def home():
password_form = Password_Change_Form(request.form)
if request.method == 'POST':
if verify_password(password_form.current_password.data,
current_user.password):
db.session.query(User).filter(User.id == current_user.id).update({
"password":
encrypt_password(password_form.new_password.data)
})
db.session.commit()
return redirect(url_for('home'))
regional_leads = db.session.query(User).join(
User.roles).filter(Role.name == 'regional').all()
team_leads = db.session.query(User).join(
User.roles).filter(Role.name == 'teamlead').all()
if current_user.temp_pass == current_user.password:
password_reset = True
else:
password_reset = False
if current_user.roles[0] == "teamlead":
return redirect(url_for('team_confirmation'))
return render_template('index.html',
password_form=password_form,
regional_leads=regional_leads,
password_reset=password_reset,
team_leads=team_leads)
def run(self):
print '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
print 'WARNING!!!!! YOU ARE ABOUT TO DELETE ALL ISSUES!!!!!'
print '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
c = prompt_bool('Are you sure you wish to continue?')
if c:
email = prompt('Enter your administrator email address: ')
u = User.query.filter_by(email=email).first()
if u and u.has_role('super'):
password = prompt('Enter password: '******'Deleting `issue_creators` table'
db.engine.execute(issues_creators.delete())
print 'Deleting `issues_bundles` table'
db.engine.execute(issues_bundles.delete())
print 'Deleting `Issue Covers` table'
IssueCover.query.delete()
print 'Deleting all objects from `Issues` table'
Issue.query.delete()
db.session.commit()
print 'All Issues have been deleted.'
print 'You should delete the cover images from the store!'
else:
print 'Incorrect password, Aborting...'
else:
print 'User not found or is not an administrator, Aborting...'
else:
print 'Aborting...'
return
def run(self):
print '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
print 'WARNING!!!!! YOU ARE ABOUT TO DELETE ALL ISSUES!!!!!'
print '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
c = prompt_bool('Are you sure you wish to continue?')
if c:
email = prompt('Enter your administrator email address: ')
u = User.query.filter_by(email=email).first()
if u and u.has_role('super'):
password = prompt('Enter password: '******'Deleting `issue_creators` table'
db.engine.execute(issues_creators.delete())
print 'Deleting `issues_bundles` table'
db.engine.execute(issues_bundles.delete())
print 'Deleting `Issue Covers` table'
IssueCover.query.delete()
print 'Deleting all objects from `Issues` table'
Issue.query.delete()
db.session.commit()
print 'All Issues have been deleted.'
print 'You should delete the cover images from the store!'
else:
print 'Incorrect password, Aborting...'
else:
print 'User not found or is not an administrator, Aborting...'
else:
print 'Aborting...'
return
def login():
"""
Login form
"""
if 'user_id' in session:
return redirect(url_for('users.home'))
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and verify_password(form.password.data, user.password):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
authorize(user)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash(gettext(u'Welcome') + " " + user.name)
return redirect(url_for('home.home'))
flash(gettext(u'Wrong email or password'), 'error-message')
return render_template('users/login.html', form=form)
def login():
"""
Login form
"""
if 'user_id' in session:
return redirect(url_for('users.home'))
form = LoginForm(request.form)
# make sure data are valid, but doesn't validate password is right
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
# we use werzeug to validate user's password
if user and verify_password(form.password.data, user.password):
# the session can't be modified as it's signed,
# it's a safe place to store the user id
authorize(user)
# Tell Flask-Principal the identity changed
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
flash(gettext(u'Welcome') + " " + user.name)
if not user.is_confirmed():
return redirect(url_for('users.pleaseconfirm', next=url_for('home.home')))
return redirect(url_for('home.home'))
flash(gettext(u'Wrong email or password'), 'error-message')
return render_template('users/login.html', form=form)
def authenticate(username, password):
''' Auth based on username/password. '''
user = user_datastore.find_user(email=username)
if user and username == user.email \
and verify_password(password, user.password_hash):
return user
return None
def authenticate(username, password):
from models import User
try:
user = User.get(email=username)
except User.DoesNotExist:
return None
if verify_password(password, user.password):
return user
def test_verify_password_independent_of_salt(webapp):
app = webapp.app
password = '******'
with app.app_context():
encrypted = encrypt_password(password)
assert encrypted != password
app.config['SECURITY_PASSWORD_SALT'] = 'some other salt here'
with app.app_context():
assert verify_password(password, encrypted)
def check_auth(email, password):
"""
This function is called to check if a username & password combination is valid.
