def login(): if session.get('user_id'): return redirect(url_for('topic.tab_view')) error = None if request.method == 'POST': if '@' in request.form['username']: user = User.query.filter_by(email=request.form['username']).first() if user is None: error = u'用户名错误!' elif not check_password_hash(user.password,request.form['password']): error = u'密码错误!' else: flash(u'登录成功!') session['user_id'] = user.id return redirect(url_for('topic.tab_view')) else: user = User.query.filter_by(name=request.form['username']).first() if user is None: error = u'用户名错误!' elif not check_password_hash(user.password,request.form['password']): error = u'密码错误!' else: flash(u'登录成功!') session['user_id'] = user.id session.permanent = True return redirect(url_for('topic.tab_view')) return render_template('login.html', error=error)
def test_users_account_route_account(self): """Ensure users account actually create the user""" # add user to database user = User(username='******', password=generate_password_hash('a'), email='*****@*****.**') db.session.add(user) db.session.commit() self.login(email='*****@*****.**', password='******') response = self.app.post('/users/account/', data=dict( username='******', email='*****@*****.**', password='******', confirm='aaaaaa', old_password='******' ), follow_redirects=True) self.assertTrue(response.status_code == 200) self.assertTemplateUsed('users/account.html') self.assertIn(b'The changes have been saved', response.data) updated_user = User.query.filter_by(username='******').first() self.assertTrue(updated_user is not None) self.assertTrue(updated_user.email == '*****@*****.**') self.assertTrue(check_password_hash(updated_user.password, 'aaaaaa')) old_user = User.query.filter_by(username='******').first() self.assertTrue(old_user is None) # SECOND USER - ONLY USERNAME self.logout() # add user to database second_user = User(username='******', password=generate_password_hash('a'), email='*****@*****.**') db.session.add(second_user) db.session.commit() self.login(email='*****@*****.**', password='******') response = self.app.post('/users/account/', data=dict( username='******', email='*****@*****.**', password='', confirm='', old_password='' ), follow_redirects=True) self.assertTrue(response.status_code == 200) self.assertTemplateUsed('users/account.html') self.assertIn(b'The changes have been saved', response.data) updated_user = User.query.filter_by(username='******').first() self.assertTrue(updated_user is not None) self.assertTrue(updated_user.email == '*****@*****.**') self.assertTrue(check_password_hash(updated_user.password, 'a'))
def authenticate(self, identifier, secret): user = User.query.filter( db.or_(User.username == identifier, User.email == identifier) ).first() if user is not None: if check_password_hash(user.password, secret): return user return None check_password_hash("dummy password", secret) return None
def login(): """Logs the user in.""" if g.user: return redirect(url_for('timeline')) error = None uhash = '' if request.method == 'POST': try: user = User.select() \ .where(User.username == request.form['username']).get() except User.DoesNotExist: user = None #user = query_db('''select * from user where # username = ?''', [request.form['username']], one=True) if user is None: error = 'Invalid username' elif not check_password_hash(user.pw_hash, request.form['password']): error = 'Invalid password' else: flash('You were logged in') session['user_id'] = user.user m = hashlib.md5() m.update(str(user.user)) uhash = m.hexdigest() # return redirect(url_for('timeline')) resp = make_response(render_template('login.html', error=error)) resp.set_cookie('uhash',uhash) return resp
def validateLogin(): try: _username = request.form['inputEmail'] _password = request.form['inputPassword'] conn = mysql.connect() cursor = conn.cursor() #cursor.callproc('sp_validateLogin',(_username,)) cursor.execute("SELECT * FROM tbl_user where user_username='******'") data = cursor.fetchall() if len(data) > 0: row = data[0] if check_password_hash(str(data[0][3]),_password): session['user'] = row[0] session['username'] = row[1] return redirect('/showDashboard') else: return render_template('error.html',error = 'Wrong Email address or Password!') else: return render_template('error.html',error = 'Len not 0 Wrong Email address or Password!') except Exception as e: return render_template('error.html',error = str(e)) finally: cursor.close() conn.close()
