def login():
form = LoginForm()
data = form.data
# 如果没有超级管理员,就开始初始化数据
count = Admin.query.filter().count()
if count == 0 and data["username"] == 'xuannan':
from app.init_data import init_ad,init_admin,init_adspace,init_auth,init_category,init_conf,init_menu,init_role,init_reptile,init_template,init_article
Crud.auto_commit(init_admin)
Crud.auto_commit(init_menu)
Crud.auto_commit(init_auth)
Crud.auto_commit(init_role)
Crud.auto_commit(init_category)
Crud.auto_commit(init_ad)
Crud.auto_commit(init_adspace)
Crud.auto_commit(init_conf)
Crud.auto_commit(init_reptile)
Crud.auto_commit(init_template)
Crud.auto_commit(init_article)
if form.validate_on_submit():
admin = Admin.query.filter_by(username=data["username"]).first()
if admin and admin.check_pwd(data["password"]):
login_user(admin)
adminlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
info = '登录成功'
)
Crud.easy_add(adminlog)
# 登陆成功后的初始值
# 用户权限列表
sql = '''
SELECT url
FROM auth LEFT JOIN role ON FIND_IN_SET(auth.id,role.auths) LEFT JOIN admin ON admin.role_id = role.id
WHERE admin.id = %i AND auth.is_del = 0
'''%(current_user.id)
auth_data = Crud.auto_select(sql)
session['auth_urls'] = [v.url for v in auth_data.fetchall()]
return redirect(request.args.get("next") or url_for("admin.index"))
else:
adminlog = Adminlog(
admin_id=0,
ip=request.remote_addr,
info = '登录失败,账号:%s;密码%s'%(data["username"],data["password"])
)
Crud.easy_add(adminlog)
flash("用户名或密码错误!")
return redirect(url_for("admin.login"))
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
print(data)
admin = Admin.query.filter_by(name=data['account']).first()
if not admin.check_pwd(data['pwd']):
# 消息的闪现
flash('密码错误', 'err')
return redirect(url_for('admin.login'))
# 密码正确存入session中
session['admin'] = data['account']
session['admin_id'] = admin.id
# 添加管理员登录日志
adminloginlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminloginlog)
db.session.commit()
return redirect(request.args.get('next') or url_for('admin.index'))
return render_template('admin/login.html', form=form)
def add_admin_loginlog():
loginlog = Adminlog(
admin_id=session['admin_id'],
ip=request.remote_addr,
)
db.session.add(loginlog)
db.session.commit()
def login():
form = LoginForm()
if form.validate_on_submit():
name = form.username.data
password = form.password.data
admin = Admin.query.filter_by(name=name).first()
if admin and admin.verify_password(password):
# session信息的保存
session['admin_id'] = admin.id
session['admin'] = admin.name
flash("管理员%s登录成功" % (admin.name))
remote_ip = request.remote_addr
# 将登录信息写到日志中;
adminlog = Adminlog(admin_id=admin.id,
ip=remote_ip,
area='xxx内网IP')
db.session.add(adminlog)
db.session.commit()
# 从index蓝图里面寻找index函数;
return redirect(url_for('admin.index'))
else:
flash("管理员登录失败")
return redirect(url_for('admin.login'))
return render_template('admin/login.html', form=form)
def login():
"""
后台登录
"""
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
# 密码错误时,check_pwd返回false,则此时not check_pwd(data["pwd"])为真。
if not admin.check_pwd(data["pwd"]):
flash("密码错误!", "err")
return redirect(url_for("admin.login"))
# 如果是正确的,就要定义session的会话进行保存。
session["admin"] = data["account"]
session["admin_id"] = admin.id
# admin = Admin.query.filter_by(name=session["admin"]).first()
# g.logo = "mtianyan.jpg"
# 后台头像实现的可能解决方法,将当前管理员的头像信息,存在session中。
adminlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)
def login():
"""
后台登陆
:return:
"""
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data['account']).first()
if admin:
if not admin.check_pwd(data["pwd"]):
print("用户名或者密码错误,请重新输入")
flash("密码错误!")
