def signUp(): if request.method == 'POST': username = request.form['UserName'] password = sha256_crypt.encrypt(str(request.form['Password'])) else: username = request.args.get('UserName') password = sha256_crypt.encrypt(str(request.args.get('Password'))) if username and password: c=db.cursor() c.execute("SELECT COUNT(1) FROM User WHERE username = %s;",(username,)) if c.fetchone()[0]: flash("User Exists Already") return redirect('/register') else: c.execute(''' INSERT INTO User (username, password) VALUES (%s, %s) ''',(str(username), str(password))) db.commit() flash("User Created!") c.execute('''SELECT uid FROM User WHERE username = %s ''',(username,)) uid = c.fetchone() session['logged_in'] = True session['username'] = username session['uid'] = uid return redirect('/userHome') else: return json.dumps({'html':'<span>Enter the required fields</span>'})
def run(self): banner("Install Cloudmesh Management") obj = Mongo() obj.check_mongo() get_mongo_db("manage", DBConnFactory.TYPE_MONGOENGINE) install.run(self) banner("Adding Super User") users = Users() found = User.objects(username='******') if not found: data = User( status="approved", title="None", firstname="Super", lastname="User", email="*****@*****.**", username="******", active=True, password=sha256_crypt.encrypt("MyPassword"), phone="555-555-5555", department="IT", institution="IU", institutionrole="Other", address="IU", country="United States(US)", citizenship="United States(US)", bio="Manage Project Committee", url="http://cloudmesh.github.io/cloudmesh.html", advisor="None", confirm=sha256_crypt.encrypt("MyPassword"), projects=[], ) users.add(data)
def update_passwd(self, username, new_password, old_password=None): ''' Change a logged in user's password. :param username: username who's password will be updated :param new_password: new password to apply to user's profile :param old_password: old (current) password for validation ''' # FIXME: take out a lock... for updating any properties if not self.is_self(username): self._raise(401, "not authorized") self.user_exists(username, raise_if_not=True) if not new_password: self._raise(400, 'new password can not be null') if not old_password: if not self.is_superuser(): self._raise(400, 'old password can not be null') old_passhash = None if old_password: old_passhash = self.get_user_profile(username, ['_passhash']) if old_passhash and sha256_crypt.verify(old_password, old_passhash): new_passhash = sha256_crypt.encrypt(new_password) else: self._raise(400, "old password does not match") else: new_passhash = sha256_crypt.encrypt(new_password) self.update_user_profile(username, 'set', '_passhash', new_passhash) logger.debug( "password updated (%s) by %s" % (username, self.current_user)) return True
def gen_password(): """ Generate a salted password """ password = getpass.getpass() verify = getpass.getpass() if password != verify: print "Passwords do not match!" else: print sha256_crypt.encrypt(password)
def setUp(self): """Create needed tables and example record""" testDatabase.createAll() #Create a Client entry and a Patient entry carerClient = testDatabase.Client.insert( username = "******", email = "*****@*****.**", dob = "03/03/1993", verified = True, accountlocked = False, loginattempts = 0, accountdeactivated = False) carerClient.execute() carerCarer = testDatabase.Carer.insert( username = "******", firstname = "carer", ismale = True, nhscarer = True, surname = "carer") carerCarer.execute() carerPassword = testDatabase.uq8LnAWi7D.insert( expirydate = '01/01/2020', iscurrent = True, password = sha256_crypt.encrypt('test'), username = "******") carerPassword.execute() patientClient = testDatabase.Client.insert( username = "******", email = "*****@*****.**", dob = "03/03/1993", verified = True, accountlocked = False, loginattempts = 0, accountdeactivated = False) patientClient.execute() testPatient = testDatabase.Patient.insert( username = "******", firstname = "patient", surname = "patient", ismale = True) testPatient.execute() patientPassword = testDatabase.uq8LnAWi7D.insert( expirydate = '01/01/2020', iscurrent = True, password = sha256_crypt.encrypt('test'), username = "******") patientPassword.execute() ntype = testDatabase.Notificationtype.insert( typename = "Connection Request", typeclass = "info" ) ntype.execute()
def setUp(self): """Create needed tables and example record""" testDatabase.createAll() # Carer carerClient = testDatabase.Client.insert( username = "******", email = "*****@*****.**", dob = "03/03/1993", verified = True, accountlocked = False, loginattempts = 0, accountdeactivated = False) carerCarer = testDatabase.Carer.insert( username = "******", firstname = "carer", ismale = True, nhscarer = True, surname = "carer") carerPassword = testDatabase.uq8LnAWi7D.insert( expirydate = '01/01/2020', iscurrent = True, password = sha256_crypt.encrypt('test'), username = "******") carerClient.execute() carerCarer.execute() carerPassword.execute() # Patient patientClient = testDatabase.Client.insert( username = "******", email = "*****@*****.**", dob = "03/03/1993", verified = True, accountlocked = False, loginattempts = 0, accountdeactivated = False) testPatient = testDatabase.Patient.insert( username = "******", firstname = "patient", surname = "patient", ismale = True) patientPassword = testDatabase.uq8LnAWi7D.insert( expirydate = '01/01/2020', iscurrent = True, password = sha256_crypt.encrypt('test'), username = "******") patientClient.execute() testPatient.execute() patientPassword.execute() testRelationship = testDatabase.Relationship.insert( code = 1234, requestor = "carer", requestortype = "Carer", target = "patient", targettype = "Patient") testRelationship.execute()