def validateLogin(): try: _email = request.form['inputEmail'] _password = request.form['inputPassword'] # connect to mysql conn = mysql.connect() cursor = conn.cursor() cursor.callproc('sp_validateLogin', (_email, )) data = cursor.fetchall() if len(data) > 0: for item in data: print(item) if check_password_hash(str(data[0][3]), _password): session['user'] = data[0][0] return redirect('/userHome') else: print("Error: ", "Password does not match") return render_template('error.jinja.html', error = 'Wrong email address') else: print("Error: ", "len(data) = 0") return render_template('error.jinja.html', error = 'Wrong email address') except Exception as e: print("Error = ", e) return render_template('error.jinja.html', error=str(e)) finally: cursor.close() conn.close()
def manage_user(): if request.method == 'POST': first_name = request.form['signUp_firstName'] last_name = request.form['signUp_lastName'] or None username = request.form['signUp_username'] password = request.form['signUp_password'] # Validate values if first_name and username and password: hashed_password = generate_password_hash(password) db.create_user(first_name, last_name, username, hashed_password) return json.dumps({'html':'<span>All fields good !!</span>'}) else: return json.dumps({'html':'<span>Enter the required fields</span>'}) elif request.method == 'DELETE': # id = request.form['id'] username = request.form['username'] password = request.form['password'] # Secure enough? if username and password: user = db.find_user_by_username(username) if check_password_hash(user.password, password): print('Yepp they match') db.delete_user(username) return json.dumps({'deleted': 'ok'}) return json.dumps({'error': 'missing user or password'}), 400
def login(): start_time=time.time() error=None if 'logged_in_user' in session: return redirect(url_for('home')) if request.method == 'POST': if 'email' not in request.form or 'password' not in request.form or request.form['email']=='': error = 'Missing email or password for login!' else: time.sleep(0.2) g.db = connect_db() cur = g.db.cursor() cur.execute('SELECT id,password,auth_key FROM users WHERE email='+app.sqlesc,(request.form['email'],)) result = cur.fetchall() assert len(result) <= 1 if len(result) == 0: error = 'Username not found!' else: if check_password_hash(result[0][1],request.form['password']) == True: if result[0][2] == None: auth_key = dec2big(random.randint(0,(2**128))) cur.execute('UPDATE users SET auth_key='+app.sqlesc+', login_time='+app.sqlesc+' WHERE id='+app.sqlesc,(auth_key,time.time(),result[0][0])) g.db.commit() else: auth_key = result[0][2] session['logged_in_user']=(result[0][0],auth_key) return redirect(url_for('home')) else: error = 'Incorrect password!' return render_template("login.html",error=error,processtime=round(time.time()-start_time,5))
def validateLogin(): try: _username = request.form['inputEmail'] _password = request.form['inputPassword'] # connect to mysql con = mysql.connect() cursor = con.cursor() cursor.callproc('sp_validateLogin',(_username,)) data = cursor.fetchall() if len(data) > 0: if check_password_hash(str(data[0][3]),_password): session['user'] = data[0][0] return redirect('/showDashboard') else: return render_template('error.html',error = 'Wrong Email address or Password.') else: return render_template('error.html',error = 'Wrong Email address or Password.') except Exception as e: return render_template('error.html',error = str(e)) finally: cursor.close() con.close()
def changePassword(): if g.user: try: mysql.connect() with mysql.cursor() as cursor: if request.method == "POST": oldPasswordInput = request.form['oldPassword'] newPasswordInput = request.form['newPassword'] newPasswordCheckInput = request.form['newPasswordChecker'] if check_password_hash(passwordFromDB, oldPasswordInput) and newPasswordInput == newPasswordCheckInput: newPassword = generate_password_hash(newPasswordInput) cursor.execute('UPDATE tbl_login SET password=%s WHERE password=%s', (newPassword,passwordFromDB)) flash("Lösenordet är nu ändrat") mysql.commit() else: flash("The old password is incorrect or the new password does not match.") except Exception as e: return render_template('error.html',error = str(e)) else: return ('Unauthorized Access') finally: cursor.close() mysql.close() return render_template('changePassword.html') return redirect(url_for('login'))
def login(): if current_user.is_authenticated(): return redirect(url_for('home')) if request.method == 'POST': username = request.form['username'] password = request.form['password'] user=User.query.filter(User.code_name==username).first() if username is None or user is None: flash(u'无效用户名!') return redirect(url_for('login')) else: auth = check_password_hash(user.password, password) if not auth: flash(u'无效密码!') return redirect(url_for('login')) else: # 用户信息放入session login_user(user) # navbar放入session session['navbar'] = current_user_navbar(current_user.id) return redirect(url_for('home')) return render_template('index.html')
