def login():
if request.method == 'POST':
correoc = request.form['correo']
clavec = request.form['clave'].encode('utf-8')
selcliente = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
selcliente.execute("SELECT * FROM cliente WHERE correoc = %s", (correoc,))
c = selcliente.fetchone()
selcliente.close()
if c is not None:
if bcrypt.hashpw(clavec, c['clavec'].encode('utf-8')) == c['clavec'].encode('utf-8'):
session['nombrec'] = c['nombrec']
session['correoc'] = c['correoc']
return render_template('cliente.html')
else:
flash('Contraseña incorrecta')
return redirect(request.url)
else:
correou = request.form['correo']
claveu = request.form['clave'].encode('utf-8')
selusuario = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
selusuario.execute("SELECT * FROM usuario WHERE correou = %s", (correou,))
u = selusuario.fetchone()
if u is not None:
if bcrypt.hashpw(claveu, u['claveu'].encode('utf-8')) == u['claveu'].encode('utf-8'):
session['nombreu'] = u['nombreu']
session['correou'] = u['correou']
return render_template('usuario.html')
else:
flash('Contraseña incorrecta')
return redirect(request.url)
else:
flash('Usuario inexistente')
return redirect(request.url)
else:
return render_template('login.html')
def register():
if request.method == 'GET':
return render_template("register.html")
else:
nombres = request.form['nombresUsua']
apellidos = request.form['apellidosUsua']
numeroCel = request.form['numeroCelUsua']
trabajo = request.form['trabajoUsua']
tituloUniversitario = request.form['gradoUniUsua']
pais = request.form['paisOrigenUsua']
estado = request.form['estadoOrigenUsua']
ciudad = request.form['ciudadOrigenUsua']
usuario = request.form['usuario']
email = request.form['emailUsua']
clave = request.form['contraUsua'].encode('utf-8')
claveConfirm = request.form['contraUsua1'].encode('utf-8')
if clave == claveConfirm:
claveCifrada = bcrypt.hashpw(clave, bcrypt.gensalt())
empleados = mysql.connection.cursor()
empleados.execute("INSERT INTO usuario (nombresUsua, apellidosUsua, numeroCelUsua, trabajoUsua, gradoUniUsua, paisOrigenUsua, estadoOrigenUsua, ciudadOrigenUsua, usuario, emailUsua, contraUsua) VALUES ( %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
(nombres.upper(), apellidos.upper(), numeroCel, trabajo, tituloUniversitario, pais, estado, ciudad, usuario, email, claveCifrada,))
mysql.connection.commit()
empleados.close()
return redirect(url_for('login'))
else:
return 'Contraseña incorrecta'
def registro():
if request.method == 'POST':
nombrec = request.form['nombrec']
correoc = request.form['correoc']
clavec = request.form['clavec'].encode('utf-8')
clavecifrada = bcrypt.hashpw(clavec, bcrypt.gensalt())
regcliente = mysql.connection.cursor()
regcliente.execute("INSERT INTO cliente (nombrec, correoc, clavec) VALUES (%s, %s, %s)", (nombrec, correoc, clavecifrada))
mysql.connection.commit()
return redirect(url_for('index'))
def login():
users = mongo.db.users
login_user = users.find_one({'name': request.form['username']})
if login_user:
if bcrypt.hashpw(request.form['password'].encode('utf-8'),
login_user['password']) == login_user['password']:
session['username'] = request.form['username']
return redirect(url_for('home'))
# Error handling for Login - if the user does not have login details or enters the wrong password it will display this page
return render_template('authentication/loginfail.html')
def post(self):
manager = request.get_json(force=True)
bvalue = bytes(manager.get('password'), 'utf-8')
temp_hash = bcrypt.hashpw(bvalue, bcrypt.gensalt())
manager["_id"] = getId()
manager["date"] = getTime()
manager["password"] = temp_hash.decode('utf-8')
manager["role"] = "manager"
col.insert(manager)
return 'cool'
def post(self):
admin = request.get_json(force=True)
bvalue = bytes(admin.get('password'), 'utf-8')
temp_hash = bcrypt.hashpw(bvalue, bcrypt.gensalt())
admin["_id"] = getId()
admin["date"] = getTime()
admin["password"] = temp_hash.decode('utf-8')
admin["role"] = "admin"
col.insert(admin)
return 'cool'
def post(self):
user = request.get_json(force=True)
bvalue = bytes(user.get('password'), 'utf-8')
temp_hash = bcrypt.hashpw(bvalue, bcrypt.gensalt())
user["_id"] = getId()
user["date"] = getTime()
user["password"] = temp_hash.decode('utf-8')
user["meal_id"] = []
col.insert(user)
return 'cool'
def uCliente():
idcliente = request.form['idcliente']
if request.method == 'POST':
nombrec = request.form['nombrec']
correoc = request.form['correoc']
clavec = request.form['clavec'].encode('utf-8')
clavecifrada = bcrypt.hashpw(clavec, bcrypt.gensalt())
actcliente = mysql.connection.cursor()
actcliente.execute("UPDATE cliente SET nombrec=%s,correoc=%s,clavec=%s WHERE idcliente=%s", (nombrec,correoc, clavecifrada, idcliente))
mysql.connection.commit()
flash('Se ha actualizado el registro correctamente')
return redirect(url_for('sCliente'))
def login(self):
username = request.get_json()['username']
find_user = UserModel.get_user(self, username)
hashpass = find_user['password']
if find_user:
if bcrypt.hashpw(bytes(request.get_json()['password'], 'utf-8'),
hashpass) == hashpass:
session['username'] = request.get_json()['username']
session['firstname'] = find_user['firstname']
session['lastname'] = find_user['lastname']
return (jsonify('Suscs username/password combination'), 200)
return (jsonify('Invalid username/password combination'), 401)
def login():
"""User Login. If Username or password not found in MongoDB db 'users', flash message
and redirect user to try again on Login page."""
