def standard_login(self):
"""Login through the normal form"""
params = request.form if request.form else request.args
logger.debug("in login params are:", params)
if not params:
return render_template("new_security/login_user.html")
else:
try:
user = model.User.query.filter_by(
email_address=params['email_address']).one()
except sqlalchemy.orm.exc.NoResultFound:
logger.debug("No account exists for that email address")
valid = False
user = None
else:
submitted_password = params['password']
pwfields = Struct(json.loads(user.password))
encrypted = Password(submitted_password, pwfields.salt,
pwfields.iterations, pwfields.keylength,
pwfields.hashfunc)
logger.debug("\n\nComparing:\n{}\n{}\n".format(
encrypted.password, pwfields.password))
valid = pbkdf2.safe_str_cmp(encrypted.password,
pwfields.password)
logger.debug("valid is:", valid)
if valid and not user.confirmed:
VerificationEmail(user)
return render_template(
"new_security/verification_still_needed.html",
subject=VerificationEmail.subject)
if valid:
if params.get('remember'):
logger.debug("I will remember you")
self.remember_me = True
if 'import_collections' in params:
import_col = "true"
else:
import_col = "false"
#g.cookie_session.import_traits_to_user()
return self.actual_login(user, import_collections=import_col)
else:
if user:
self.unsuccessful_login(user)
flash("Invalid email-address or password. Please try again.",
"alert-error")
response = make_response(redirect(url_for('login')))
return response
def standard_login(self):
"""Login through the normal form"""
params = request.form if request.form else request.args
logger.debug("in login params are:", params)
if not params:
return render_template("new_security/login_user.html")
else:
try:
user = model.User.query.filter_by(email_address=params['email_address']).one()
except sqlalchemy.orm.exc.NoResultFound:
logger.debug("No account exists for that email address")
valid = False
user = None
else:
submitted_password = params['password']
pwfields = Struct(json.loads(user.password))
encrypted = Password(submitted_password,
pwfields.salt,
pwfields.iterations,
pwfields.keylength,
pwfields.hashfunc)
logger.debug("\n\nComparing:\n{}\n{}\n".format(encrypted.password, pwfields.password))
valid = pbkdf2.safe_str_cmp(encrypted.password, pwfields.password)
logger.debug("valid is:", valid)
if valid and not user.confirmed:
VerificationEmail(user)
return render_template("new_security/verification_still_needed.html",
subject=VerificationEmail.subject)
if valid:
if params.get('remember'):
logger.debug("I will remember you")
self.remember_me = True
if 'import_collections' in params:
import_col = "true"
else:
import_col = "false"
#g.cookie_session.import_traits_to_user()
return self.actual_login(user, import_collections=import_col)
else:
if user:
self.unsuccessful_login(user)
flash("Invalid email-address or password. Please try again.", "alert-error")
response = make_response(redirect(url_for('login')))
return response
def standard_login(self):
"""Login through the normal form"""
params = request.form if request.form else request.args
print("in login params are:", params)
if not params:
return render_template("new_security/login_user.html")
else:
user = model.User.query.filter_by(email_address=params['email_address']).one()
submitted_password = params['password']
pwfields = Struct(json.loads(user.password))
encrypted = Password(submitted_password,
pwfields.salt,
pwfields.iterations,
pwfields.keylength,
pwfields.hashfunc)
print("\n\nComparing:\n{}\n{}\n".format(encrypted.password, pwfields.password))
valid = pbkdf2.safe_str_cmp(encrypted.password, pwfields.password)
print("valid is:", valid)
if valid and not user.confirmed:
VerificationEmail(user)
return render_template("new_security/verification_still_needed.html",
subject=VerificationEmail.subject)
if valid:
if params.get('remember'):
print("I will remember you")
self.remember_me = True
return self.actual_login(user)
else:
self.unsuccessful_login(user)
flash("Invalid email-address or password. Please try again.", "alert-error")
response = make_response(redirect(url_for('login')))
return response
def standard_login(self):
"""Login through the normal form"""
params = request.form if request.form else request.args
logger.debug("in login params are:", params)
if not params:
from utility.tools import GITHUB_AUTH_URL, GITHUB_CLIENT_ID, ORCID_AUTH_URL, ORCID_CLIENT_ID
external_login = {}
if GITHUB_AUTH_URL and GITHUB_CLIENT_ID != 'UNKNOWN':
external_login["github"] = GITHUB_AUTH_URL
if ORCID_AUTH_URL and ORCID_CLIENT_ID != 'UNKNOWN':
external_login["orcid"] = ORCID_AUTH_URL
