def test_check_login_has_connection(self): ret = database.check_login( '*****@*****.**', 'pbkdf2:sha256:150000$WT5eNrHI$fabc60fc188bcebf165644501d540f27c33998ff5da2f381e743b9097462463e' ) self.assertIsNotNone(ret) ret = database.check_login('*****@*****.**', '123') self.assertIsNone(ret) pass
def login(): # Check if they are submitting details, or they are just logging in if (request.method == 'POST'): # submitting details login_return_data = database.check_login(request.form['email'], request.form['password']) # Check if the database gave an error if (login_return_data == None): page['bar'] = False flash("""There was an error with the database.""") return redirect(url_for('login')) # If it's null, saying they have incorrect details if (login_return_data is None or len(login_return_data) < 1): page['bar'] = False flash("Incorrect email/password, please try again") return redirect(url_for('login')) # If there was no error, log them in page['bar'] = True flash('You have been logged in successfully') session['logged_in'] = True # Store the user details for us to use throughout global user_details user_details = login_return_data session['member_type'] = user_details['member_type'] return redirect(url_for('index')) elif (request.method == 'GET'): return (render_template('login.html', page=page))
def login(): """ Provides /login - [GET] If they are just viewing the page then render login page. - [POST] If submitting login details, check login. """ # Check if they are submitting details, or they are just logging in if (request.method == 'POST'): # submitting details # The form gives back EmployeeID and Password login_return_data = database.check_login(request.form['id'], request.form['password']) # If it's null, saying they have incorrect details if login_return_data is None: page['bar'] = False flash("Incorrect id/password, please try again") return redirect(url_for('login')) # If there was no error, log them in page['bar'] = True flash('You have been logged in successfully') session['logged_in'] = True # Store the user details for us to use throughout global user_details user_details = login_return_data # Is the user a manager or a normal user? session['manager'] = database.is_manager(request.form['id']) return redirect(url_for('index')) elif (request.method == 'GET'): return (render_template('login.html', session=session, page=page))
def get_user(): """Returns the username of the currently logged in user""" user = request.cookies.get('user') hash = request.cookies.get('password_hash') if (user != None and user != '' and database.check_login(user, hash)): return user return None
def test_check_login_no_connection(self, conn): conn.return_value = None ret = database.check_login( '*****@*****.**', 'pbkdf2:sha256:150000$WT5eNrHI$fabc60fc188bcebf165644501d540f27c33998ff5da2f381e743b9097462463e' ) self.assertIsNone(ret) pass
def post(self): username = self.get_argument("name") password = self.get_argument("password") if check_login(username, password): self.set_secure_cookie("user", username) self.redirect("/") else: self.render('login.html', error="Error: incorrect password or username")
def login(): isError=False error="" if request.method == "POST": username = request.form['loginUsername'] #assuming SSL connection so this is okay password = request.form['loginPassword'] #jk SSL certs cost money if database.check_login(username,password): session['username'] = username return redirect(url_for('index')) else: #invalid print "invalid login" isError=True error="Wrong username or password. Please try again!" return render_template("login.html", error=error, isError=isError)
def login(): # Check if they are submitting details, or they are just logging in if (request.method == 'POST'): # submitting details val = database.check_login(request.form['email'], request.form['password']) # Check if the database gave an error if (val == ERROR_CODE): page['bar'] = False flash("""There was an error with the database.""") return redirect(url_for('login')) # If it's null, saying they have incorrect details if (val is None or len(val) < 1): page['bar'] = False flash("Incorrect user/password, please try again") return redirect(url_for('login')) # If there was no error, log them in page['bar'] = True flash('You have been logged in successfully') session['logged_in'] = True user_details['member_no'] = val[0][0] # check if it's admin if (user_details['member_no'] == ADMIN_NO): return redirect(url_for('admin')) # Store the user details for us to use throughout user_details['email'] = val[0][1] user_details['first'] = val[0][2] user_details['family'] = val[0][3] user_details['address'] = val[0][4] user_details['mobile_phone'] = val[0][5] user_details['work_phone'] = val[0][6] user_details['home_phone'] = val[0][7] # Store dogs' details dogs_details.clear() for i in range(len(val)): dogs_details.append({}) dogs_details[-1]['name'] = val[i][8] dogs_details[-1]['breed'] = val[i][9] dogs_details[-1]['birthdate'] = val[i][10] return redirect(url_for('index')) elif (request.method == 'GET'): return (render_template('login.html', page=page))
def post(self): """Handle login attempts""" username = self.get_argument("username", default=None, strip=True) password = self.get_argument("password", default=None, strip=True) time.sleep(settings.LOGIN_ATTEMPT_DELAY) if database.check_login(username, password): self.set_secure_cookie("logged_in", username) view = self.get_argument("view", default="overview", strip=True) self.redirect("/admin/" + view) return self.render("login.html", error="Login failed.", ajax=False)
def insert_user(): if not request.json or 'Login' not in request.json: abort(400) if(db.check_login(request.json)>0): return make_response(jsonify({'error': "User with the same login exists!"}), 400) if(db.check_email(request.json)>0): return make_response(jsonify({'error': "User with the same email exists!"}), 400) rows_affected = db.insert_user(request.json) if rows_affected: return make_response(jsonify({'result': "ok"}), 201) else: return make_response(jsonify({'error': "couldn't insert user"}),400)