login_user = users.find_one({'name': request.form['username']})
if login_user:
if bcrypt.hashpw(request.form['pass'].encode('utf-8'),
login_user['password']) == login_user['password']:
session['username'] = request.form['username']
else:
flash('incorrect username/and or password,please try again')
return redirect(url_for('login_page'))
return render_template('login.html')
def register():
if request.method == 'POST':
users = mongo.db.Users
username = request.form['Username']
password = request.form['Password']
existing_user = users.find_one({'Username': username})
if existing_user is None:
hasspwd = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
users.insert({'Username': username, 'Password': hasspwd})
session['username'] = username
return redirect(url_for('all_blogs', username=username))
flash("Username Already Exists!!")
return render_template('register.html')
def save_user(username):
if request.method == 'POST':
users = mongo.db.Users
password = request.form['Password']
confirm_password = request.form['ConfirmPassword']
if password == confirm_password:
valid_user = users.find_one({'Username': username})
valid_user['Password'] = bcrypt.hashpw(password.encode('utf-8'),
bcrypt.gensalt())
users.save(valid_user)
flash("Changes Saved")
return redirect(url_for('profile', username=username))
flash("Invalid credentials!! Kindly confirm Password")
return redirect(url_for('profile', username=username))
def login():
if request.method == 'POST':
users = mongo.db.Users
username = request.form['Username']
password = request.form['Password']
valid_user = users.find_one({'Username': username})
if valid_user:
if bcrypt.hashpw(
password.encode('utf-8'), valid_user['Password'].encode(
'utf-8')) == valid_user['Password'].encode('utf-8'):
session['username'] = username
return redirect(url_for('all_blogs', username=username))
flash("Invalid credentials!! Check username/password combination")
return render_template('login.html')
def login():
if request.method == "POST":
users = mongo.db.users
login_user = users.find_one({"name": request.form.get("username")})
if login_user:
if (bcrypt.hashpw(
request.form["pass"].encode("utf-8"),
login_user["password"]) == login_user["password"]):
session["username"] = request.form["username"]
flash("You were successfully logged in")
return redirect(url_for("all_recipes"))
return render_template("login.html", title="Login")
def register_user(self):
username = request.get_json()['username']
find_user = UserModel.get_user(self, username)
if find_user:
return (jsonify('That username already exists!Try again'), 401)
user_name = request.get_json()['username']
first_name = request.get_json()['firstname']
last_name = request.get_json()['lastname']
hashpass = bcrypt.hashpw(
request.get_json()['password'].encode('utf-8'), bcrypt.gensalt())
user_id = UserModel.register_user(self, first_name, last_name,
username, hashpass)
if user_id:
return (jsonify('User created'), 200)
return (jsonify('Try'), 401)
def signup():
if request.method == 'POST':
existing_user = \
users_collection.find_one(
{'name': request.form.get('username')})
if existing_user is None:
hashpass = bcrypt.hashpw(
request.form.get('password').encode('utf-8'), bcrypt.gensalt())
users_collection.insert({
'name': request.form.get('username'),
'password': hashpass
})
session['username'] = request.form.get('username')
return redirect('/loggedin/' + session['username'])
return render_template('signup.html')
def post(self):
body = request.get_json(force=True)
#print(body.get('reset_token'))
_id = decode_token(body.get('access_token'))['identity']
print(col.find_one({"_id": _id}).get('username'))
bvalue = bytes(body.get('password'), 'utf-8')
temp_hash = bcrypt.hashpw(bvalue, bcrypt.gensalt())
col.update_one({"_id": _id},
{"$set": {
'password': temp_hash.decode('utf-8')
}})
return 'Your password has been reset successfully!'
