def get_login_token():
email = flask.request.form.get('email')
password = flask.request.form.get('password')
if not email or not password:
abort(400)
if not is_valid_login_attempt(email):
abort(401, gettext('Exceeded number of allowed login attempts'))
user = get_auth_user_by_email(email)
if user is not None and _is_password_valid(password.encode('UTF-8'), user):
user = get_resource_service('users').find_one(req=None,
_id=user['_id'])
if not _is_company_enabled(user):
abort(401, gettext('Company account has been disabled.'))
if _is_account_enabled(user):
return generate_auth_token(
str(user['_id']), '{} {}'.format(user.get('first_name'),
user.get('last_name')),
user['user_type'])
else:
abort(401, gettext('Account is disabled.'))
else:
abort(401, gettext('Invalid username or password.'))
def login():
form = LoginForm()
if form.validate_on_submit():
if not is_valid_login_attempt(form.email.data):
return flask.render_template('account_locked.html', form=form)
user = get_auth_user_by_email(form.email.data)
if user is not None and _is_password_valid(
form.password.data.encode('UTF-8'), user):
user = get_resource_service('users').find_one(req=None,
_id=user['_id'])
if not is_admin(user) and not user.get('company'):
flask.flash(
gettext('Insufficient Permissions. Access denied.'),
'danger')
return flask.render_template('login.html', form=form)
if not _is_company_enabled(user):
flask.flash(gettext('Company account has been disabled.'),
'danger')
return flask.render_template('login.html', form=form)
if _is_account_enabled(user):
flask.session['user'] = str(
user['_id']) # str to avoid serialization issues
flask.session['name'] = '{} {}'.format(user.get('first_name'),
user.get('last_name'))
flask.session['user_type'] = user['user_type']
flask.session.permanent = form.remember_me.data
flask.flash('login', 'analytics')
if flask.session.get('locale') and flask.session[
'locale'] != user.get('locale'):
get_resource_service('users').system_update(
user['_id'], {'locale': flask.session['locale']}, user)
return flask.redirect(
flask.request.args.get('next')
or flask.url_for('wire.index'))
else:
flask.flash(gettext('Account is disabled.'), 'danger')
else:
flask.flash(gettext('Invalid username or password.'), 'danger')
return flask.render_template('login.html', form=form)
def signup():
form = SignupForm()
if form.validate_on_submit():
new_user = form.data
new_user.pop('csrf_token', None)
user = get_auth_user_by_email(form.email.data)
if user is not None:
flask.flash(gettext('Account already exists.'), 'danger')
return flask.redirect(flask.url_for('auth.login'))
send_new_signup_email(user=new_user)
return flask.render_template('signup_success.html'), 200
return flask.render_template('signup.html',
form=form,
sitekey=app.config['RECAPTCHA_PUBLIC_KEY'],
terms=app.config['TERMS_AND_CONDITIONS'])