def setUp(self): testDatabase.createAll() #Create a Client entry, a Patient entry, a prescription and a password. testClient = testDatabase.Client.insert( username = "******", email = "*****@*****.**", dob = "03/03/1993", verified = True, accountlocked = False, loginattempts = 0, accountdeactivated = False) testClient.execute() testPatient = testDatabase.Patient.insert( username = "******", firstname = "test", surname = "test", ismale = True) testPatient.execute() testPassword = testDatabase.uq8LnAWi7D.insert( expirydate = '01/01/2020', iscurrent = True, password = sha256_crypt.encrypt('test'), username = "******") testPassword.execute() securityClient = testDatabase.Client.insert( username = "******", email = "*****@*****.**", dob = "03/03/1993", verified = True, accountlocked = False, loginattempts = 0, accountdeactivated = False) securityClient.execute() testSecurity = testDatabase.Patient.insert( username = "******", firstname = "Security", surname = "Security", ismale = True) testSecurity.execute() securityPassword = testDatabase.uq8LnAWi7D.insert( expirydate = '01/01/2020', iscurrent = True, password = sha256_crypt.encrypt('test'), username = "******") securityPassword.execute()
def setUpClass(cls): cls.package = package = make_package() settings = { 'pyramid.debug_authorization': True, 'pypi.db': 'tests.test_security.GlobalDummyCache', 'pypi.storage': 'tests.test_security.GlobalDummyStorage', 'session.validate_key': 'a', 'user.user': sha256_crypt.encrypt('user'), 'user.user2': sha256_crypt.encrypt('user2'), 'package.%s.group.authenticated' % package.name: 'r', 'package.%s.group.brotatos' % package.name: 'rw', 'group.brotatos': ['user2'], } app = main({}, **settings) cls.app = webtest.TestApp(app)
def setUpClass(cls): cls.package = package = make_package() settings = { "pyramid.debug_authorization": True, "pypi.db": "tests.test_security.GlobalDummyCache", "pypi.storage": "tests.test_security.GlobalDummyStorage", "session.validate_key": "a", "user.user": sha256_crypt.encrypt("user"), "user.user2": sha256_crypt.encrypt("user2"), "package.%s.group.authenticated" % package.name: "r", "package.%s.group.brotatos" % package.name: "rw", "group.brotatos": ["user2"], } app = main({}, **settings) cls.app = webtest.TestApp(app)
def do_setkey(self): length = 16 global key global hash_file hash = "" while len(key) != 16 and len(key) != 24 and len(key) !=32: key = getpass.getpass(prompt="Please enter a key of 16, 24, or 32 characters: " ) #prompt the user for a key if len(key) != 16 and 24 and 32: print "The keys length was: %i" %(len(key)) + "Please try again." #if the key was not of proper length then inform the user continue hash = sha256_crypt.encrypt(key, salt="123") #print "If we typed a bad key, we shouldn't have gotten this far." if os.path.isfile(hash_file): file = open(hash_file, 'r') hashed_key = file.readline() file.close() if hashed_key != hash: print "Warning: This is a different key. Would you still like to proceed? Press y or n." answer = raw_input() if answer == "y": subprocess.call(['chmod', '0700', os.getcwd() + "/" + hash_file]) file = open(hash_file, 'w') file.write(hash) file.close() break else: key = "" else: file = open(hash_file, 'a+') file.write(hash) subprocess.call(['chmod', '0400', os.getcwd() + "/" + hash_file]) file.close()
def put(self, username): """ Activate a pending user Expected {"code": <activation code>} if request.form["reset"] is True, it is a set password request after reset one. In this case it set a new password for the user (a pending or active one), if the reset code provided is correct. """ pending = self.load_pending_users() if request.form["reset"] == "True": reset_requests = self.load_reset_requests() code = request.form["code"] psw = request.form["psw"] if username in reset_requests and reset_requests[username] == code: psw_hash = sha256_crypt.encrypt(psw) if username in pending: pending[username]["password"] = psw_hash del reset_requests[username] with open(RESET_REQUESTS, "w") as reset_rq: json.dump(reset_requests, reset_rq) with open(PENDING_USERS, "w") as p_u: json.dump(pending, p_u) return "User's password resetted", HTTP_ACCEPTED else: User.users[username].psw = psw_hash del reset_requests[username] with open(RESET_REQUESTS, "w") as reset_rq: json.dump(reset_requests, reset_rq) User.save_users() return "User's password resetted", HTTP_ACCEPTED else: return "Reset request not found or wrong code", HTTP_NOT_FOUND try: code = request.form["code"] except KeyError: return "Missing activation code", HTTP_BAD_REQUEST if username in User.users: return "This user is already active", HTTP_CONFLICT if username in pending: if code == pending[username]["code"]: User(username, pending[username]["password"]) del pending[username] if pending: with open(PENDING_USERS, "w") as p_u: json.dump(pending, p_u) else: os.remove(PENDING_USERS) return "User activated", HTTP_CREATED else: return "Wrong code", HTTP_NOT_FOUND else: return "User need to be created", HTTP_NOT_FOUND
def edit_user(username): user_data = { 'username': username, 'email': db.get_user_data(username)['email'], 'role': db.get_user_data(username)['type'] } form = UserForm(**user_data) if request.method == "POST": email = form.email.data username = form.username.data role = form.role.data user = { 'username': username, 'email': email, 'type': role, } if form.password.data: password = sha256_crypt.encrypt(form.password.data) user['password'] = password response = db.update_user(username, email, role, password) else: response = db.update_user(username, email, role) # if response['replaced'] == 1: return redirect(url_for('admin.users')) return render_template('editUser.html', form=form, username=username)
def main(global_config, **settings): """A function that returns a Pyramid WSGI application.""" database_url = os.environ.get('DATABASE_URL', None) if database_url is not None: settings['sqlalchemy.url'] = database_url engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) Base.metadata.bind = engine settings['auth.username'] = os.environ.get('AUTH_USERNAME', 'admin') settings['auth.password'] = os.environ.get( 'AUTH_PASSWORD', sha256_crypt.encrypt('secret') ) auth_secret = os.environ.get('JOURNAL_AUTH_SECRET', 'devmcfly') auth_tkt = AuthTktAuthenticationPolicy( secret=auth_secret, ) auth_policy = ACLAuthorizationPolicy() config = Configurator( settings=settings, authentication_policy=auth_tkt, authorization_policy=auth_policy, root_factory=DefaultRoot ) config.include('pyramid_jinja2') config.add_static_view('static', 'static', cache_max_age=3600) config.add_route('home', '/') config.add_route('entry', '/entry/{entry}') config.add_route('add_entry', '/write') config.add_route('edit_entry', '/{entry}/edit') config.add_route('login', '/login') config.add_route('logout', '/logout') config.scan() return config.make_wsgi_app()