"""
users_with_that_email = User.query.filter_by(email=email)
if users_with_that_email.count() > 0:
db_password = users_with_that_email[0].password
return verify_password(password, db_password)
return False
def _authenticate(self, data_dict):
user = _security.datastore.find_user(email=data_dict["email"])
if verify_password(data_dict["password"], user.password):
login_user(user)
else:
raise t.DataError({"email": "Can't find anyone with this credentials"})
return data_dict
def test_verify_password_independent_of_salt(webapp):
app = webapp.app
password = '******'
with app.app_context():
encrypted = encrypt_password(password)
assert encrypted != password
app.config['SECURITY_PASSWORD_SALT'] = 'some other salt here'
with app.app_context():
assert verify_password(password, encrypted)
def verify_login(email, password):
user = user_acessor.user_by_email(email)
if not user:
raise ApiException(codes.LOGIN_INVALID, code=404)
if verify_password(password, user.password):
return user
raise ApiException(codes.LOGIN_INVALID, code=404)
def _authenticate(self, data_dict):
user = security.datastore.find_user(email=data_dict['email'])
if verify_password(data_dict.get('password'), user.password):
login_user(user)
else:
raise t.DataError(
{'email': "Can't find anyone with this credentials"})
return data_dict
def check_auth(email, password):
"""
This function is called to check if a username & password combination is valid.
"""
users_with_that_email = models.User.query.filter_by(email=email)
db_password = ""
if users_with_that_email.count() > 0:
db_password = users_with_that_email[0].password
return verify_password(password, db_password)
def _authenticate(self, data_dict):
user = security.datastore.find_user(email=data_dict['email'])
if verify_password(data_dict.get('password'), user.password):
login_user(user)
else:
raise t.DataError({
'email': "Can't find anyone with this credentials"
})
return data_dict
def login_helper(user_email, password):
user = AppUser.query.filter(AppUser.email == user_email).first()
if user and verify_password(user.password.encode('utf8'), password):
user.authenticated = True
db.session.add(user)
db.session.commit()
login_user(user)
session.permanent = True
return True
else:
return False
def login_helper(user_email, password):
user = AppUser.query.filter(AppUser.email == user_email).first()
if user and verify_password(
user.password.encode('utf8'),
password
):
user.authenticated = True
db.session.add(user)
db.session.commit()
login_user(user)
session.permanent = True
return True
else:
return False
def login_user_if_possible(data, *args, **kwargs):
if "user_email" in data and "user_password" in data:
email = data["user_email"]
password = data["user_password"]
user = models.User.query.filter_by(email=email).first()
if not user:
raise ProcessingException(description='unauthorized', code=401)
if not verify_password(password, user.password):
raise ProcessingException(description='unauthorized', code=401)
login_user(user)
del data["user_password"]
if 'user_name' in data:
del data['user_name']
del data['user_email']
data["user_id"] = user.id
def login_user_if_possible(data, *args, **kwargs):
if "user_email" in data and "user_password" in data:
email = data["user_email"]
password = data["user_password"]
user = models.User.query.filter_by(email=email).first()
if not user:
raise ProcessingException(description='unauthorized', code=401)
if not verify_password(password, user.password):
raise ProcessingException(description='unauthorized', code=401)
login_user(user)
del data["user_password"]
if 'user_name' in data:
del data['user_name']
del data['user_email']
data["user_id"] = user.id
def authenticate():
"""
Authenticate user
email: valid, registered email address
password: valid password for email
"""
payload = get_post_payload()
email = param_required('email', payload)
password = param_required('password', payload)
user = models.User.query.filter_by(email=email).first()
if not user:
raise DbException('unknown user', 400)
if not verify_password(password, user.password):
raise DbException('invalid password', 400)
login_user(user)
return jsonify({})
def authenticate():
"""
Authenticate user
email: valid, registered email address
password: valid password for email
"""
payload = get_post_payload()
email = param_required('email', payload)
password = param_required('password', payload)
user = models.User.query.filter_by(email=email).first()
if not user:
raise DbException('unknown user', 400)
if not verify_password(password, user.password):
