = lform.cleaned_data.get('password')
user = User.objects.filter(username=username).first()
flag = check_password(password, user.password)
if flag:
# 保存session信息
username = lform.cleaned_data.get('username')
request.session['username'] = username
return HttpResponseRedirect('/')
else:
return render(request,
'../../Web/templates/login.html',
context={
'form': lform,
'msg': '请检查用户名或者用户没有激活!'
})
return render(request,
'../../Web/templates/login.html',
context={
'form': lform,
'msg': '用户名或者密码有误!'
})
def user_login(request):
if request.method == 'GET':
return render(request, 'user/login.html')
else:
lform = LoginForm(request.POST)
if lform.is_valid():
username = lform.cleaned_data.get('username')
password = lform.cleaned_data.get('password')
#进行数据库的查询
user = UserProfile.objects.filter(username=username).first()
# if user:
# flag=check_password(password,user.password)
# if flag:
# # 保存session信息
# request.session['username']=username
#方式二 前提是继承了AbstractUser
user = authenticate(username=username, password=password)
if user:
print(user)
res = login(request, user) # # 将用户对象保存在底层的request中 (session)
print(res)
return redirect(reverse('index')) #
return render(request,
'user/login.html',
context={'errors': lform.errors})
def login(request):
form = LoginForm(request.POST or None)
valueButton = "Se connecter"
error = None
link = "<a id=\"link\" href=\"register\">Inscrivez-vous</a>"
if form.is_valid():
account = form.cleaned_data['account']
password = form.cleaned_data['password']
## Check if data fits with database
user = authenticate(username=account, password=password)
if user is not None:
[
s.delete() for s in Session.objects.all()
if s.get_decoded().get('_auth_user_id') == user.id
]
auth_login(request, user)
return redirect(reverse("game:home"), permanent=True)
## Check if user wasn't banned by an all mighty admin / moderator
## Not working at moment, should be fixed later
# if user_can_authenticate():
# login(request, user)
# else:
# error="L'utilisateur est banni"
else:
error = "L'utilisateur n'existe pas"
return render(request, 'user/baseForm.html', locals())
def post(self, request):
login_form = LoginForm(request.POST)
if login_form.is_valid():
user_name = request.POST.get('username', None)
pass_word = request.POST.get('password', None)
user = authenticate(username=user_name, password=pass_word)
if user is not None:
login(request, user)
return render(request, 'index.html')
# 这里要再加一层验证,因为数据合法的情况下 通不过数据库验证也是白搭
else:
return render(request, 'login.html', {
'msg': '用户名或密码错误',
'login_form': login_form
})
else:
return render(request, 'login.html', {'login_form': login_form})
#
# 改用类来处理get post 之类的逻辑
# def user_login(request):
# if request.method == 'POST':
# user_name = request.POST.get('username', None)
# pass_word = request.POST.get('password', None)
# user = authenticate(username=user_name, password=pass_word)
# if user is not None:
# login(request, user)
# return render(request, 'index.html')
# else:
# return render(request, 'login.html', {'msg': '密码错误呀,小哥'})
# elif request.method == 'GET':
# return render(request,'login.html')
def user_login(request):
context = dict()
form = LoginForm(request.POST or None)
context["form"] = form
if form.is_valid():
email = form.cleaned_data.get("email")
password = form.cleaned_data.get("password")
# if username is not exists throw and error to user
try:
username = User.objects.get(email=email).username
except User.DoesNotExist:
messages.info(request, "Username is wrong.")
return render(request, "user/login.html", context)
# check username and password are correct
user = authenticate(request, username=username, password=password)
if user is None:
messages.info(request, "Username or password is wrong")
return render(request, "user/login.html", context)
else:
messages.success(request, "You have successfully logged in.")