def register(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): firstname = form.firstname.data lastname = form.lastname.data username = form.username.data # salt = uuid.uuid4().hex # encrypt_pass = str(salt + form.password.data) # password = sha256_crypt.encrypt(encrypt_pass) password = sha256_crypt.encrypt(form.password.data) c, conn = connection() c.execute("SELECT * FROM users WHERE username = (%s)", [thwart(username)]) if c.rowcount > 0: flash("That username is already taken, please choose another") return render_template('register.html', form=form) else: c.execute("INSERT INTO users (firstname , lastname, username, password) VALUES (%s, %s, %s, %s)", (thwart(firstname), thwart(lastname), thwart(username), thwart(password))) conn.commit() flash("Thanks for registering!") c.close() conn.close() session['logged_in'] = True session['username'] = username return redirect(url_for('login')) return render_template("register.html", form=form) except Exception as e: return(str(e))
def encrypt(id): passwd = "" hash =sha256_crypt.encrypt(id) for letter in hash: passwd += str(ord(letter)) passwd = passwd[:-9:-1] return passwd
def post(self, username): """Create a user registration request Expected {"psw": <password>} save pending as {<username>: { "password": <password>, "code": <activation_code> "timestamp": <timestamp> } }""" pending = self.load_pending_users() try: psw = request.form["psw"] except KeyError: return "Missing password", HTTP_BAD_REQUEST if username in pending: return "This user have already a pending request", HTTP_CONFLICT elif username in User.users: return "This user already exists", HTTP_CONFLICT if psw is not PasswordChecker(psw): return PasswordChecker(psw) else: psw_hash = sha256_crypt.encrypt(psw) code = os.urandom(16).encode('hex') send_mail(username, "RawBox activation code", code) pending[username] = \ {"password": psw_hash, "code": code, "timestamp": time.time()} with open(PENDING_USERS, "w") as p_u: json.dump(pending, p_u) return "User added to pending users", HTTP_CREATED
def post(self): try: args = self.reqparse.parse_args() email = args['id'] query = db_session.query(models.User).filter(models.User.email == email) user = query.one_or_none() if user is None: # return {'status': 'error', 'code': error_code.Login.NOT_FOUND_ID, 'message': error_code.Login.NOT_FOUND_ID.message()} return Response.error(error_code.Login.NOT_FOUND_ID) if not sha256_crypt.verify(str(args['password']), user.password_hash): # return {'status': 'error', 'code': error_code.Login.WRONG_PASSWORD, 'message': error_code.Login.WRONG_PASSWORD.message()} return Response.error(error_code.Login.WRONG_PASSWORD) if user.confirmed is False: return Response.error(error_code.Login.NOT_CONFORMED) user.last_seen = datetime.now() db_session.commit() session.clear() session[Session.LOGIN_SESSION] = sha256_crypt.encrypt(str(user.code + user.password_hash)) session[Session.USER_SESSION] = user.code session[Session.ADMIN_SESSION] = decorators.is_admin(user.code) current_app.logger.info("Login - " + email) return Response.ok() except Exception as e: current_app.logger.error(str(e)) return Response.error(error_code.Global.UNKOWN)
def Sign_up(): username = request.args.get("User") password = request.args.get("Pass") Email = request.args.get("Email") First_Name = request.args.get("firstName") Last_Name = request.args.get("lastName") user = parseToken(username) password = parseToken(password) #Email = parseToken(Email) First_Name = parseToken(First_Name) Last_Name = parseToken(Last_Name) cipher = AESCipher(key='mykey') User1 = cipher.encryptstrin(user,iv) with DBcm.UseDatabase(DBconfig) as cursor: _SQL = "SELECT User_Name FROM Users_Table WHERE User_Name=%s" cursor.execute(_SQL, (User1,)) data = cursor.fetchall () if not data: Password1 = sha256_crypt.encrypt(password) confirmationCode = id_generator() #call the sendemail sendEmail(Email,confirmationCode) Code(User1,0,confirmationCode) Add_User(user, Password1, Email,First_Name,Last_Name) return str({"success":1,"Add":[{"Login":"******"},]}) else: error = 'Invalid credentials' return str({"success":1,"Add":[{"Login":"******"},{"Error":error}]})
def register(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username= form.username.data ##this username belongs to the class after created email= form.email.data ##This camp belongs to the class after created this class and called RegistrationForm password =sha256_crypt.encrypt(str(form.password.data)) settings ="Default Settings" c,conn= connection() x= c.execute("SELECT * FROM USERS WHERE username= %s ", (thuart(username))) if int(x)>0: ##Si ese usuario ya existe en la BD flash("that username is already taken, please choose another username") return render_template('register.html',form=form) else: c.execute("INSERT INTO USERS (username,email,password, tracking) values (%s,%s,%s,%s )",( thuart(username), thuart(email), thuart(password),thuart("/introduction-to-flask/") )) conn.commit() flash("Thanks for registering") c.close() conn.close() gc.collect() session["logged_in"]=True session["username"]= username return redirect (url_for("dashboard") ) else: return render_template('register.html',form=form ) except Exception as e: return str(e)
def setUpClass(cls): settings = { 'pyramid.debug_authorization': True, 'pypi.db': 'tests.test_security.test_cache', 'db.url': 'sqlite://', 'session.validate_key': 'a', 'aws.access_key': 'abc', 'aws.secret_key': 'def', 'aws.bucket': 's3bucket', 'user.user': sha256_crypt.encrypt('user'), 'user.user2': sha256_crypt.encrypt('user2'), 'package.pkg1.group.authenticated': 'r', 'package.pkg1.group.brotatos': 'rw', 'group.brotatos': ['user2'], } cls.app = webtest.TestApp(main({}, **settings))