def check_password(self, password): if self._password is None: return False password = password.strip() if not password: return False return check_password_hash(self._password, password)
def validateLogin(): # Read values posted from page try: _username = request.form['inputEmail'] _password = request.form['inputPassword'] # Connect to MySQL, set cursor and call proc cur = mysql.connection.cursor() cur.callproc('sp_validateLogin', (_username,)) # Fetch from cursor rv = cur.fetchall() # If entry exists, check password matches stored hash if len(rv) > 0: if check_password_hash(str(rv[0][3]), _password): # Set user session id and redirect session['user'] = rv[0][0] return redirect('/showFeed') else: return render_template('error.html', error = 'Invalid Email/Password combination.') else: return render_template('error.html', error = 'Invalid Email/Password combination.') except Exception as e: return render_template('error.html', error = str(e)) finally: cur.close()
def login(): """ logs in the user. if the username doesn't exist creates the account """ if not request.form['username']: flash('You have to enter a username') elif not request.form['password']: flash('You have to enter a password') elif get_user_id(request.form['username']) is not None: # username already exists, fetch all of its attributes user = query_db('''select * from user where username = ?''', [request.form['username']], one=True) if check_password_hash(user['pw_hash'], request.form['password']): # password is correct, log in the user session['user_id'] = get_user_id(request.form['username']) flash('User ' + request.form['username'] + ' logged in.') else: # incorrect password flash('User ' + request.form['username'] + ' already exists, wrong password.') else: # create account and log in creation_time = int(time.time()) g.db.execute('''insert into user (username, pw_hash, creation_time) values (?, ?, ?)''', [request.form['username'], generate_password_hash(request.form['password']), creation_time]) user_id = g.db.execute('select last_insert_rowid()').fetchall()[0][0] g.db.commit() session['user_id'] = user_id flash('New account %s created' % (request.form['username'], )) return redirect(url_for('intmain'))
def validateLogin(): try: _username = request.form["inputEmail"] _password = request.form["inputPassword"] # connect to mysql con = mysql.connect() cursor = con.cursor() cursor.callproc("sp_validateLogin", (_username,)) data = cursor.fetchall() if len(data) > 0: if check_password_hash(str(data[0][3]), _password): session["user"] = data[0][0] return redirect("/userHome") else: return render_template("error.html", error="Wrong Email address or Password.") else: return render_template("error.html", error="Wrong Email address or Password.") except Exception as e: return render_template("error.html", error=str(e)) finally: cursor.close() con.close()
def save_user(): users = get_all_users() if request.method == 'POST': next_user_id = len(users) + 1 username = request.form['username'] password = request.form['password'] input_password = password password = set_password(password) found_user = get_user_with_username(username) if len(found_user) != 0: ans_password = found_user['password'] if check_password_hash(ans_password, input_password): session['logged_in'] = True session['user_id'] = str(next_user_id) session['username'] = username return redirect('/') else : posts = get_all_posts() ret_posts = get_all_post_information(posts) return render_template('/signup.html',ret_posts=ret_posts,error_message=u'비밀번호가 틀리셨어요!') created_at = datetime.datetime.now() s = '%d %s %s %s\n'%(next_user_id,username,password,str(created_at)) base_path = '/var/www/flask_blog/flask_blog/post/' user_path = base_path + 'user' with open(user_path,'a') as fp: fp.write(s) session['logged_in'] = True session['user_id'] = str(next_user_id) session['username'] = username return redirect('/')
def login(): if current_user.is_authenticated(): return jsonify(result="Already logged in.") if request.method == "POST" and "username" in request.json: username = request.json["username"] password = request.json["password"] if not username or not password: return jsonify(result="Empty username or password.") else: try: user_record = User.objects.get(username=username) except: user_record = None if user_record is None: return jsonify(result="Please check you username or password.") elif not check_password_hash(user_record['pw_hash'], password): return jsonify(result="Please check you username or password.") else: user_record.date_logged_in = datetime.now() user_record.save() usr_obj = UserLogin(user_record) if login_user(usr_obj): return json_response(str(current_user)) # return jsonify(result="authorized") else: return jsonify(result="Invalid password.")