# start new session for user
login(request, user)
return redirect("index")
return render(request, "user/login.html", context)
def login_view(request):
if request.method == "POST":
login_form = LoginForm(request.POST)
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
user = authenticate(username=username, password=password)
if user is not None:
token_string = username.join(
random.choice(ascii_uppercase + digits) for i in range(20))
token = Token.objects.create(token=token_string, user=user)
return HttpResponse(json.dumps({
"status": 0,
"token": token_string
}),
content_type="application/json")
else:
print("user not found")
return HttpResponse(json.dumps({"status": -1}),
content_type="application/json")
return HttpResponse(json.dumps({"status": -1}),
content_type="application/json")
print("form not valid")
return HttpResponse(json.dumps({"status": -1}),
content_type="application/json")
def user_login(request):
if request.method == 'GET':
lform = LoginForm()
return render(request, 'login.html', context={'form': lform})
else:
lform = LoginForm(request.POST)
if lform.is_valid():
data = lform.cleaned_data
user = User.objects.filter(username=data.get('username')).first()
if user and user.is_active:
flag = check_password(data.get('password'), user.password)
if flag:
# token 令牌
uid = uuid.uuid4()
token = str(uid).replace('-', '')
print("++++++++>token :", token)
cache.set(token, user, timeout=60 * 30)
# 创建response对象
res = HttpResponse('用户登录成功')
res.set_cookie('token_', token)
return res
else:
return render(request,
'login.html',
context={
'form': lform,
'msg': '请检查用户名或者用户没有激活!'
})
return render(request,
'login.html',
context={
'form': lform,
'msg': '用户名或者密码有误!'
})
def index(request):
context = dict()
login_form = LoginForm(request.POST or None)
context['login_form'] = login_form
if login_form.is_valid():
email = login_form.cleaned_data.get("email")
password = login_form.cleaned_data.get("password")
# if username is not exists throw and error to user
try:
username = User.objects.get(email=email).username
except User.DoesNotExist:
messages.info(request, "Kullanıcı Adı Yanlış.")
return render(request, "index.html", context)
# check username and password are correct
user = authenticate(request, username=username, password=password)
if user is None:
messages.info(request, "Kullanıcı Adı veya Parolanız Yanlış")
return render(request, "index.html", context)
else:
messages.success(request, "Başarıyla Giriş Yaptınız")
# start new session for user
login(request, user)
return redirect("index")
return render(request, 'index.html', context)
def login():
# login form class from forms.py
form = LoginForm()
# if no validation errors search for user
if request.method == 'POST':
if form.validate_on_submit():
user = User.objects.filter(
username=form.username.data.lower().strip()).first()
# if user exist check password
if user:
if bcrypt.hashpw(form.password.data,
user.password) == user.password:
session[
'username'] = form.username.data # set the session variables
return redirect(url_for('general_app.index'))
else:
return render_template(
'user/login.html',
error='Incorrect username or password')
# user does not exist
else:
return render_template('user/login.html',
error='Not a valid username. Register?')
return render_template('user/login.html', form=form)
def account_login(request, **kwargs):
template = 'user/login.htm'
if request.method == 'GET':
return render(request, template)
elif request.method == 'POST':
context = {'data': request.POST}
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data.get('username')
password = form.cleaned_data.get('password')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
if 'next' in request.GET:
return redirect(request.GET.get('next'))
else:
return redirect(reverse('home'))
else:
messages.error(request, 'Your account may be deactivated.')
return render(request, template, context)
else:
messages.error(request,
'Your credentials do not match any record.')