return redirect(url_for("admin.login"))
#如果是正确的,就要定义session的回话进行保存
session["admin"] = data["account"]
adminlog = Adminlog(
admin_id = admin.id,
ip = request.remote_addr
)
db.session.add(adminlog)
db.session.commit()
print("next url:",request.args.get("next"))
return redirect(request.args.get("next") or url_for("admin.index"))
print("="*10,form.validate_on_submit())
return render_template("admin/login.html",form=form)
def login():
# 实例化表单
form = LoginForm()
# 数据库操作
if form.validate_on_submit(): # 提交表单时进行验证
# 获取输入的数据
data = form.data
# 数据库里筛选查找tag名是否有相同的
admin = Admin.query.filter_by(name=data['account']).first()
if not admin.check_pwd(data['pwd']): # 如果密码错误
flash("密码错误!", "err") # 提示
return redirect(url_for('admin.login'))
# 密码正确,就保存到session里
session['admin'] = data['account']
# 保存id,用于日志
session["admin_id"] = admin.id
# 管理员登录日志操作
adminlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get('next') or url_for('admin.index'))
return render_template('admin/login.html', form=form)
def login():
'''登陆'''
form = LoginForm(request.form)
if form.validate_on_submit():
account = Admin.query.filter_by(name=form.account.data).first()
if account is not None:
# print(form.pwd.data)
# 进行密码判断
# if check_password_hash(account.pwd, 'account.pwd') == form.pwd.data:
if check_password_hash(account.pwd, form.pwd.data):
# if form.pwd.data == account.pwd:
session["admin"] = form.account.data
session["admin_id"] = account.id
adminlog = Adminlog(admin_id=account.id,
ip=request.remote_addr
# ip=request.['X-Real-IP']
)
db.session.add(adminlog)
db.session.commit()
return redirect(url_for("admin.index"))
else:
flash("密码错误请重试")
return redirect(url_for("admin.login"))
else:
# flash("账户不存在,请注册账户")
return redirect(url_for("admin.login"))
return render_template('admin/login.html', form=form)
def login():
"""
登录功能
"""
form = LoginForm() # 实例化登录表单
if form.validate_on_submit(): # 验证提交表单
data = form.data # 接收数据
admin = Admin.query.filter_by(name=data["account"]).first() # 查找Admin表数据
# 密码错误时,check_pwd返回false,则此时not check_pwd(data["pwd"])为真。
if not admin.check_pwd(data["pwd"]):
flash("密码错误!", "err") # 闪存错误信息
return redirect(url_for("admin.login")) # 跳转到后台登录页
# 如果是正确的,就要定义session的会话进行保存。
session["admin"] = data["account"] # 存入session
session["admin_id"] = admin.id # 存入session
# 创建数据
adminlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlog) # 添加数据
db.session.commit() # 提交数据
return redirect(url_for("admin.index")) # 返回后台主页
return render_template("admin/login.html",form=form)
def login():
# 实例化登陆表单
form = LoginForm()
# 对form表单进行验证处理
if form.validate_on_submit():
# 验证有值后进行获取值
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
# print(admin.check_pwd(data["pwd"]))
if not admin.check_pwd(data["pwd"]):
# 闪现
flash("密码错误!", 'err')
# 密码错误的时候,重定向到lohin页面
return redirect(url_for("admin.login"))
session["admin"] = data["account"]
# 还要保存icu你session,对应下面的登出函数的admin_id的销毁
session["admin_id"] = admin.id
# -----------------------管理员登陆日志-----------------------
adminlog = Adminlog(admin_id=admin.id, ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
# -----------------------管理员登陆日志 - ----------------------
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)
def login():
"""后台登录"""
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data['account']).first()
# 密码错误时,check_pwd返回False,否则返回True
if not admin.check_pwd(data['pwd']):
flash("密码不正确!", 'err')
return redirect(url_for('admin.login'))
# 定义session保存会话
session['admin'] = data['account']
session["admin_id"] = admin.id
ip = request.remote_addr
address = admin_address(ip)
adminlog = Adminlog(
admin_id=admin.id,
# ip=request.remote_addr
ip=ip,
address=address,
)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get('next') or url_for('admin.index'))
return render_template('admin/login.html', form=form)
def InsertAdminlog(self):
adminlog = Adminlog(
admin_id=session["admin_id"],
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
account = Admin.query.filter_by(name=data["account"]).first()
if not account.check_pwd(data["pwd"]):
oplog = Oplog(admin_id=account.id,
ip=request.remote_addr,
reason="登陆管理员账户 {0} 失败".format(account.name))