def register_page(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) cur, conn = connection() cur.execute("select id from dbo.tbl_RFTestAccount where id = CONVERT(binary, ?)", (username)) row = cur.fetchone() if row: flash(u'That username is already taken, try another one.', 'error') print("Username is already taken!") return render_template('register.html', form=form) else: cur.execute("insert into dbo.tbl_RFTestAccount(id, password, email) values(convert(binary(13), ?),convert(binary(13), ?), ?)", username, password, email) conn.commit() flash(u'Registration successful!', 'success') print "Registration Successful!" cur.close() gc.collect() return render_template('register.html', form=form) except Exception as e: return(str(e))
def user_data(): if request.method == 'GET': return render_template('user_service/user-data.html') else: if not sha256_crypt.verify(request.form.get('lg-current-password'), current_user.password): flash(u"Wrong password!", 'danger') return render_template('user_service/user-data.html') fname = request.form.get('lg-fname') lname = request.form.get('lg-lname') email = request.form.get('lg-email') password = request.form.get('lg-new-password') if password == '': password = current_user.password else: password = sha256_crypt.encrypt(password) try: user_obj = User(current_user.username, password, fname, lname, email, current_user.status, current_user.is_active) user_data_access.alter_user(user_obj) flash(u"User data has been updated!", 'success') except: flash(u"User data couldn't be updated!", 'danger') return render_template('user_service/user-data.html')
def post(self): try: args = self.reqparse.parse_args() email = args['email'] query = db_session.query(models.User).filter(models.User.email == email) user = query.one_or_none() if user is not None: current_app.logger.warning("Already register id : " + email) return Response.error(error_code.Login.ALREADY_REGISTER) new_user = models.User(code=generate_uuid(), email=email, password_hash=sha256_crypt.encrypt(str(args['password'])), user_name=args['user_name'], role_id=args['role'], room=args['room'], phone=args['phone']) db_session.add(new_user) db_session.commit() current_app.logger.info("Register new user : "******"/auth/confirm/" + generate_uuid() confirm = models.Confirm(email=email, type=models.Confirm_type.CONFIRM_REGISTER.name, url=url) db_session.add(confirm) db_session.commit() mail.make_confirm_email(email, url) return Response.ok() except Exception as e: current_app.logger.error(str(e)) return Response.error(error_code.Global.UNKOWN)
def signUp(): try: _name = request.args.get('inputName') _email = request.args.get('inputEmail') _password = sha256_crypt.encrypt(request.args.get('inputPassword')) if _name and _email and _password: conn = MySQLdb.connect(host='localhost', user='******', passwd='', port=9000, db='FlaskApp', unix_socket='/opt/lampp/var/mysql/mysql.sock') cur = conn.cursor() # pprint.pprint('connection testing cursor assignment passed') rslt = cur.execute('select * from Users where email = (%s) or username = (%s)', (_email,_name)) if int(rslt) > 0: return jsonify(result='That user email or username is already taken please choose another combination of username and email') else: cur.execute('insert into Users values (%s, %s, %s, %s, %s)', (0, _name, _email, _password,0)) conn.commit() conn.close() cur.close() gc.collect() # session not working # session['logged_in'] = True # session['username'] = _name # pprint.pprint('now i am about to return some stuff in json format to you') return jsonify(result=200) else: return jsonify(result='Please fill in all required fields') except Exception, e: return (str(e))
def register_page() : try : form = RegisterationForm(request.form) if request.method == "POST" and form.validate() : username = form.username.data password = sha256_crypt.encrypt((str(form.password.data))) email = form.email.data conn, cursor = Connection() x = cursor.execute("SELECT * FROM users WHERE username = (%s)",({thwart(username)})) if int(x) > 0 : flash("username taken") return render_template('register.html', form=form) else : cursor.execute('INSERT INTO users (`username`,`password`,`email`,`tracking`) VALUES (%s, %s, %s, %s)', ({thwart(username)},{thwart(password)},{thwart(email)},{thwart("intro")})) conn.commit() flash("Thanks for Registering") cursor.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('dashboard')) return render_template("register.html", form = form) except Exception as e : return (str(e))
def register(): try: errorLog = '' errorReg = '' formReg = RegistrationForm(request.form) formLog = LoginForm(request.form) if request.method == "POST" and formReg.validate(): username = formReg.username.data email = formReg.email.data password = sha256_crypt.encrypt((str(formReg.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE username = (%s)",(thwart(username))) if int(x) > 0: errorReg = "That username is taken." print("That username is already taken please choose another") return render_template("home.html", formReg = formReg, formLog = formLog, errorLog = errorLog, errorReg = errorReg) else: c.execute("INSERT INTO users (username, password, email) VALUES (%s, %s, %s)", (thwart(username),thwart(password),thwart(email))) uid = c.execute("SELECT uid FROM users WHERE username = (%s)",(thwart(username))) conn.commit() c.close() conn.close() gc.collect() session["uid"]=uid session["logged_in"] = True session["username"] = username return redirect(url_for("news")) except Exception as e: return str(e)
def signup(): if request.method == 'POST': email = request.form.get('email') username = request.form.get('username') password = request.form.get('passwd') print request.form if db.username_exist(username): return dict(error=True) if db.email_exist(email): return dict(error=True) hash = sha256_crypt.encrypt(password) user = { 'username': username, 'email': email, 'password': hash, 'date_created': now(), 'type': 'user', 'is_active': True, 'avatar': get_gravatar_img(email), } response = db.create_user(user) if response['inserted'] == 1: session['username'] = username session['avatar'] = get_gravatar_img(email) return redirect(url_for('meeple.collection', name=username)) if response['error'] == 1: return dict(error=True)