return render(request, template, context)
else:
context['errors'] = form.errors
return render(request, template, context)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter(
func.lower(User.username) == form.username.data).first()
if user:
if not user.is_approved:
flash('Account is not approved yet!', 'error')
flash(
'Please contact the admin to be be approve your account to login!',
'error')
flash('Admin info is found in the Contact tab!', 'error')
return render_template('user/login.html', form=form)
if bcrypt.hashpw(form.password.data,
user.password) == user.password:
login_user(user)
session['username'] = user.username
session['id'] = user.id
session['is_admin'] = user.is_admin
session['is_approved'] = user.is_approved
session['is_contributor'] = user.is_contributor
return redirect(request.args.get('next') or url_for('index'))
else:
error = 'Incorrect username or password'
flash(error, 'error')
else:
error = 'Incorrect username or password'
flash(error, 'error')
return render_template('user/login.html', form=form)
def user_login(request):
context = {}
if request.method == "GET":
form = LoginForm()
context['form'] = form
return render(request, "user/login.html", context=context)
else:
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data.get("username")
password = form.cleaned_data.get("password")
# 方式一: 没有继承AbstractUser的用户使用这种方法
"""
# 进行数据库查询
user = UserProfile.objects.filter(username=username).first()
# 判断密码是否正确
flag = check_password(password, user.password)
if flag:
# 保存登录的session信息
request.session['username'] = username
# 跳转到主页
"""
context.update(get_index_info())
context["msg"] = 'loginSuccess'
# 方式二: 继承了AbstractUser的用户 可以使用
user = authenticate(username=username, password=password)
if user:
login(request, user) # 将用户对象保存到底层的request中(session)
return render(request, "index.html", context=context)
return render(request,
"user/login.html",
context={
"form": form,
"msg": "login_error"
})
def login():
"""The login function allow the user entry into the application
depending on whether their password is correct or not.
"""
form = LoginForm()
error = None
_set_next_variable_to_session_if_found()
if form.validate_on_submit():
user = User.objects.filter(email=form.email.data).first()
if not user:
error = errors.INCORRECT_CREDENTIALS
else:
if not _is_email_address_confirmed(user):
error = errors.EMAIL_VERIFICATION
elif Password.check_password(form.password.data, user.password):
Session.add(session_name="username",
session_value=user.username.lower())
return redirect(url_for("home_app.home"))
else:
error = errors.INCORRECT_CREDENTIALS
return render_template("users/login/login.html", error=error, form=form)
def login():
form = LoginForm()
error = None
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next')
if form.validate_on_submit():
user = User.objects.filter(
username=form.username.data
).first()
if user:
if bcrypt.hashpw(form.password.data, user.password) == user.password:
session['username'] = form.username.data
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else:
return redirect(url_for('home_app.home'))
else:
user = None
if not user:
error = 'Incorrect credentials'
return render_template('user/login.html', form=form, error=error)
def test_login(self):
form = LoginForm(data = {
'username' : '',
'password' : ''
})
self.assertFalse(form.is_valid())
self.assertEquals(len(form.errors), 2)
def post(self, request):
login_form = LoginForm(request.POST)
if login_form.is_valid():
user_name = request.POST.get('username', '')
pass_word = request.POST.get('password', '')
user = check(username=user_name, password=pass_word)
if user is not None:
if user.is_active:
login(request, user)
blog_lists = BlogInfo.objects.all().order_by('-add_time')
try:
page = request.GET.get('page', 1)
except:
page = 1
p = Paginator(blog_lists, 5, request=request)
lists = p.page(page)
cate_list = Category.objects.all()[:8]
return render(request, 'blog_list.html', {
'blog_list': lists,
'page': p,
'cate_list': cate_list
})
else:
return render(request, 'login_user.html',
{'msg': "用户没有激活"})
else:
return render(request, 'login_user.html',
{'msg': "用户不存在或密码错误"})
else:
user_name = request.POST.get('username', '')
return render(request, 'login_user.html', {
'username': user_name,
'login_form': login_form
})
def login(request):
"""username = request.POST.get('username', '')
password = request.POST.get('password', '')
user = auth.authenticate(request, username=username, password=password)
# 发送此请求的网站
referer = request.META.get('HTTP_REFERER', reverse('home'))
if user is not None:
auth.login(request, user)
# 跳转到首页
return redirect(referer)
else:
return render(request, 'error.html', {'message': '用户名或密码不正确', 'redirect_to': referer})"""
if request.method == 'POST':
login_form = LoginForm(request.POST)
if login_form.is_valid():
user = login_form.cleaned_data.get('user')
auth.login(request, user)
# 跳转到来源页
return redirect(request.GET.get('from', reverse('home')))
else:
login_form = LoginForm()
context = {'login_form': login_form}
return render(request, 'user/login.html', context)
def login(request):
if request.user.is_authenticated:
return redirect('/home/')
elif request.method == "GET":
return render(request, 'account/pages/login.html')
elif request.method == "POST":
username = request.POST['username']
password = request.POST['password']
p_error=None
u_error=None
error="Sorry! Username and Password didn't match, Please try again ! "
if len(username) < 5:
u_error='Username must have atlest 5 characters'
if len(password) < 8:
p_error='Password must have atlest 8 characters'
if p_error==None and u_error==None:
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user = authenticate(username=username, password=password)
if user is not None:
auth_login(request,user)
error= None
return JsonResponse({'p_error':p_error,'u_error':u_error,'error':error})
def post(self, request):
login_form = LoginForm(request.POST)
if login_form.is_valid():
username = request.POST.get('username')
password = request.POST.get('password')
# remember = request.POST.get('remember')
types = request.POST.get('types')
if types == 'member':
is_staff = 0
else:
is_staff = 1
# print(remember)
user = authenticate(username=username, password=password)
# login(request, user) # 调用login方法登陆账号
# return render(request, "index.html")
# else:
# return render(request, "login.html", {"msg": u"用户未激活"})
if user.is_active:
# if user.is_active:
login(request, user)
request.session['passport_id'] = user.id
if user.is_staff == 1:
return render(request, 'main.html', {'res': 0})
else:
return render(request, 'index.html', {'res': 1})
return render(request, 'login.html', {'error': '用户未激活'})
return render(request, 'login.html',
{'login_form': login_form}) # 用户注册
def login(request):
if request.method == 'POST':
login_form = LoginForm(request.POST)
if login_form.is_valid():
identifier = login_form.cleaned_data['identifier']
password = login_form.cleaned_data['password']
user = authenticate(request,
username=identifier,
password=password)
if user != None:
login_user(request, user)
return redirect('main-page')
else:
context_dict = {
'form': login_form,
'invalid_credentials': True
}
return render(request, 'user/login.html', context_dict)
else:
context_dict = {'form': login_form, 'invalid_credentials': True}
return render(request, 'user/login.html', context_dict)
else:
login_form = LoginForm()
context_dict = {'form': login_form, 'invalid_credentials': False}
return render(request, 'user/login.html', context_dict)
def login(request):
# if not request.user.is_anonymous:
# django_logout(request)
# redirect_to = request.REQUEST.get('next', '')
# if not redirect_to:
# redirect_to = "/simorgh/home/"
#
#
# # forgetForm = ForgotForm()
message = ""
if request.method == "POST":
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data["username"]
password = form.cleaned_data["password"]
user = authenticate(username=username, password=password)
if user is not None:
findeduser = User.objects.get(pk=user.id)
my_user = MyUser.objects.get(user=findeduser)
if findeduser.is_active:
if Employee.objects.filter(user=my_user).count() > 0:
emp = Employee.objects.get(user=my_user)
if Cook.objects.filter(cook_id=emp).count() > 0:
django_login(request, user)
return render(request, template_name="employee/cook.html")
elif DeliveryMan.objects.filter(delivery_man_id=emp).count() > 0:
django_login(request, user)
return render(request, template_name="employee/deliveryman.html")
elif Clerk.objects.filter(clerk_id=emp).count() > 0:
django_login(request, user)
return render(request, template_name="employee/clerk.html")
elif Waiter.objects.filter(waiter_id=emp).count() > 0:
django_login(request, user)
return render(request, template_name="employee/waiter.html")
elif WarehouseMan.objects.filter(warehouse_man_id=emp).count() > 0:
django_login(request, user)
return render(request, template_name="employee/warehouseman.html")
elif ParkingMan.objects.filter(parking_man_id=emp).count() > 0:
django_login(request, user)
return render(request, template_name="employee/parkingman.html")
else:
django_login(request, user)
return redirect('/restaurant/')
else:
form = LoginForm()
# raise forms.ValidationError('.حساب کاربری شما غیرفعال است.')
message = ".حساب کاربری شما غیرفعال است."