def landing_page(): if session.get('logged_in'): return redirect(url_for('users.show_entries')) if not session.get('logged_in'): """ Login form """ form = LoginForm(request.form) # make sure data are valid, but doesn't validate password is right if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() # we use werzeug to validate user's password if user and check_password_hash(user.password, form.password.data): # the session can't be modified as it's signed, # it's a safe place to store the user id session['user_id'] = user.id session['logged_in'] = True flash('Welcome %s' % user.name) return redirect(url_for('users.show_entries')) flash('Wrong email or password', 'error-message') return ( render_template( 'base.html', form=form) )
def authenticate(self, handle, password): """Autenticate handle using password""" user = self.get_user_by_handle(handle) if user is None: return None if check_password_hash(user[1], password): return {"handle": handle, "token": user[2]}
def change_password(): errors = [] old_password = request.form.get('old_password', '') new_password = request.form.get('new_password', '') confirm_password = request.form.get('confirm_password', '') if old_password == '': errors.append('Old password is required') if new_password == '': errors.append('New password is required') if confirm_password == '': errors.append('You have to confirm your password') if new_password != '' and new_password != confirm_password: errors.append('Password must match') if len(errors) > 0: return json.dumps(errors), 400 if not check_password_hash(g.user.password, old_password): errors.append('Wrong old password') if len(errors) > 0: return json.dumps(errors), 400 user = User.query.get(g.user.id) user.password = generate_password_hash(new_password) user.password_token = '' db.session.commit() g.user = user return json.dumps({'success': True}), 200
def extauth(): app.logger.info(repr(request.form)) email = request.form['email'] password = request.form['password'] eid = int(request.form['eid']) user = User.query.filter_by(email=email).first() if user: if check_password_hash(user.pwdhash, password): d = dict(user.__dict__) d.pop('_sa_instance_state') d['success'] = True e = user.events.all() eids = [i.id for i in e] if eid in eids: d['event_registered'] = True else: d['event_registered'] = False r = Registration(user.id,eid) db.session.add(r) db.session.commit() return jsonify(d) else: return jsonify({'success':False}) else: return jsonify(success = False)
def check_password(user, passwd): # return check_password_hash(self.pwdhash, passwd) conn = sqlite3.connect(DATABASE) c = conn.cursor() t = (user,) c.execute('SELECT * FROM users WHERE email=?', t) row = stored_password = c.fetchone() conn.close() if row != None: stored_password = row[1] # valid = row[5] if check_password_hash(stored_password, passwd): # if (valid == 1): return 'passed' else: return 'badpasswd' else: return 'badusernm' return 'failed'
def login(): if request.method == 'POST': try: username = request.form['username'] password = request.form['password'] db = mysql.connect() cursor = db.cursor() cursor.callproc('validateLogin',(username)) data = cursor.fetchall() if len(data) > 0: if check_password_hash(str(data[0][3]),password): session['user'] = data[0][0] return redirect('/') else: return render_template('error.html',error = 'Wrong username or Password.') else: return render_template('error.html',error = 'Wrong username or Password.') except Exception as e: return render_template('error.html',error = str(e)) finally: cursor.close() db.close() if session.get('user'): return render_template('userHome.html') else: return render_template('signin.html')
