def post(self): form = SessionCreateForm() if not form.validate_on_submit(): return form.errors, 422 user = User.query.filter_by(email=form.email.data).first() if user and flask_bcrypt.check_password_hash(user.password, form.password.data): return UserSerializer(user).data, 201 return '', 401
def login(): app.logger.debug("Start login...") currentsession = get_user_session_by_userid() if request.method == "GET": app.logger.debug("Start GET login page...") return render_template("login.html", currentsession=currentsession, title='Sign In') remember_me = False data = request.get_json(force=True) login = data["username"] password = data["password"] # registered_user = User.query.filter_by(username=login).first() registered_user = User.query.filter((User.username == data['username']) | ( User.email == data['username'])).first() if not registered_user: resp = {'usererror': 1, 'status': 409, 'text': 'Username incorrect'} return output_json(json.dumps(resp), 200) elif not flask_bcrypt.check_password_hash(registered_user.password, password): resp = {'passerror': 1, 'status': 409, 'text': 'Password incorrect'} return output_json(json.dumps(resp), 200) if not registered_user.active: resp = {'activeerror': 1, 'status': 409, 'text': 'User not active'} return output_json(json.dumps(resp), 200) else: if not registered_user.paidservice: now = datetime.datetime.now() date_stop_point = registered_user.create_date + datetime.timedelta( days=7) if date_stop_point < now: resp = { 'trialexpire': 1, 'status': 409, 'text': 'Trial period expire' } return output_json(json.dumps(resp), 200) session['username'] = registered_user.username login_user(registered_user, remember=remember_me) registered_user.login_date = datetime.datetime.now() db_session.flush() db_session.commit() resp = {'status': 200, 'text': 'Login ok'} return output_json(json.dumps(resp), 200)
def verify_password(email, password): user = User.query.filter_by(email=email).first() if not user: return False g.user = user return flask_bcrypt.check_password_hash(user.password, password)