def login():
"""Log in an existing user."""
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
current_next = request.args.get('next')
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None and user.password_hash is not None and \
user.verify_password(form.password.data):
login_user(user)
# set session
session.permanent = True
# set last active
user.last_active = datetime.datetime.utcnow()
db.session.commit()
flash('You are now logged in. Welcome back, %s!' %
(current_user.username), 'success')
return redirect(current_next or url_for('main.index'))
else:
flash('Invalid username or password.', 'form-error')
return render_template('account/login.html', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if request.cookies.get('token'):
token = request.cookies.get('token')
decode = b64decode(token)
user = User.query.filter_by(email=decode.decode('ascii')).first()
if user.status_login == "verified":
login_user(user, form.remember_me.data)
flash('You are now logged in. Welcome back!', 'success')
return redirect(url_for('main.index'))
else:
flash('Verify your QRcode!', 'warning')
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.password_hash is not None and \
user.verify_password(form.password.data):
# login_user(user, form.remember_me.data)
tokenb64 = b64encode(user.email.encode('utf-8'))
user.token = tokenb64
db.session.add(user)
db.session.commit()
resp = make_response(
render_template('account/scanme.html',
user=user,
tokenb64=tokenb64))
resp.set_cookie('token', tokenb64)
return resp
flash('You are now logged in. Welcome back!', 'success')
return redirect(request.args.get('next') or url_for('main.index'))
else:
flash('Invalid email or password.', 'form-error')
return render_template('account/login.html', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
inval_email_or_password = False
if user is not None:
if not user.is_hidden and not user.is_deleted and user.password_hash is not None and \
user.verify_password(form.password.data):
if not user.is_disabled:
login_user(user, form.remember_me.data)
user.last_login_date = datetime.now()
db.session.add(user)
db.session.commit()
flash(gettext('You are now logged in. Welcome back!'),
'success')
return redirect(
request.args.get('next') or url_for('main.index'))
else:
flash(
gettext(
'User was disabled, please contact administrator.'
), 'form-error')
else:
inval_email_or_password = True
else:
inval_email_or_password = True
if inval_email_or_password:
flash(gettext('Invalid email or password.'), 'form-error')
return render_template('account/login.html', form=form)
def login():
title = 'Login'
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user and bcrypt.check_password_hash(user.password.encode(), form.password.data):
if user.activated != 0:
session['email'] = user.email
session['master_key'] = decrypt(get_key(form.password.data), user.master_key)
if user.otp_secret is None:
login_user(user, remember=form.remember.data)
session['encryption_key'] = get_key(session['master_key'])
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(url_for('main.index'))
else:
return redirect(url_for('account.login_2fa'))
else:
flash(Markup(f'Your email address is not confirmed. Check your email for the verification link or '
f'<a href="{url_for("account.resend_activation_link", email=user.email)}">'
f'send again.</a>'), 'warning')
else:
flash('Invalid email or password!', 'danger')
return render_template('account/login.html', title=title, form=form)
def post(self):
form = LoginForm(self)
if form.validate():
user = self.db2.query(User).filter_by(username=form.username.data).first()
if user:
if user.islocked:
form.password.errors.append( self.trans(_('You have been lock by admin, can not login now. If you have any questions, contact admin first please !')) )
return self.render('account/login.html', form=form)
if check_password(form.password.data, user.password):
self.save_session(user.id)
user.last_login = datetime.now()
self.db2.commit()
root_passwd = enc_shadow_passwd(form.password.data)
user.profile.set_secret('root_shadow_passwd', root_passwd)
self.db2.commit()
return self.redirect( self.get_argument('next', '/') )
else:
form.password.errors.append( self.trans(_('password is wrong !')) )
else:
form.username.errors.append( self.trans(_('No such user !')) )
self.render('account/login.html', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
req = request
url = account_login(form.email.data, form.password.data,
form.remember_me.data, req)
if url:
return redirect(request.args.get('next') or url_for(url))
return render_template('account/login_new.html', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if (user is not None and user.password_hash is not None
and user.verify_password(form.password.data)):
flash('You are now logged in. Welcome back!', 'success')
else:
flash('Invalid email or password.', 'form-error')
return render_template('account/login.html', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.password_hash is not None and \