def dangnhap(): # If user is already login then redirect user to the profile page if g.user is not None and g.user.is_authenticated(): return redirect(url_for('users.home')) form = LoginForm(request.form) # make sure data are valid, but doesn't validate password is right if form.validate_on_submit(): # Check if the email is in the database, do not allow register user = User.query.filter_by(email=form.email.data).first() # we use werzeug to validate user's password if user and check_password_hash(user.password, form.password.data): if user.status == 2 : # the session can't be modified as it's signed, # it's a safe place to store the user id session['user_id'] = user.id session['username'] = user.nickname session['remember_me'] = form.remember_me.data # Get the remember_me option and save it to user, then empty it remember_me = False if 'remember_me' in session: remember_me = session['remember_me'] session.pop('remember_me', None) # log the user in using Flask-Login login_user(user, remember = remember_me) flash(u'Đăng nhập thành công. Xin chào %s' % user.fullname) return redirect(url_for('users.home')) else : flash(u'Tài Khoan Của Bạn Chưa Xác Thực', 'error-message') return render_template("users/login.html", form=form) flash(u'Sai Email hoặc Mật khẩu', 'error-message') return render_template("users/login.html", form=form)
def password_is(self, password): if self.pw_hash is None: return False if self.pw_hash.startswith('sha1$'): return check_password_hash(self.pw_hash, password) else: return bcrypt.hashpw(password, self.pw_hash) == self.pw_hash
def login(): """ Login form """ site_title = gettext('Log in') form = LoginForm(request.form) # make sure data are valid, but doesn't validate password is right if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() # we first test if the user was not found if user is None: flash(gettext('Unknown user !'), 'error-message') return render_template("users/login.html", form=form, user=g.user, site_title=site_title) # then we check the password elif check_password_hash(user.password, form.password.data): # the session can't be modified as it's signed, # it's a safe place to store the user id session['user_id'] = user.id flash(gettext("You're logged in, %(name)s", name=user.name)) return redirect(request.args.get("next") or url_for('users.home')) else: # if we get here, that means the user is in the db, # but the entered password was wrong flash(gettext('Wrong password'), 'error-message') return render_template("users/login.html", form=form, user=g.user, site_title=site_title) return render_template("users/login.html", form=form, user=g.user, site_title=site_title)
def login(): """Logs the user in.""" if g.user: return redirect(url_for('wordlist')) error = None if request.method == 'POST': user = query_db('''select * from user where username = ?''', [request.form['username']], one=True) if user is None: error = 'Invalid username' elif not check_password_hash(user['pw_hash'], request.form['password']): error = 'Invalid password' else: flash('You were logged in') session['user_id'] = user['user_id'] if user['wbtoken'] is None: return redirect(url_for('linkwb')) session['wbtoken'] = user['wbtoken'] session['wbtokenexpire'] = user['wbtokenexpire'] if user['dict'] is None: return redirect(url_for('choosedict')) session['dict']= user['dict'] session['wordnum']=100 return redirect(url_for('wordlist')) return render_template('login.html', error=error)
def check_password(self, password): """ Check passwords. If passwords match it returns true, else false """ if self.password is None: return False return check_password_hash(self.password, password)
def check_user(): """Checks to see if the username and password are valid. """ username = request.form['username'] password = request.form['password'] password_match = False cur_user = User.query.filter_by(username = username).first() if cur_user: password_match = check_password_hash(cur_user.password, password) if password_match: session['user_id'] = cur_user.id session['username'] = cur_user.username session['site_id'] = cur_user.site_id session['user_is_admin'] = cur_user.is_admin session['user_is_master'] = cur_user.is_master session['logged_in'] = True return redirect('/admin/main') else: flash('Invalid Username / Password Combination', 'uu_error') return render_template('admin/admin_login.html', site_name = config.site_name, powered_by_link = create_powered_by_link())