return render_template("new_security/login_user.html",
external_login=external_login,
redis_is_available=is_redis_available())
else:
user_details = get_user_by_unique_column("email_address",
params["email_address"])
#user_details = get_user_by_unique_column(es, "email_address", params["email_address"])
user = None
valid = None
if user_details:
user = model.User()
for key in user_details:
user.__dict__[key] = user_details[key]
valid = False
submitted_password = params['password']
pwfields = Struct(json.loads(user.password))
encrypted = Password(submitted_password, pwfields.salt,
pwfields.iterations, pwfields.keylength,
pwfields.hashfunc)
logger.debug("\n\nComparing:\n{}\n{}\n".format(
encrypted.password, pwfields.password))
valid = pbkdf2.safe_str_cmp(encrypted.password,
pwfields.password)
logger.debug("valid is:", valid)
if valid and not user.confirmed:
VerificationEmail(user)
return render_template(
"new_security/verification_still_needed.html",
subject=VerificationEmail.subject)
if valid:
if params.get('remember'):
logger.debug("I will remember you")
self.remember_me = True
if 'import_collections' in params:
import_col = "true"
else:
import_col = "false"
#g.cookie_session.import_traits_to_user()
self.logged_in = True
return self.actual_login(user, import_collections=import_col)
else:
if user:
self.unsuccessful_login(user)
flash("Invalid email-address or password. Please try again.",
"alert-danger")
response = make_response(redirect(url_for('login')))
return response
def login():
params = request.form if request.form else request.args
logger.debug("in login params are:", params)
if not params: #ZS: If coming to page for first time
from utility.tools import GITHUB_AUTH_URL, GITHUB_CLIENT_ID, ORCID_AUTH_URL, ORCID_CLIENT_ID
external_login = {}
if GITHUB_AUTH_URL and GITHUB_CLIENT_ID != 'UNKNOWN':
external_login["github"] = GITHUB_AUTH_URL
if ORCID_AUTH_URL and ORCID_CLIENT_ID != 'UNKNOWN':
external_login["orcid"] = ORCID_AUTH_URL
return render_template("new_security/login_user.html",
external_login=external_login,
redis_is_available=is_redis_available())
else: #ZS: After clicking sign-in
if 'type' in params and 'uid' in params:
user_details = get_user_by_unique_column("user_id", params['uid'])
if user_details:
session_id_signed = get_signed_session_id(user_details)
if 'name' in user_details and user_details['name'] != "None":
display_id = user_details['name']
elif 'github_id' in user_details:
display_id = user_details['github_id']
elif 'orcid' in user_details:
display_id = user_details['orcid']
else:
display_id = ""
flash("Thank you for logging in {}.".format(display_id),
"alert-success")
response = make_response(redirect(url_for('index_page')))
response.set_cookie(UserSession.user_cookie_name,
session_id_signed,
max_age=None)
else:
flash("Something went unexpectedly wrong.", "alert-danger")
response = make_response(redirect(url_for('index_page')))
return response
else:
user_details = get_user_by_unique_column("email_address",
params['email_address'])
password_match = False
if user_details:
submitted_password = params['password']
pwfields = user_details['password']
if isinstance(pwfields, str):
pwfields = json.loads(pwfields)
encrypted_pass_fields = encode_password(
pwfields, submitted_password)
password_match = pbkdf2.safe_str_cmp(
encrypted_pass_fields['password'], pwfields['password'])
else: # Invalid e-mail
flash("Invalid e-mail address. Please try again.",
"alert-danger")
response = make_response(redirect(url_for('login')))
return response
if password_match: # If password correct
if user_details['confirmed']: # If account confirmed
import_col = "false"
anon_id = ""
if 'import_collections' in params:
import_col = "true"
anon_id = params['anon_id']
session_id_signed = get_signed_session_id(user_details)
flash(
"Thank you for logging in {}.".format(
user_details['full_name']), "alert-success")
response = make_response(
redirect(
url_for('index_page',
import_collections=import_col,
anon_id=anon_id)))
response.set_cookie(UserSession.user_cookie_name,
session_id_signed,
max_age=None)
return response
else:
email_ob = send_verification_email(
user_details,
template_name="email/user_verification.txt")
return render_template(
"newsecurity/verification_still_needed.html",
subject=email_ob['subject'])
else: # Incorrect password
#ZS: It previously seemed to store that there was an incorrect log-in attempt here, but it did so in the MySQL DB so this might need to be reproduced with Redis
flash("Invalid password. Please try again.", "alert-danger")
response = make_response(redirect(url_for('login')))
return response