else:
form = LoginForm()
# print("pass or username wrong")
# raise forms.ValidationError('نام کاربری یا گذرواژه شما اشتباه است..')
message = "نام کاربری یا گذرواژه شما اشتباه است."
else:
form = LoginForm()
return render(request, "user/login.html", {'form': form, 'message': message})
def login_page():
''' User login page: This is a basic login page'''
data = {
'active': 'login',
'loggedin': False
}
# Define and Validate the form
form = LoginForm(request.form)
if request.method == "POST":
if form.validate():
email = form.email.data
password = form.password.data
# Start user definition
user = User()
if user.get('username', email, g.rdb_conn):
result = user.checkPass(password, g.rdb_conn)
if result is True:
data['loggedin'] = True
data['msg'] = 'You are logged in'
data['error'] = False
print("/login - User login successful")
# Start building response
resp = make_response(
redirect(url_for('member.dashboard_page')))
cdata = cookies.genCdata(
user.uid, app.config['SECRET_KEY'])
timeout = int(time.time()) + \
int(app.config['COOKIE_TIMEOUT'])
# Set cookie as securely as possible
resp.set_cookie(
'loggedin', cdata, expires=timeout, httponly=True)
print("Setting cookie")
return resp
else:
data['msg'] = 'Password does not seem valid'
data['error'] = True
print("/login - User login error: wrong password")
else:
data['msg'] = 'Uhh... User not found'
print("/login - User login error: invalid user")
data['error'] = True
else:
data['msg'] = 'Form is not valid'
print("/login - User login error: invalid form")
data['error'] = True
# Return Login Page
page = render_template('user/login.html', data=data, form=form)
return page
def login(request):
if request.method == 'POST':
rst = json.loads(request.body.decode("utf-8"))
uf = LoginForm(rst)
if uf.is_valid():
email = uf.cleaned_data['email']
pwd = (uf.cleaned_data['password'] + keyPwd).encode("utf-8")
password = hashlib.sha1(pwd).hexdigest()
#获取的表单数据与数据库进行比较
user = User.objects.filter(email__exact = email,password__exact = password).first()
if user:
data = {"status" : 'success',
'msg' : "Login success"
}
#将username写入浏览器cookie,失效时间为3600 * 24 * 30
token = hashlib.sha1((user.random + keyToken + str(int(time.time() / (24 * 3600)))).encode("utf-8")).hexdigest()
cookieOpt = {'expires' : int(time.time()) + 3600 * 24 * 30}
data['cookies'] = {
'email' : {
'value' : base64.b64encode(email.encode('utf-8')).decode("utf-8"),
'opt' : cookieOpt
},
'token' : {
'value' : token,
'opt' : cookieOpt
}
}
response = HttpResponse(json.dumps(data), content_type="application/json")
return response
else:
#比较失败,还在login
data = {"status" : 'error',
'msg' : "email or password is error"
}
return HttpResponse(json.dumps(data), content_type="application/json")
else:
data = {"status" :'error',
'msg' : "login form is error"
}
return HttpResponse(json.dumps(data), content_type="application/json")
else:
data = {"status" : 'error',
'msg' : "login only post method"
}
return HttpResponse(json.dumps(data), content_type="application/json")
def login():
"""Login view."""