def login(): """ We had to do some extra work to route the user back to his or her original place before logging in """ if g.user: return redirect(url_for('frontends.home')) next = '' if request.method == 'GET': if 'next' in request.args: next = request.args['next'] form = LoginForm(request.form) # make sure data is valid, but doesn't validate password is right if form.validate_on_submit(): # continue where we left off if so user = User.query.filter_by(email=form.email.data).first() # we use werzeug to validate user's password if user and check_password_hash(user.password, form.password.data): # the session can't be modified as it's signed, # it's a safe place to store the user id session['user_id'] = user.id if 'next' in request.form and request.form['next']: return redirect(request.form['next']) return redirect(url_for('frontends.home')) flash('Wrong email or password', 'danger') return render_template("login.html", form=form, next=next)
def is_correct_password(self, password): return check_password_hash(self.password, password)
def check_password(self, password): password = password.strip() if not password: return False return check_password_hash(self.password, password)
def check_password(self, password): return check_password_hash(self, pwdhash, password)
def check_password(self, password): if self.password is None: return False return check_password_hash(self.password, password)
def check(hash_pwd, pwd): return check_password_hash(hash_pwd, pwd)
def check_password(self, password): '''检查hash密码的方法,返回布尔值 ''' return check_password_hash(self.password_hash, password)
def check_password(self, password): """This method compares generated SHA-1 Hash to hash in database.""" return check_password_hash(self.pwdhash, password)
def check_password(self, password): """ Check the password of the user. """ return check_password_hash(self.pwdhash, password)
def check_password(self, password): return check_password_hash(self.password, password)
def check_password(self, password): """Check passwords. If passwords match it returns true, else false""" if self.password is None: return False return check_password_hash(self.password, password)
def login(): """ Login form """ form = LoginForm(request.form) errors = [] # make sure data are valid, but doesn't validate password is right if form.is_submitted(): is_validated = True #validate email if form.email.data.strip() == '': is_validated = False errors.append(gettext('Email is required')) #validate valid email match = re.search(r'^.+@([^.@][^@]+)$', form.email.data.strip()) if not match: is_validated = False errors.append(gettext('Invalid email address')) if form.password.data.strip() == '': is_validated = False errors.append(gettext('Password field is required')) if is_validated: user = User.query.filter_by( email=form.email.data.lower()).first() # @UndefinedVariable # we use werzeug to validate user's password if user is None: errors.append(gettext('Wrong email or password')) return render_template("users/login.html", form=form, errors=errors) elif user and not check_password_hash(user.password, form.password.data): user.last_login_attempt = datetime.datetime.now() user.login_attempts += 1 db.session.commit() errors.append(gettext('Wrong email or password')) return render_template("users/login.html", form=form, errors=errors) elif user and check_password_hash( user.password, form.password.data) and user.banned == 1: errors.append( gettext( 'The account was banned, please contact an admin for more information' )) return render_template("users/login.html", form=form, errors=errors) elif user and check_password_hash( user.password, form.password.data) and user.banned == 2: errors.append( gettext( 'The account is not activated, please check your email for verification. <a href="%(resend_activation_email)s">Resend activation email</a>', resend_activation_email=url_for( 'users.resend_activation_email', code=user.verification_code))) return render_template("users/login.html", form=form, errors=errors) elif user and check_password_hash(user.password, form.password.data): # the session can't be modified as it's signed, # it's a safe place to store the user id session['user_id'] = user.id user.last_login = datetime.datetime.now() user.last_login_attempt = None user.login_attempts = 0 g.user = user user_session = UserSession(user.id) db.session.add(user_session) db.session.commit() response = make_response(redirect( url_for('users.own_profile'))) cookie_value = str(user.id) + '|' + user_session.token response.set_cookie('session_id', cookie_value, expires=datetime.datetime.now() + datetime.timedelta(days=5), path='/') return response else: return render_template("users/login.html", form=form, errors=errors) return render_template("users/login.html", form=form, errors=[])