def setUp(self): """Create all the tables that are needed""" testDatabase.createAll() #create a test user patientClientTable = testDatabase.Client.insert( username = "******", email = "*****@*****.**", dob = "03/03/1993", verified = True, accountlocked = False, loginattempts = 0, accountdeactivated = False).execute() testPatient = testDatabase.Patient.insert( username = "******", firstname = "patient", surname = "patient", ismale = True) testPatient.execute() patientPassword = testDatabase.uq8LnAWi7D.insert( expirydate = '01/01/2020', iscurrent = True, password = sha256_crypt.encrypt('test'), username = "******") patientPassword.execute() #create notification type connectionRequestNotification = testDatabase.Notificationtype.insert( typename = "Connection Request", typeclass = "info" ) connectionRequestNotification.execute()
def reset_pass(): if request.method=='GET': user_id=int(request.args.get('u_id')) print user_id code=request.args.get('code') cur,conn=connection() try: cur.execute('SELECT user_id, used FROM reset_codes WHERE code=?',(code,)) resp=cur.fetchone() print resp if resp[0]==user_id and resp[1]=='N': cur.close() conn.close() return render_template('reset_pass_new.html') elif resp[1]=='Y': return render_template('used_code_new.html') else: cur.close() conn.close() return render_template('404.html') except: return render_template('404.html') else: cur,conn=connection() user_id=int(request.args.get('u_id')) p=str(request.form['password']) password=sha256_crypt.encrypt(str(request.form['password'])) cur.execute('UPDATE users SET password=? WHERE user_id=?',(password,user_id)) cur.execute('UPDATE reset_codes SET used=? WHERE user_id=?',('Y',user_id)) conn.commit() cur.close() conn.close() return render_template('pass_success_new.html')
def create_user(username=None, password=None): """ Create user """ user_file = safe_join(app.config['USERS_FOLDER'], username) password = sha256_crypt.encrypt(password) with open(user_file, 'x') as f: dump({'password': password}, f) settings_write(username, 'create', int(time.time()))
def register_page(): user_db = se_db() try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): firstname = form.firstname.data lastname = form.lastname.data email = form.email.data password = form.password.data passwordE = sha256_crypt.encrypt((str(form.password.data))) try: user_db.addProfile( email, password, firstname, lastname, ) flash("Thanks for registering!") gc.collect() session['logged_in'] = True session['email'] = email user_db.closeConnection() return redirect(url_for('pick_classes')) except: flash( "Error: Information could not be properly inserted into database" ) gc.collect() user_db.closeConnection() return render_template('signin.html', form=form) except Exception as e: print("Error displaying form") user_db.closeConnection() return (str(e))
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) user = User(name, username, email, password) db.session.add(user) try: db.session.commit() flash("Registration success!", "success") return redirect(url_for('login')) except exc.IntegrityError: flash("User with same detials is already exist!", "warning") return redirect(url_for('register')) except exc.SQLAlchemyError: flash("Ooops Some thing went wrong please try again!", "danger") return redirect(url_for('register')) except AttributeError: flash("Some thing went wrong!", "warning") return redirect(url_for('home')) return render_template('register.html', form=form)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) # Create Cursor cur = mysql.connection.cursor() # Execute query cur.execute( "INSERT INTO users(name, email, username, password) VALUES(%s, %s , %s, %s )", (name, email, username, password)) # Commit to DB mysql.connection.commit() #Close Connection cur.close() flash('You are Now Registered and can Login', 'success') redirect(url_for('index')) return render_template('register.html', form=form)
def register(self, request): "register new user" errorValue = 0 try: user, password, email = request.form['username'], request.form['password'], request.form['email'] # hashing password password = sha256_crypt.encrypt(password) with sql.connect("data.db") as connect: # create a cursor object cursor = connect.cursor() cursor.execute( "SELECT name FROM users WHERE name ='%s';" % user) data = cursor.fetchone() # if name already used donot create an account if data: errorValue = 1 else: cursor.execute("INSERT INTO users(name, password,email) VALUES (?,?,?);", (user, password, email)) connect.commit() except: errorValue = 2 return errorValue
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data aid = form.aid.data dob = form.dob.data password = sha256_crypt.encrypt(str(form.password.data)) # Create cursor cur = mysql.connection.cursor() # Execute query cur.execute("INSERT INTO voter(vname, aid, dob, pwd) VALUES(%s, %s, %s, %s)", (name, aid, dob, password)) # Commit to DB mysql.connection.commit() # Close connection cur.close() flash('You are now registered and can log in', 'success') return redirect(url_for('login')) return render_template('register.html', form=form)
def Register(): form = RegistrationForm(request.form) if request.method == 'POST' and form.validate_on_submit(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt(str(form.password.data)) #create cursor cur = mysql.connection.cursor() cur.execute( 'INSERT INTO users(username,email,password) VALUES(%s,%s,%s)', (username, email, password)) #commit to db mysql.connection.commit() #close db cur.close() flash('You are now registered and can log in', 'success') return redirect(url_for('login')) return render_template('register.html', form=form)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) # create cursor cur = mysql.connection.cursor() cur.execute( "INSERT INTO users(name , email , username , password) VALUES(%s, %s , %s , %s)", (name, email, username, password)) # commit to db mysql.connection.commit() # close connectioin cur.close() flash("You are now registered and can login", "success") return redirect(url_for('login')) return render_template('register.html', form=form)