raise DbException('invalid password', 400)
login_user(user)
return jsonify({})
def login_view(self):
# handle user login
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
user = form.get_user()
if user is not None:
if user and utils.verify_password(form.password.data, user.password):
login.login_user(user)
flash("Logged in successfully!", category='success')
return redirect(url_for('admin.index'))
flash("Wrong username or password!", category='error')
if login.current_user.is_authenticated:
return redirect(url_for('.index'))
link = '<p>Don\'t have an account? Too bad... </p>'
self._template_args['form'] = form
self._template_args['link'] = link
return super(MyAdminIndexView, self).index()
def create_person():
if not request.json and not 'password' in request.json:
abort(400)
this_email = request.json.get('email')
this_password = request.json.get('password')
if User.query.filter(User.email == this_email).count() == 0:
raise flask.ext.restless.ProcessingException(description='Not Authorized',
code=401)
elif User.query.filter(User.email == this_email).count() == 1:
u = User.query.filter(User.email == this_email)
pwhash = u[0].password
if u and utils.verify_password(this_password, pwhash):
auth_token = u[0].get_auth_token()
identity = {
'email': this_email,
'password':this_password,
'authentication_token':auth_token
}
return jsonify( { 'identity': identity } )
def settings(id=None):
'''
API that returns and stores user settings, including user name, email, and
password.
'''
if not current_user.is_authenticated():
flask.abort(403)
user = current_user
if flask.request.method == 'GET':
json = [{
'id': user.id,
'name': user.name,
'email': user.email,
'passwprd': '',
'roles': [unicode(role.name) for role in user.roles],
}]
return flask.jsonify(items=json)
if flask.request.method == 'PUT':
req = flask.request.get_json()
current_user.email = req['email']
current_user.name = req['name']
db.session.commit()
return flask.jsonify(ok=True)
if flask.request.method == 'POST':
req = flask.request.get_json()
if not verify_password(req['old'], current_user.password):
response = flask.jsonify(ok=False,
msg='Das alte Passwort stimmt nicht.')
response.status_code = 409
return response
if req['new1'] != req['new2']:
response = flask.jsonify(
ok=False,
msg='Die beiden neuen Passwörter stimmen nicht überein.')
response.status_code = 409
return response
current_user.password = encrypt_password(req['new1'])
db.session.commit()
return flask.jsonify(ok=True)
flask.abort(405)
def log_invite():
form = LoginForInvite(request.form)
grp_id = request.form['groupid']
inv_id = request.form['invid']
email = request.form['email']
if request.method == 'POST' and form.validate():
password = request.form['password']
email = request.form['email']
usr = user_datastore.get_user(email)
if not usr:
flash('password is incorrect, please try later or register','info')
if usr:
tf = utils.verify_password(password, usr.password)
if tf == True:
grp_id = request.form['groupid']
inv_id = request.form['invid']
# group of the person who has invited
g = Group.query.filter(Group.id == grp_id).first()
g.users.append(usr)
i = Invitations.query.filter(Invitations.id == inv_id).first()
i.accepted = True
db.session.commit()
# find the group of the user who got invitation
g_who_got_invitation=Group.query.filter(Group.owner_id == usr.id).first()
# user instance who has invited
usr_who_has_invited = User.query.filter(User.id == g.owner_id).first()
g_who_got_invitation.users.append(usr_who_has_invited)
db.session.commit()
flask.ext.security.utils.login_user(usr)
flash('you are already registerd in this program','info')
flash('you are added to the group','info')
flash('Logged in as ' + usr.email,'info')
return redirect(url_for('frontend.index'))
if tf == False:
flash('password is incorrect, please try again later or register','info')
return render_template('frontend/loginforinvite.html', form=form,\
email=email,\
grp_id=grp_id,\
inv_id=inv_id)
def post(self):
"""Log user in.
"""
app = current_app._get_current_object()
req_json = request.get_json()
email = req_json["email"]
password = req_json["password"]
user = db_user.query.filter_by(email=str(email)).first()
if user is not None:
if utils.verify_password(password,user.password):
token = user.generate_auth_token(app)
return jsonify({ 'token': token.decode('ascii') })
else:
return json.jsonify(error="Invalid password!")
else:
return json.jsonify(error="User does not exist!")
def settings(id=None):
'''
API that returns and stores user settings, including user name, email, and
password.