def check_password(self, password): # OAuth users do not have a password if self.passwd_hash: return check_password_hash(self.passwd_hash, password) else: return False
def check_password(self, password): coerced = self._utf8_unicode()(password) existing = self.hashed_password if existing is None: return False return check_password_hash(existing, coerced)
def check_credentials(self, username, password): user = query_login(username) if check_password_hash(user['pw_hash'], password): return True else: return False
def create_map(): name = request.form['name'] maptype = request.form['type'] #Scribe - Basemaps - Standard template = request.form['template'] description = request.form['description'] ws_template = request.form['templatelocation'] expressionTemplate = r"^[*][A-Za-z0-9_-]{1,99}$" if (ws_template == "") and (re.search(expressionTemplate, template) is None): ws_template = session['ws_name'] elif (ws_template == ""): ws_template = "templates" if (ws_template != session['ws_name']) and (ws_template != "templates"): ws_temp = query_db('''select * from workspaces where ws_name = ?''', [ws_template], one=True) if not check_password_hash(ws_temp['password'], request.form['locationpassword']): return 'Invalid password' expression = r"^[A-Za-z0-9][A-Za-z0-9_-]{1,99}$" if (re.search(expression, name) is None) or (name=="OSM - MapQuest") or (name=="OSM - Standard"): return "Invalid name" #check if the map name is unique for this workspace wsmap = query_db("select map_name from maps where ws_id = ?", [get_ws_id(session['ws_name'])], one=False) for i in range(len(wsmap)): if name == wsmap[i]['map_name']: return "Existing" #Add the map in the bd g.db.execute('insert into maps (map_name, map_type, map_desc, ws_id) values (?, ?, ?, ?)', [name, maptype, description, get_ws_id(session['ws_name'])]) g.db.commit() #Copy the template directory to the directory of the new map if ws_template == "templates": map_cur = (query_db('''select map_id from maps where map_name = ? and ws_id = "0"''',[template], one=True))['map_id'] template = template[1:] pathTemplate = path+"workspaces/templates/"+template else: pathTemplate = path+"workspaces/"+ws_template+"/"+template map_cur = get_map_id(template, ws_template) pathMap = path+"workspaces/"+session['ws_name']+"/"+name subprocess.call(['cp','-R', pathTemplate, pathMap]) if maptype == 'Scribe' or maptype == 'Standard': subprocess.call(['mv', pathMap+"/map/"+template+".map", pathMap+"/map/"+name+".map"]) elif maptype == 'Basemaps': subprocess.call(['mv', pathMap+"/osm-"+template+".map", pathMap+"/osm-"+name+".map"]) #Change the map name in the Makefile source = open(pathMap+"/Makefile","r" ) contentS=source.read() source.close() contentD=contentS.replace("OUTPUT="+template,"OUTPUT="+name ) destination = open(pathMap+"/Makefile","w" ) destination.write(contentD) destination.close() #Add layers in the bd groups = query_db('''select * from groups where map_id = ?''', [map_cur], one=False) for j in range(len(groups)): g.db.execute('insert into groups (group_name, group_index, map_id) values (?,?,?)', [groups[j]['group_name'], groups[j]['group_index'], get_map_id(name, session['ws_name'])]) g.db.commit() return "1"
def check(credentials): user = User.query.filter_by(username=credentials['username']).first() pwhash = _default_comparison if user is None else user.password result = check_password_hash(pwhash, credentials['password']) return result
def login_customer(cust, password): if not check_password_hash(cust.pw_hash, password): return "Invalid password" session['cust_id'] = cust.user_id return None
def check_password(password, cur_password): return check_password_hash(password, cur_password)
def verify_passcode(self, passcode): return self.passcode_hash is None or\ check_password_hash(self.passcode_hash, passcode)
def login_staff(staff, password): if not check_password_hash(staff.pw_hash, password): return "Invalid password" session['staff_id'] = staff.staff_id return None