def updateuser(): if request.method == "GET": user = find_username(session["username"]) if user == None: flash("User not exists", "danger") return redirect(url_for("index")) else: form = RegisterForm() form.username.data = user[1] form.birthdate.data = user[4] form.email.data = user[2] return render_template("updateuser.html", form=form) else: form = RegisterForm(request.form) username = form.username.data birthdate = form.birthdate.data email = form.email.data password = form.password.data confirm = form.confirm.data user_control = find_username(username) if (user_control == None or user_control[1] == username): if (confirm != password): flash("Password not match !", "danger") return render_template("updateuser.html", form=form) password = sha256_crypt.encrypt(form.password.data) with dbapi2.connect(url) as connection: cursor = connection.cursor() sorgu = "Update USERS Set username=%s,birthdate=%s,email=%s,password=%s where USERS.username = %s" cursor.execute(sorgu, (username, birthdate, email, password, username)) #tek elemanlıysa (name,) connection.commit() cursor.close() flash("User Updated Successfully", "success") return redirect(url_for("userdashboard")) flash("Username is taken !", "danger") return render_template("updateuser.html", form=form)
def signup(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data password = sha256_crypt.encrypt(str(form.password.data)) tandc = form.tandc.data # Create a connection and initialise a cursor to interface flask, python and mysql cur = mysql.connection.cursor() # Check if that email is already taken result = cur.execute("SELECT * FROM users WHERE email = %s", [email]) if result > 0: error = "E-mail already taken" return render_template("signup.html", form=form, error=error) if tandc: # Execute mysql commands cur.execute("INSERT INTO users(name, email, password) VALUES(%s, %s, %s)", (name, email, password)) # Commit to the database mysql.connection.commit() # Close connection and cursor cur.close() send_confirmation_email(email) flash("You are now registered", 'success') flash("Your email account is not verified. We have sent a verification link to your registered E-mail", 'warning') return redirect(url_for('login')) else: error = "You need to agree to our Terms and Conditions, Disclaimer" return render_template("signup.html", form=form, error=error) return render_template('signup.html', form=form)
def create_user(): """Creates a user account""" email = request.form.get('email') password = request.form.get('password') username = (request.form.get('username')).lower() pw_hash = sha256_crypt.encrypt(password) user = crud.get_user_by_email(email) user_name = crud.get_user_by_username(username) if user: flash('Email already has an account. Please try again.') elif user_name: flash('Username is already in use, please select a new one.') else: user = crud.create_user(email, username, pw_hash) crud.create_collection(user, 'home', True) crud.create_collection(user, 'to_read') crud.create_collection(user, 'read') flash('Account created! Log in.') return redirect('/')
def register(): form = RegisterForm(request.form) if (request.method == "POST" and form.validate()): name = form.name.data username = form.username.data email = form.email.data password = sha256_crypt.encrypt(form.password.data) con = sqlite3.connect("makaledb") cursor = con.cursor() cursor.execute("select * from users where username = ?", (username, )) dataList = cursor.fetchall() if (len(dataList) == 0): req = "insert into users(name,username,password,email) VALUES(?,?,?,?)" cursor.execute(req, (name, username, password, email)) con.commit() flash("Basariyla Kayit Oldunuz", "success") cursor.close() return redirect(url_for("login")) else: flash("Bu Isimde Baska Bir Kullanici Var", "warning") return redirect(url_for("register")) else: return render_template("register.html", form=form)
def registrace(): form = RegisterForm(request.form) # Validace if request.method=="POST" and form.validate(): # Vytáhnutí údajů z formuláře jmeno=form.jmeno.data prezdivka=form.prezdivka.data heslo=sha256_crypt.encrypt(str(form.heslo.data)) klic=form.klic.data # Potvrzení, že se jedná o člověka s registračním klíčem if klic==regklic: # Zápis údajů do databáze cur=mysql.get_db().cursor() cur.execute("INSERT INTO users(jmeno, prezdivka, heslo) VALUES(%s, %s, %s)",[jmeno, prezdivka, heslo]) mysql.get_db().commit() cur.close() flash("Právě jsi se registroval") return redirect(url_for("login")) else: flash("Nemáte oprávnění k registraci") return render_template("index.html") return render_template("registrace.html", form=form)
def register(): if request.method == "POST": name = request.form.get("name") username = request.form.get("username") password = request.form.get("password") confirm = request.form.get("confirm") secure_password = sha256_crypt.encrypt(str(password)) if password == confirm: db.execute( "INSERT INTO users(name, username, password) VALUES(:name,:username,:password)", { "name": name, "username": username, "password": password }) db.commit() flash("you are now registered and can login", "success") return redirect(url_for('login')) else: flash("password does not match", "danger") return render_template("register.html") return render_template("register.html")
def changePassword(): form = passwordForm(request.form) if request.method == "POST" and form.validate(): # POST REQUEST # Parolayı Güncelle butonuna tıklandıktan sonra bu kodları çalışacak. cursor = mysql.connection.cursor() result = cursor.execute("SELECT * FROM users WHERE username=%s", (session["username"], )) if result > 0: # Kullanıcı veri tabanında kayıtlıysa bu kodlar çalışacak newPassword = sha256_crypt.encrypt(form.password.data) currentPassword = form.currentPassword.data data = cursor.fetchone() realPassword = data["password"] if sha256_crypt.verify(currentPassword, realPassword): # Eski parola doğruysa bu kodlar çalışacak cursor.execute( "UPDATE users SET password=%s WHERE username=%s", (newPassword, session["username"])) mysql.connection.commit() flash("Parolanız başarıyla güncellendi.", "success") return redirect(url_for("Profile")) else: # Eski parola yanlışsa bu kodlar çalışacak flash("Bilgilerinizi kontrol ediniz.", "danger") return redirect(url_for("changePassword")) else: # Kullanıcı veri tabanında kayıtlı değilse bu kodlar çalışacak flash("Beklenmedik bir hata oluştu.", "danger") return redirect(url_for("Profile")) else: # GET REQUEST # Parolayı Güncelleme Sayfası return render_template("changePassword.html", form=form)