'''
if not current_user.is_authenticated():
flask.abort(403)
user = current_user
if flask.request.method == 'GET':
json = [{
'id': user.id,
'name': user.name,
'email': user.email,
'passwprd': '',
'roles': [unicode(role.name) for role in user.roles],
}]
return flask.jsonify(items=json)
if flask.request.method == 'PUT':
req = flask.request.get_json()
current_user.email = req['email']
current_user.name = req['name']
db.session.commit()
return flask.jsonify(ok=True)
if flask.request.method == 'POST':
req = flask.request.get_json()
if not verify_password(req['old'], current_user.password):
response = flask.jsonify(ok=False, msg='Das alte Passwort stimmt nicht.')
response.status_code=409
return response
if req['new1'] != req['new2']:
response = flask.jsonify(ok=False, msg='Die beiden neuen Passwörter stimmen nicht überein.')
response.status_code=409
return response
current_user.password = encrypt_password(req['new1'])
db.session.commit()
return flask.jsonify(ok=True)
flask.abort(405)
def verifypw(self, plaintext) :
return verify_password(plaintext, self._password) #bcrypt.check_password_hash(self._password, plaintext)
def validate_old_password(form, field):
if not verify_password(field.data, current_user.password):
raise ValidationError('Incorrect password')
def authenticate(username, password):
user = user_datastore.find_user(email=username)
if user and user.confirmed_at and username == user.email and verify_password(
password, user.password):
return user
return None
def get_if_authenticates(cls, email, password):
"""Checks if the user authenticates before getting."""
member = cls.get_by_email(email)
if member:
if verify_password(password, member.password):
return member
def authenticate(cls, args):
user = User.query.filter_by(email=args['email']).first()
if user and verify_password(args['password'], user.password):
return user
return False
def has_passw(self, pwPlain):
return utils.verify_password(pwPlain, self.password)
def test_factory(self):
user = UserFactory()
assert bool(user.email)
assert bool(user.confirmed_at)
assert user.active is True
assert verify_password('password', user.password)
def validate_password(self, password):
return verify_password(password, self._password)
def authenticate(username, password):
user = user_datastore.find_user(email=username)
if user and user.confirmed_at and username == user.email and verify_password(password, user.password):
return user
return None
def _verify_password(self, expect_password, password):
with app.app_context():
return verify_password(expect_password, password)
def is_valid_password(self, password):
return verify_password(password, self.password)
def check_password(self, password):
if self.password is None:
return False
return verify_password(self.password, password)
def authenticate(cls, args):
user = User.query.filter_by(email=args['email']).first()
if user and verify_password(args['password'], user.password):
return user
return False
def verify_password(self, password):
return utils.verify_password(password, self.password)
def get_user(email, password, *args, **kwargs):
user = User.query.filter_by(email=email).first()
if user and verify_password(password, user.password):
return user
return None
def check_password(self, password):
if self.password is None:
return False
return verify_password(self.password, password)
def check_password(self, password):
return verify_password(password, self.password)
def log():
json = request.get_json()
app.logger.debug(json)
#mail = request.args.get("mail")
mail = json["mail"]
app.logger.debug(mail)
#password = request.args.get("password")
password = json["password"]
#url = json["url"]
u = user_datastore.get_user(mail)
if u:
v = utils.verify_password(password, u.password)
if v:
if u.confirmed_at:
utils.login_user(u, remember=True)
i=[]
for v in u.roles:
i.append(v.name)
response = {
"status": True,
"message": "Authenticated",
#"url":url,
"route":"home",
"mail":mail,
"roles":i,
"confirmed_at":u.confirmed_at,
"active":u.active
}
else:
response = {
"status": False,
"message": "Not logged",
"route":"confirm",
"mail":"",
"roles":[],
"active":False,
#"url":url
}
else:
response = {
"status": False,
"message": "Not logged",
"route":"login",
"mail":"",
"roles":[],
"active":False,
#"url":url
}
else:
response = {
"status": False,
"message": "Not a user",
"route":"register",
"mail":"",
"roles":[],
"active":False,
#"url":url
}
return jsonify(response )
def check_password(self, password):
return verify_password(password, self.password)