db.session.add(oplog)
db.session.commit()
flash("密码错误!", "err")
return redirect(
url_for("admin.login", next=request.args.get("next", "")))
session["account"] = data["account"]
session["admin_id"] = account.id
adminlog = Adminlog(admin_id=account.id, ip=request.remote_addr)
oplog = Oplog(admin_id=account.id,
ip=request.remote_addr,
reason="登陆管理员账户 {0} 成功".format(account.name))
db.session.add(adminlog)
db.session.add(oplog)
db.session.commit()
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)
def logout():
# 后台注销登录
adminlog = Adminlog(admin_id=session['admin_id'],
ip=request.remote_addr,
type=0)
db.session.add(adminlog)
db.session.commit()
session.pop("admin", None)
session.pop("admin_id", None)
return redirect(url_for("admin.login"))
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
if admin is not None and admin.verify_password(form.pwd.data):
session["admin"] = data["account"]
adminlogs = Adminlog(ip=request.environ['REMOTE_ADDR'],
admin=admin)
db.session.add(adminlogs)
return redirect(request.args.get("next") or url_for("Admin.index"))
flash('用户名或密码错误')
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data['account']).first()
if not admin.check_password(data['password']):
flash('密码错误!', 'error')
return redirect(url_for('admin.login'))
session['admin'] = data['account']
session['admin_id'] = admin.id
adminlog = Adminlog(user_id=admin.id, ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get('next') or url_for('admin.index'))
return render_template('admin/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
if not admin.check_pwd(data["pwd"]):
flash("密码错误哦~", 'err')
return redirect(url_for("admin.login"))
session["admin"] = data["account"]
session["admin_id"] = admin.id
adminlog = Adminlog(admin_id=admin.id, ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
if not admin.check_pwd(data["pwd"]):
flash("密码错误!", "err") # 闪存错误信息
return redirect(url_for("admin.login")) # 跳转到后台登录页
session["admin"] = data["account"]
session['admin_id'] = admin.id
adminlog = Adminlog(admin_id=session['admin_id'],
ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
return redirect(url_for("admin.index"))
return render_template("admin/login.html", form=form)
def login():
login_form = LoginForm()
if login_form.validate_on_submit():
data = login_form.data # 把提交的数据提取
admin = Admin.query.filter_by(name=data["user"]).first() # 查询数据取一条
if not admin.check_pwd(data['pwd']):
flash("密码错误") # 信息闪现
return redirect(url_for("admin.login"))
session["admin"] = data["user"] # 保存登录后的session
session["admin_id"] = admin.id
adminlog = Adminlog(admin_id=admin.id, ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
return redirect(url_for("admin.index")) or redirect(
request.args.get("next")) # 回到没登陆错误前的页面
return render_template('admin/login.html', login_form=login_form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data['account']).first() # 查找账号
if not admin.check_pwd(data['pwd']): # 验证该账号的密码
flash("密码错误", 'err')
return redirect(url_for('admin.login'))
session['admin'] = data['account'] # seesion保存
session['admin_id'] = admin.id # session 保存id
adminloginlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminloginlog)
db.session.commit()
return redirect(request.args.get('next') or url_for('admin.index'))
return render_template('admin/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit(): # 表单验证,没有这个则无法进行错误信息提示
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
if not admin.check_pwd(data["pwd"]):
flash("密码错误!", "err")
return redirect(url_for("admin.login"))
session["admin"] = data["account"] # 如果密码错误,就定义session的会话把数据保存到数据库
session["admin_id"] = admin.id
adminlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
admin = Admin.query.filter_by(username=form.username.data).first()
if admin is None or not admin.verify_password(form.password.data):
flash('Invalid username or password', 'danger')
return redirect(url_for('admin_bp.login'))
session.clear()
session['admin'] = form.username.data
session['admin_id'] = admin.id
adminlog = Adminlog(admin_id=admin.id, ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('admin_bp.index')