user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
return redirect(request.args.get('next') or url_for('main.index'))
else:
flash('Invalid email or password.', 'form-danger')
return render_template('account/login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('posts.index'))
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password')
return redirect(url_for('account.login'))
login_user(user)
return redirect(url_for('posts.index'))
return render_template('account/login.html', title='Sign In', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if (user is not None and user.password_hash is not None
and user.verify_password(form.password.data)):
login_user(user, form.remember_me.data)
flash("You are now logged in. Welcome back!", "success")
return redirect(request.args.get("next") or url_for("main.index"))
else:
flash("Invalid email or password.", "error")
return render_template("account/login.html", form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
user = User.objects(email=form.email.data).first()
if user is not None and user.password is not None and \
user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
flash('You are now logged in. Welcome back!', 'success')
return redirect_back('main.index')
else:
flash('Invalid email or password.', 'form-error')
return render_template('account/login.html', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.password_hash is not None and \
user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
flash('You are now logged in. Welcome back!', 'success')
return redirect(request.args.get('next') or url_for('organisations.org_home'))
else:
flash('Invalid email or password.', 'error')
return render_template('account/login.html', form=form)
def login(self):
form = LoginForm()
if not form.validate():
flash("form is not valid")
return redirect(url_for('.index'))
user = form.auth()
if user is None:
flash("login fail")
return redirect(url_for('.index'))
login_user(user)
flash("login success")
return redirect(url_for('.index'))
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password')
return redirect(url_for('account.login'))
login_user(user)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('main.index')
return redirect(next_page)
return render_template('account/login.html', title='Sign In', form=form)
def post(self):
form = LoginForm(self.request.arguments)
if form.validate():
user = self.db2.query(User).filter_by(username=form.username.data).first()
if user:
if check_password(form.password.data, user.password):
self.save_session(user.id)
user.last_login = datetime.utcnow()
self.db2.commit()
return self.redirect( self.get_argument('next', '/') )
else:
form.password.errors.append( _('password is wrong !') )
else:
form.username.errors.append( _('No such user !') )
self.render('account/login.html', form=form)
def login():
"""Log in an existing user."""
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.password_hash is not None and \
user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
next_redirect = request.args.get('next')
# is_safe_url should check if the url is safe for redirects.
if not is_safe_url(next_redirect):
return flask.abort(400)
flash('You are now logged in. Welcome back!', 'success')
return redirect(request.args.get('next') or url_for('main.index'))
else:
flash('Invalid email or password.', 'form-error')
return render_template('account/login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
remember_me = form.remember_me.data
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password')
return redirect(url_for('account.login'))
login_user(user, remember=remember_me)
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('main.index')
return redirect(next_page)
categories = Category.query.order_by(Category.name.desc())
cart_items = g.cart.cart_items
cart_quantity = sum([item.amount for item in cart_items])
return render_template('account/login.html',
categories=categories,
cart_quantity=cart_quantity,
title='Sign In',
form=form)
def test_validate_invalid_password(self, user):
user.set_password('example')
form = LoginForm(username=user.username, password='******')
assert form.validate() is False
def index(self):
form = LoginForm()
self._template_args["form"] = form
return super(AdminIndexView, self).index()
def get(self):
form = LoginForm(self)
self.render("account/login.html", form=form,
next_url = self.get_argument('next', '/'))
def test_validate_success(self, user):
user.set_password('example')
form = LoginForm(username=user.username, password='******')
assert form.validate() is True
assert form.user == user
def test_validate_success(self, user):
form = LoginForm(username=user.username, password='******')
assert form.validate() is True
assert form.user == user
def test_validate_unknown_username(self, user):
form = LoginForm(username='******', password='******')
assert form.validate() is False
assert form.user is None