def subscription(): if request.method == 'POST': name = request.form.get('name') username = request.get('username') password = request.get('password') confirm = request.get('confirm') secure_password = sha256_crypt.encrypt(str(password)) if password == confirm: db.execute( "INSERT INTO users(name, username, password) VALUES(:name,:username,:password)", { "name": name, "username": username, "password": secure_password }) db.commit() flash("you hve subscribed and can add profile", "success") return redirect(url_for('profile')) else: flash("password does not match", "danger") return render_template("subscription.html") return render_template('subscription.html')
def registerPro(): form = ProfessorForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data subject = form.subject.data password = sha256_crypt.encrypt(str(form.password.data)) # Create cursor cur = mysql.connection.cursor() # Execute query cur.execute("INSERT INTO professors(name, email, subject, password) VALUES(%s, %s, %s, %s)", (name, email, subject, password)) # Commit to DB mysql.connection.commit() # Close connection cur.close() flash('You are now registered and can log in', 'success') return redirect(url_for('loginPro')) return render_template('registerPro.html', form=form)
def Register(): form = registerForm(request.form) if request.method == "POST" and form.validate(): name = form.name.data username = form.username.data email = form.email.data password = sha256_crypt.encrypt(form.password.data) cursor = mysql.connection.cursor() result = cursor.execute("SELECT * FROM users WHERE username=%s", (username, )) result_2 = cursor.execute("SELECT * FROM users WHERE email=%s", (email, )) if result > 0 or result_2 > 0: if result > 0: flash( "Bu kullanıcı adı daha önce alınmış. Lütfen farklı bir kullanıcı adı deneyin.", "danger") if result_2 > 0: flash( "Bu e-mail adresi ile daha önce kayıt olunmuş. Lütfen farklı bir e-mail adresi deneyin.", "danger") return redirect(url_for("Register")) else: cursor.execute( "INSERT INTO users(name, email, username, password) VALUES(%s, %s, %s, %s)", (name, email, username, password)) mysql.connection.commit() cursor.close() flash("Başarıyla kayıt olundu.", "success") return redirect(url_for("Login")) else: return render_template("register.html", form=form)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) style_type = form.style_type.data # Create cursor cur = mysql.connection.cursor() # Execute query cur.execute( "INSERT INTO users1(name, email, username, password,style_type) VALUES(%s, %s, %s, %s, %s)", (name, email, username, password, style_type)) cur.execute( "INSERT INTO user_preferences (pillow_id) SELECT idx from pillows_dataset" ) cur.execute( "UPDATE user_preferences SET username = %s WHERE username is null", [name]) # Commit to DB mysql.connection.commit() # Close connection cur.close() flash('You are now registered and can log in', 'success') return redirect(url_for('login')) return render_template('register.html', form=form)
def post(self): content = request.get_json(force=True) responseEmail = tabla_usuario.scan( FilterExpression=Attr('email').eq(content['email'])) if (responseEmail['Count'] > 0): response = Response(response=json.dumps( dict(error='Usuario ya se encuentra registrado')), status=400, mimetype='application/json') return response id = str(uuid.uuid4()) password = sha256_crypt.encrypt(content['password']) respuesta = tabla_usuario.put_item( Item={ 'email': content['email'], 'password': password, 'first_name': content['first_name'], 'last_name': content['last_name'], 'id': id }) return respuesta
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data phone = form.phone.data address = form.address.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) #Create Cursor cur = mysql.connection.cursor() result = cur.execute("SELECT * FROM customer WHERE username=%s", [username]) if result > 0: flash("Username is already taken", 'danger') return render_template('register.html', form=form) #Execute Query cur.execute( "INSERT INTO customer(username, password, name, email, address, phone_num) VALUES(%s, %s, %s, %s, %s, %s)", (username, password, name, email, address, int(phone))) #Commit to DB mysql.connection.commit() #Close Connection cur.close() flash("You are now registered and may log in.", 'success') return redirect(url_for('login')) return render_template('register.html', form=form)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) # Create cursor db = get_db() # Execute query db.execute( "INSERT INTO users(name, email, username, password) VALUES('{}', '{}', '{}', '{}');" .format(name, email, username, password)) # what if username already exist??? # Commit to DB get_db().commit() # is this ok ? flash('You are now registered and can log in', 'success') return redirect(url_for('login')) return render_template('register.html', form=form)
def register_page(): try: form = RegistrationForm() if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE username = (%s)", (username)) if int(x) > 0: flash("That username is already taken, please choose another") return render_template('register.html', form=form) else: c.execute("INSERT INTO users (username, password, email, tracking) VALUES (%s, %s, %s, %s)", (username,password,email,"/introduction-to-python-programming/")) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for('index')) return render_template("register.html", form=form) except Exception as e: return(str(e))
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) ##Insert into db using util.py(mongo) user = { 'name': name, 'emailid': email, 'username': username, 'password': password, 'isgovt': False } util.register_user(link, db_name, collection_name, user) #See how to send the flash message flash('You are now registered and can log in', 'success') return redirect(url_for('login')) return render_template('register.html', form=form)