form = LoginForm()
if form.validate_on_submit():
try:
log_user = models.User.get(models.User.username == form.username.data)
except models.DoesNotExist:
flash("Your username or password doesn't match!", "error")
else:
if check_password_hash(log_user.password, form.password.data):
login_user(log_user)
flash("You've been logged in!", "success")
return redirect(url_for('index'))
else:
flash("Your username or password doesn't match!", "error")
return render_template('user/login.html', form=form)
def login_page():
""" User login page: This is a basic login page"""
data = {"active": "login", "loggedin": False}
# Define and Validate the form
form = LoginForm(request.form)
if request.method == "POST":
if form.validate():
email = form.email.data
password = form.password.data
# Start user definition
user = User()
user.config = app.config
if user.get("username", email, g.rdb_conn):
result = user.checkPass(password, g.rdb_conn)
if result is True:
data["loggedin"] = True
print("/login - User login successful")
flash("You are logged in.", "success")
# Start building response
resp = make_response(redirect(url_for("member.dashboard_page")))
cdata = cookies.genCdata(user.uid, app.config["SECRET_KEY"])
timeout = int(time.time()) + int(app.config["COOKIE_TIMEOUT"])
# Set cookie as securely as possible
resp.set_cookie("loggedin", cdata, expires=timeout, httponly=True)
print("Setting cookie")
return resp
else:
print("/login - User login error: wrong password")
flash("Password does not seem valid.", "danger")
else:
print("/login - User login error: invalid user")
flash("Uhh... User not found.", "danger")
else:
print("/login - User login error: invalid form")
flash("Form is not valid.", "danger")
# Return Login Page
return render_template("user/login.html", data=data, form=form)
def login():
form = LoginForm()
error = None
if form.validate_on_submit():
user = User.query.filter_by(
username = form.username.data
).first()
if user:
if user.password == form.password.data:
session['username'] = form.username.data
session['is_admin'] = user.is_admin
flash("Hello %s -- login successful!" % form.username.data)
if user.is_admin:
return redirect(url_for('admin'))
else:
return redirect(url_for('member'))
else:
error = "Incorrect username or password"
else:
error = "Incorrect username or password"
return render_template("user/login.html", form = form, error = error)
def login():
login_form = LoginForm()
if get_current_user().is_anonymous():
if login_form.validate_on_submit():
username = login_form.username.data
try:
current_user = models.User.get(models.User.username == username)
except models.DoesNotExist:
flash("Your username or password is wrong!", "error")
return redirect(url_for('login'))
else:
if check_password_hash(current_user.password, login_form.password.data):
login_user(current_user)
flash("You have logged in!", "success")
return redirect(url_for('dashboard'))
else:
flash("Your username or password is wrong!", "error")
return redirect(url_for('login'))
return render_template('login.html',
login_form=login_form,
title="Login")
else:
flash("You are logged in already.", "success")
return redirect(url_for('dashboard'))
def login():
form = LoginForm()
error = None
# Keeps track of requested url if redirected to login from another page
if request.method == 'GET' and request.args.get('next'):
session['next'] = request.args.get('next', None)
if form.validate_on_submit():
user = User.query.filter_by(
username=form.username.data,
password=form.password.data
).first()
if user: # if user is found
session['username'] = form.username.data
session['userID'] = user.id
# if they were redirect to login then send to original requested url
if 'next' in session:
next = session.get('next')
session.pop('next')
return redirect(next)
else: # otherwise send to login_success page
app.logger.info('%s: Successful login for: %s', datetime.datetime.utcnow(), form.username.data)
show_records = app.config['DEFAULT_ENTRIES_PER_PAGE']
records_per_page = app.config['DEFAULT_ENTRIES_PER_PAGE']
feed = getFeedData(session['userID'])
return render_template('gardenDiary/dashboard.html', feed=feed, show_records=show_records, records_per_page=records_per_page)
else: # bad username or password
error = "Incorrect username and/or password"
app.logger.warning('%s: Incorrect username and/or password: username:%s ', datetime.datetime.utcnow(), form.username.data)
return render_template('user/login.html', form=form, error=error)
def test_validate_invalid_email_format(self):
# Ensure invalid email format throws error.
form = LoginForm(email='unknown', password='******')
self.assertFalse(form.validate())
pass
def test_validate_success_login_form(self):
# Ensure correct data validates.
form = LoginForm(email='*****@*****.**', password='******')
self.assertTrue(form.validate())
pass