def index(e): app.logger.debug('app.py index') app.logger.debug('app.py login BEGIN') app.logger.info('app.py login error: %s', e) data = {'e': e} if request.method == 'POST': app.logger.info("login POST request: %s", request) app.logger.info("login POST request: %s %s", request.form['email'], request.form['password']) record = database.check_login(request.form['email'], request.form['password']) if record is not None: return redirect(url_for('main', record=record)) else: e = "Email or password is invalid" data = {'e': e} app.logger.debug('app.py login END') return render_template('index.html', data=data)
def login(): # Check if they are submitting details, or they are just logging in if (request.method == 'POST'): # submitting details val = database.check_login(request.form['email'], request.form['password']) # Check if the database gave an error if (val == ERROR_CODE): page['bar'] = False flash("""There was an error with the database.""") return redirect(url_for('login')) # If it's null, saying they have incorrect details if (val is None or len(val) < 1): page['bar'] = False flash("Incorrect email/password, please try again") return redirect(url_for('login')) # If there was no error, log them in page['bar'] = True flash('You have been logged in successfully') session['logged_in'] = True # Store the user details for us to use throughout user_details['email'] = val[9] user_details['nickname'] = val[0] user_details['title'] = val[1] user_details['first'] = val[2] user_details['family'] = val[3] user_details['address'] = val[4] if val[5] is None: user_details['homebay'] = 'Add a homebay' else: user_details['homebay'] = val[5] user_details['membersince'] = val[6] user_details['plan'] = val[7] user_details['num_bookings'] = val[8] return redirect(url_for('index')) elif (request.method == 'GET'): return (render_template('login.html', page=page))
def auth(request): body = json.loads(request.body) if body["type"] == "isLog": for this_session in request.session.keys(): #If session exists yet return HttpResponse(json.dumps({"isLog": True })) #Return true if session exists return HttpResponse(json.dumps( {"isLog": False})) #Return false if session doesn't exist elif body["type"] == "login": if database.check_user( body["login"], body["password"] ) == True: #Checking if login and password correct request.session[body["login"]] = body[ "password"] #Start new session return HttpResponse( json.dumps({"redirect_url": url + "?profile=" + body["login"]}) ) #Return redirection link to profile page after success login else: return HttpResponse( json.dumps({'error': 'Incorrect login or password' })) #Error if login or password incorrect elif body["type"] == "logout": for this_session in request.session.keys(): #Get session name del request.session[this_session] #Delete session with this name break #Stop loop return HttpResponse(json.dumps({"redirect_url": url + "auth" })) #Return redirection link to auth elif body["type"] == "registration": if database.check_login( body["login"]) == True: #Checking login uniqueness return HttpResponse(json.dumps({'error': 'User already exist' })) #Error if this login exist yet database.add_user(body["name"], body["login"], body["password"]) #Create new user request.session[body["login"]] = body["password"] #Start new session return HttpResponse( json.dumps({ "redirect_url": url + "?profile=" + body["login"] })) #Return redirection link to profile page after registration
def check_login(): '''Defines the behaviour of the chcek login page, This page is called by the login page and is used to verify the users credentials''' if request.method == 'POST': try: unm = request.form['unm'] pswd = request.form['pswd'] conn = mysql.connect() cookie = generate_salt() mg = "Welcome " + database.check_login(conn, unm, pswd, bcrypt) database.add_cookie(conn, cookie, unm) response = make_response(render_template("result.html",msg = mg, links=loggedin)) response.set_cookie('user', cookie) except NameError: mg = "That password is incorrect." response = make_response(render_template("result.html",msg = mg, links=check_for_cookie()[0])) except TypeError: mg = "That username does not exist." response = make_response(render_template("result.html",msg = mg, links=check_for_cookie()[0])) finally: conn.rollback() return response
def login(): # Check if they are submitting details, or they are just logging in if(request.method == 'POST'): # submitting details val = database.check_login(request.form['email'] , request.form['password']) # Check if the database gave an error if(val == ERROR_CODE): page['bar'] = False flash("""There was an error with the database.""") return redirect(url_for('login')) # If it's null, saying they have incorrect details if(val is None or len(val) < 1): page['bar'] = False flash("Incorrect email/password, please try again") return redirect(url_for('login')) # If there was no error, log them in page['bar'] = True flash('You have been logged in successfully') session['logged_in'] = True # Store the user details for us to use throughout user_details['email'] = request.form['email'] user_details['nickname'] = val[0] user_details['title'] = val[1] user_details['first'] = val[2] user_details['family'] = val[3] user_details['address'] = val[4] user_details['homebay'] = val[5] user_details['membersince'] = val[6] user_details['plan'] = val[7] user_details['num_bookings'] = val[8] return redirect(url_for('index')) elif(request.method == 'GET'): return(render_template('login.html', page=page))
def account(): error="" isError=False success="" isSuccess=False if request.method == "POST": newPass = request.form['newPass'] confirmNewPass = request.form['confirmNewPass'] oldPass = request.form['oldPass'] if newPass == "" or confirmNewPass == "" or oldPass == "": error = "Did you remember to fill out the entire form? (no)" isError=True elif newPass!= confirmNewPass: error = "Your passwords don't match. Please try again!" isError=True elif not database.check_login(session['username'], oldPass): error = "You typed in the wrong password..." isError=True else: success = "Okay! Your password has now been successfully changed." isSuccess=True database.set_password(session['username'], newPass) print newPass return render_template("account.html", error=error, success=success, isError=isError, isSuccess=isSuccess)