def register():
if request.method == 'POST':
users = mongo.db.users
existing_user = users.find_one({'name': request.form['username']})
# Error handling to check that user does not already exist in the database
if existing_user is None:
hashpass = bcrypt.hashpw(request.form['password'].encode('utf-8'),
bcrypt.gensalt())
users.insert({
'name': request.form['username'],
'password': hashpass
})
session['username'] = request.form['username']
return redirect(url_for('get_cookbook'))
return render_template('authentication/registerfail.html')
return render_template('authentication/register.html')
def login():
"""
Renders login page.
"""
if request.method == 'POST':
users = mongo.db.users
login_user = users.find_one({'name': request.form['username'].lower()})
if login_user:
if bcrypt.hashpw(request.form['password'].encode('utf-8'),
login_user['password']) == login_user['password']:
session['username'] = request.form['username']
return redirect(url_for('index'))
flash('That username/password combination was incorrect')
return redirect(url_for('login'))
return render_template('components/forms/login-form.html')
def access():
users = mongo.db.users
login_user = users.find_one({'username': request.form['username']})
if login_user:
if bcrypt.hashpw(
request.form['password'].encode('utf-8'),
login_user['password'].encode(
'utf-8')) == login_user['password'].encode('utf-8'):
session['username'] = request.form['username']
if 'universidad' in login_user:
session['universidad'] = login_user['universidad']
if 'admin' in login_user:
session['admin'] = login_user['admin']
return Index()
return login(1)
return login(2)
def register():
form = RegisterForm(request.form)
if request.method == "POST":
matricnumber = request.form.get("matricnumber")
print(matricnumber)
email = request.form.get("email")
print(email)
password = b'SecretPassword55'
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
if bcrypt.checkpw(password, hashed):
password = request.form.get("password")
print(hashed)
# filter User out of database through username
user = user_collection.find_one(
{'matricnumber': request.form['matricnumber']})
# filter User out of database through username
user_by_email = user_collection.find_one(
{'email': request.form['email']})
if user or user_by_email:
flash('Error: User exists!')
else:
user_info = {
"matric_number": matricnumber,
"Email": email,
"Password": hashed,
"created_at": datetime.datetime.now()
}
user_collection.insert_one(user_info)
print("successfully inserted")
#flash('User created, please <a href="' + url_for('login') + '">login</a>')
return render_template("register.html", form=form)
def register():
"""User Registration. If Username is not taken and stored in MongoDB db
'users'. Hashing passwords using Bcrypt.If username is already taken message flashed to user
detailing same, if not on DB then account is created and redirected to your reviews page with flash message"""
if request.method == 'POST':
existing_user = users.find_one({'name': request.form['username']})
if existing_user:
flash('Username already taken, please try an alternative')
else:
hashpass = bcrypt.hashpw(request.form['pass'].encode('utf-8'),
bcrypt.gensalt())
users.insert({
'name': request.form['username'],
'password': hashpass
})
session['username'] = request.form['username']
flash('')
return redirect(url_for('account'))
return render_template('register.html')
def index():
if request.method == "POST":
session['register-email'] = request.form['register-email']
session['email'] = session['register-email']
session['register-password'] = request.form['register-password']
session['register-password2'] = request.form['register-password2']
# hashedmapa = bcrypt.hashpw(str(session['register-password']).encode('utf-8'), bcrypt.gensalt())
# hashedmapa = str(hashedmapa)
password = session['register-password'].encode("utf-8")
hashedmapa = bcrypt.hashpw(password, bcrypt.gensalt())
hashedmap = str(hashedmapa.decode('utf-8'))
emailt = session['register-email']
conn = create_connection()
cursor = conn.cursor()
command = f"SELECT COUNT(*) FROM LOGIN WHERE email LIKE '%{session['register-email']}%';"
cursor.execute(command)
count = cursor.fetchone()[0]
if count > 0:
flash(f'Email already exists')
return render_template("index.html")
elif session['register-password'] != session['register-password2']:
flash(f'Password does not match')
return render_template("index.html")
elif not request.form.get('term-agreement'):
flash(f'Agree to terms and conditions')
return render_template("index.html")