def check_password(self, password): if self.password is None: return False return check_password_hash(self.password.encode('latin-1'), password)
def login_owner(owner, password): if not check_password_hash(owner.pw_hash, password): return "Invalid password" session['owner_id'] = owner.owner_id return None
def users(): if not g.user: return redirect(url_for('login')) if request.method == 'GET': if g.user['priority_levels'] < 3: return render_template('Users.html') else: userinfo = query_db( "SELECT user_id,user_name,(case priority_levels when 1 then '普通用户' when 2 then '管理员' when 3 then '超级管理员' end) as user_level from hy_pbbms_users;" ) return render_template('Users.html', userinfo=userinfo) elif request.method == 'POST': if request.form.get("old_passwd"): error = "" err_type = 0 user = query_db( 'select * from hy_pbbms_users where user_name = %s', [g.user['user_name']], one=True) if user is None: error = u'修改密码失败,请重新登录' err_type = 4 elif not check_password_hash(user['passwd'], request.form['old_passwd']): error = u'密码错误 ,重新输入' err_type = 1 elif request.form['new_passwd'] != request.form['ensure_passwd']: error = u'两次输入密码不一致' err_type = 2 else: res = query_none( 'update hy_pbbms_users set passwd=%s where user_name=%s', [ generate_password_hash(request.form['new_passwd']), g.user['user_name'] ]) if res == True: err_type = 0 else: err_type = 3 error = u'密码修改失败,数据库错误' return jsonify(err_type=err_type, error=error) if g.user['priority_levels'] < 3: return jsonify(error=u'没有权限执行该操作', er_type=5) if request.form.get("new_user"): if len(request.form['passwd']) < 2: return jsonify(error=u"密码太短", er_type=2) if (request.form['passwd']) != (request.form['r_passwd']): return jsonify(error=u"密码不一致", er_type=3) user = query_db( 'select user_id from hy_pbbms_users where user_name = %s;', [request.form['new_user']], one=True) if user: return jsonify(error=u"用户名重复", er_type=1) new_user = request.form['new_user'] level = int(request.form['user_level']) if (level == 0): level = 1 passwd = request.form['passwd'] res = query_none('insert into hy_pbbms_users values(0,%s,%s,%s)', [new_user, passwd, level]) if res == True: return jsonify(er_type=0) else: return jsonify(error=u'添加用户错误:数据库错误', er_type=4) elif request.form.get("old_name"): error = "" err_type = 0 level = int(request.form['user_level']) if (level == 0): level = 1 if len(request.form['new_passwd']) > 0: if len(request.form['new_passwd']) < 2: error = u"密码长度太短" err_type = 1 return jsonify(err_type=err_type, error=error) elif request.form['new_passwd'] != request.form['new_passwd_r']: error = u"两次输入密码不一致" err_type = 2 return jsonify(err_type=err_type, error=error) sql_str = 'update hy_pbbms_users set passwd=%s,priority_levels=%s where user_name=%s;' sql_list = [ generate_password_hash(request.form['new_passwd']), level, request.form['old_name'] ] mess = u"修改用户密码与权限成功!" else: sql_str = 'update hy_pbbms_users set priority_levels=%s where user_name=%s;' sql_list = [level, request.form['old_name']] mess = u"修改用权限成功!" res = query_none(sql_str, sql_list) if res == True: err_type = 0 error = mess else: err_type = 3 error = u'密码修改失败,数据库错误' return jsonify(err_type=err_type, error=error) elif request.form.get("del_user"): res = query_none('delete from hy_pbbms_users where user_name=%s', [request.form['del_user']]) if res == True: return jsonify(mess=u"成功删除用户[%s]" % (request.form['del_user'])) else: return jsonify(error=u"删除用户失败:数据库错误") else: return jsonify(error=u'未知错误', er_type=10)
def check_openid(self, openid): if self.openid is None: return False return check_password_hash(self.openid, openid)
def validate_user(pwdhash, password): if check_password_hash(pwdhash, password): return True else: return False
def verify_password(self, password): return check_password_hash(self.password_hash, password)
def chkPwHash(self, password): pwhash_str = self.pwdhash.decode() return check_password_hash(pwhash_str, password)
def validateUserPass(inp_pass, hash_pass): return check_password_hash(hash_pass, inp_pass)
def check_password(self, pwdhash): ''' Check the passwords ''' return check_password_hash(self.pwdhash, pwdhash)
def verify_password(self, password): """检查密码 """ return check_password_hash(self.password, password)