return redirect(next_page)
return render_template('admin/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
if not admin.check_pwd(data["pwd"]):
flash(u"密码错误!", "err") #消息闪现
return redirect(url_for("admin.login"))
session["admin"] = data["account"] #保存登录信息
session["admin_id"] = admin.id #保存登录用户id,后面验证权限使用
adminlog = Adminlog( #记录用户登录日志
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit(): # 提交时验证
data = form.data # 获取数据
admin = Admin.query.filter_by(
name=data['account']).first() # 根据用户名查询出一条记录
if not admin.check_pwd(data["pwd"]): # 正确返回True,错误返回False
flash("密码错误!", "err") # 消息闪现
return redirect(url_for("admin.login")) # 错误跳转页面
session["admin"] = data["account"] # 保存账号
session["admin_id"] = admin.id # 保存用户id
adminlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
account_information = form.account.data
admin = Admin.query.filter_by(name=account_information).first()
if not admin or not admin.check_pwd(form.pwd.data):
flash('账号或密码错误')
return redirect(url_for('admin.login'))
session['admin'] = account_information
session["admin_id"] = admin.id
adminlog = Adminlog(admin_id=admin.id, ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
#当用户请求重定向到登入视图,它的请求字符串中会有一个next变量,
# 其值为用户之前访问的页面,因此在我们完成验证之后,
# 我们通过request.args.get(“next”)获取到用户之前访问的页面地址,
# 并进行重定向,注意建议对此参数进行安全校验,避免重定向攻击,我有一个验证安全链接的py模块,但这里不想贴了。。。
return redirect(request.args.get('next') or url_for('admin.index'))
return render_template('admin/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit(): # 验证
data = form.data
admin = Admin.query.filter_by(name=data['account']).first()
print(admin.pwd)
if not admin.check_pwd(data['pwd']):
flash('密码错误或用户错误! ', 'err')
return redirect(url_for('admin.login'))
session['admin'] = data['account']
session['admin_id'] = admin.id
adminlogin = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlogin)
db.session.commit()
return redirect(url_for('admin.index'))
return render_template('admin/login.html', form=form)
def login():
# 实例化form
form = LoginForm()
# 提交表单需要进行验证
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data["account"]).first()
if not admin.check_pwd(data["pwd"]):
# 消息闪现
flash("密码错误!", "err")
return redirect(url_for('admin.login'))
session["admin"] = data["account"]
session["admin_id"] = admin.id
# 管理员登录日志
adminlog = Adminlog(admin_id=admin.id, ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for('admin.index'))
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
admin = Admin.query.filter_by(name=data.get('account')).first()
if not admin.check_pwd(data.get('pwd')):
flash('身份验证失败!', 'err')
return redirect(url_for('admin.login'))
session['admin_logged_in'] = True
session['admin_name'] = admin.name
session['admin_id'] = admin.id
adminlog = Adminlog(
admin_id=session.get('admin_id'),
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for('admin.index'))
return render_template("admin/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit(): #表单提交验证
data = form.data
admin = Admin.query.filter_by(name=data['account']).first()
if not admin.check_pwd(data['pwd']):
flash('密码错误!') #消息闪现
return redirect(url_for('admin.login')) #密码不正确,跳到登陆页面
session['admin'] = data['account'] #密码正确,保存账号到session
session['admin_id'] = admin.id
adminlog = Adminlog(
admin_id=admin.id,
ip=request.remote_addr,
)
db.session.add(adminlog)
db.session.commit()
return redirect(
request.args.get('next')
or url_for('admin.index')) #request.args.get('next')代表之前访问的页面
return render_template('admin/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
# 获取用户提交的表单数据
data = form.data
# 根据用户输入的账号查询数据库获取一条账户信息
admin = Admin.query.filter_by(name=data["account"]).first()
# 调用在models中定义的check_pwd方法查询密码
if not admin.check_pwd(data["pwd"]):
flash("密码错误!", 'err')
return render_template("admin/login.html", form=form)
# 将账户账号存入session
session["admin"] = data["account"]
session["admin_id"] = admin.id
adminlog = Adminlog(admin_id=session['admin_id'],
ip=request.remote_addr)
db.session.add(adminlog)
db.session.commit()
return redirect(request.args.get("next") or url_for("admin.index"))
return render_template("admin/login.html", form=form)