def login(): if request.method == 'POST': username = request.form['username'] #retrive username and password password_candidate = request.form['password'] cur = mysql.connection.cursor() result = cur.execute("SELECT * FROM admin WHERE username = %s", [username]) # fetch the data stored in admin table if result > 0: data = cur.fetchone() password = sha256_crypt.encrypt(data['password']) # encrypt password to match excatly with db password if sha256_crypt.verify(password_candidate, password): session['logged_in'] = True session['username'] = username flash('You are now logged in', 'success') return redirect(url_for('dash')) else: error = 'Invalid login' return render_template('login.html', error=error) # Close connection cur.close() else: error = 'Username not found' return render_template('login.html', error=error) return render_template('login.html')
def register_page(): form = request.form print("Test") if request.method == "POST": #username = form.username.data firstname = form['firstname'] lastname = form['lastname'] email = form['email'] birthday = form['birthday'] password = sha256_crypt.encrypt((str(form['password']))) c, conn = connection() print("This is our print statement") print(firstname, lastname) x = c.execute("SELECT * FROM users WHERE email = (%s)", (email,)) if int(x) > 0: flash("That email has already been taken, please choose another.") return render_template("login.html", form = form) else: c.execute("INSERT INTO users (firstname, lastname, email, birthday, password) VALUES (%s, %s, %s, %s, %s)", (thwart(firstname), thwart(lastname), thwart(email), thwart(birthday), thwart(password))) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() session['logged_in'] = True session['email'] = email return redirect(url_for('login')) return render_template("login.html", form = form)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): first_name = form.first_name.data last_name = form.last_name.data username = form.username.data eamil = form.email.data password = sha256_crypt.encrypt(str(form.password.data)) cur = mysql.connection.cursor() cur.execute( "INSERT into register(first_name , last_name , email , username , password) VALUES (%s , %s , %s , %s , %s)", (first_name, last_name, eamil, username, password)) mysql.connection.commit() cur.close() flash("You are now register , You can now login", 'success') return redirect(url_for('login')) return render_template('register.html', form=form)
def register(): form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() sql = "SELECT username FROM users WHERE username=%s" c.execute(sql, (username, )) result = c.fetchone() if result: return render_template('register.html', form=form) else: sql = "INSERT INTO users (username, password) VALUES (%s, %s)" values = (username, password) c.execute(sql, values) conn.commit() c.close() conn.close() return redirect(url_for('login')) return render_template('register.html', form=form)
def register_page(): try: form = RegistrationForm(request.form) if request.method == "POST" and form.validate(): username = form.username.data email = form.email.data password = sha256_crypt.encrypt((str(form.password.data))) c, conn = connection() x = c.execute("SELECT * FROM users WHERE username= ('{0}')".format( (thwart(username)))) if int(x) > 0: flash("That username is already taken, please choose another") return render_template("register.html", form=form) else: c.execute( "INSERT INTO users(username, password, email, tracking) VALUES ('{0}','{1}','{2}','{3}')" .format(thwart(username), thwart(password), thwart(email), thwart("/dashboard/"))) conn.commit() flash("Thanks for registering!") c.close() conn.close() gc.collect() session['logged_in'] = True session['username'] = username return redirect(url_for("dashboard")) return render_template("register.html", form=form) except Exception as e: return str(e)
def register(): form = RegisterForm() if form.validate_on_submit(): NAME = form.NAME.data USERNAME = form.USERNAME.data PASSWORD = form.PASSWORD.data PASSWORD = sha256_crypt.encrypt(str(form.PASSWORD.data)) EMAIL = form.EMAIL.data BLOOD_GROUP = form.BLOOD_GROUP.data PHONE_NUMBER = form.PHONE_NUMBER.data ADDRESS = form.ADDRESS.data CITY = form.CITY.data #Create DictCursor cur = mysql.connection.cursor() result=cur.execute("SELECT * from users WHERE USERNAME=%s or EMAIL=%s or PHONE_NUMBER=%s",(USERNAME,EMAIL,PHONE_NUMBER)) if result>0: msg="Username,Email and Phone Number must be unique!!" return render_template('register.html',msg=msg,form=form) # Execute query cur.execute("INSERT INTO users(NAME, USERNAME, PASSWORD, EMAIL, BLOOD_GROUP, PHONE_NUMBER, ADDRESS,CITY) VALUES(%s, %s, %s, %s, %s, %s, %s,%s)", (NAME, USERNAME, PASSWORD, EMAIL, BLOOD_GROUP, PHONE_NUMBER, ADDRESS,CITY)) cur.execute("INSERT INTO cities(EMAIL,CITY) VALUES(%s,%s)",(EMAIL,CITY)) #for email confirmation token=s.dumps(EMAIL,salt='email-confirm') msg=Message('Confirm Email',sender='*****@*****.**',recipients=[EMAIL]) link=url_for('confirm_email',token=token,_external=True) msg.body='Your link is {}'.format(link) mail.send(msg) # commit to DB mysql.connection.commit() # Close connection cur.close() flash('You are now registered and can log in and verify your email address', 'success') return redirect(url_for('login')) return render_template('register.html',title='Register', form=form)
def signup(): form = registerForm(request.form) if request.method == 'POST' and form.validate(): name = form.name.data email = form.email.data username = form.username.data password = sha256_crypt.encrypt(str(form.password.data)) # Create cursor cur = mysql.connection.cursor() cur.execute("INSERT INTO users(name,email,username,password) VALUES(%s,%s,%s,%s)", (name, email, username, password)) # Commit to DB mysql.connection.commit() # Close connection cur.close flash('Registered! You can now log in.') return redirect(url_for('login')) return render_template('sign-up.html', form=form)