else:
command = f'INSERT INTO Login VALUES("{emailt}", "{hashedmap}")'
cursor.execute(command)
conn.commit()
cursor.close()
return redirect(url_for("create_profile"))
else:
return render_template("index.html")
def uPerfil():
idUsuario = request.form['idUsuario']
nombres = request.form['nombresUsua']
apellidos = request.form['apellidosUsua']
fechaNacimiento = request.form['fechaNaciUsua']
trabajo = request.form['trabajoUsua']
celular = request.form['numeroCelUsua']
tituloUniversitario = request.form['gradoUniUsua']
pais = request.form['paisOrigenUsua']
estado = request.form['estadoOrigenUsua']
ciudad = request.form['ciudadOrigenUsua']
usuario = request.form['usuario']
email = request.form['emailUsua']
clave = request.form['contraUsua'].encode('utf-8')
claveCifrada = bcrypt.hashpw(clave, bcrypt.gensalt())
empleado = mysql.connection.cursor()
empleado.execute("UPDATE usuario SET nombresUsua = %s, apellidosUsua = %s, fechaNaciUsua = %s, trabajoUsua = %s, numeroCelUsua = %s, gradoUniUsua = %s, paisOrigenUsua = %s, estadoOrigenUsua = %s, ciudadOrigenUsua = %s, usuario = %s, emailUsua = %s, contraUsua= %s WHERE idUsuario = %s",
(nombres.upper(), apellidos.upper(), fechaNacimiento, trabajo, celular, tituloUniversitario, pais, estado, ciudad, usuario, email, claveCifrada, idUsuario))
mysql.connection.commit()
empleado.close()
return redirect(url_for('sPerfil'))
def register():
if request.method == 'POST':
users = mongo.db.users
existing_user = users.find_one({'name': request.form['username']})
password = request.form['password']
repeat_password = request.form['repeat_password']
if password == repeat_password:
if existing_user is None:
hashpass = bcrypt.hashpw(
request.form['password'].encode('utf-8'), bcrypt.gensalt())
users.insert({
'name': request.form['username'].lower(),
'password': hashpass,
})
session['username'] = request.form['username']
return redirect(url_for('index'))
flash('That username already exists, try something else.')
flash('The passwords dont match.')
return 'That Username is already taken'
return render_template('components/forms/register-form.html')
def register():
if request.method == "POST":
users = mongo.db.users
existing_user = users.find_one({"name": request.form["username"]})
existing_email = users.find_one({"email": request.form["email"]})
# if username or email is not in collection insert it else display appropriate flash message
if existing_user is None:
if existing_email is None:
hashpass = bcrypt.hashpw(request.form["pass"].encode("utf-8"),
bcrypt.gensalt())
users.insert({
"name": request.form["username"],
"password": hashpass,
"email": request.form["email"],
})
session["username"] = request.form["username"]
return redirect(url_for("index"))
flash("Email already exist!")
return redirect(url_for("register"))
flash("Username already exist!")
return redirect(url_for("register"))
return render_template("registration.html", title="Registration")
def login():
if request.method == 'POST':
usuario = request.form['usuario']
clave = request.form['contraUsua'].encode('utf-8')
selUsuario = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
selUsuario.execute(
"SELECT * FROM usuario WHERE usuario = %s", (usuario,))
u = selUsuario.fetchone()
selUsuario.close()
if u is not None:
if bcrypt.hashpw(clave, u["contraUsua"].encode('utf-8')) == u["contraUsua"].encode('utf-8'):
session["nombresUsua"] = u["nombresUsua"]
session["idUsuario"] = u["idUsuario"]
print("\n\n\n\n",type(u))
return redirect(url_for('sProyecto'))
else:
flash('Error: clave incorrecta')
return redirect(request.url)
else:
flash('Error: usuario no existe')
return redirect(request.url)
else:
return render_template("login.html")
def register():
print("tried")
User = mongo.db.users
request_dict = request.get_json()
if 'email' not in request_dict:
msg = {
'errorOccured': True,
'errorMessage': "You need to supply an email"
}
return jsonify(msg)
if 'firstName' not in request_dict:
msg = {
'errorOccured': True,
'errorMessage': "You need to supply a first name"
}
return jsonify(msg)
if 'familyName' not in request_dict:
msg = {
'errorOccured': True,
'errorMessage': "You need to supply a family name"
}
return jsonify(msg)
if 'db' not in request_dict:
msg = {
'errorOccured': True,
'errorMessage': "You need to supply a date of birth"
}
return jsonify(msg)
if 'nationality' not in request_dict:
msg = {
'errorOccured': True,
'errorMessage': "You need to supply a nationality"
}
return jsonify(msg)
if 'password' not in request_dict:
msg = {
'errorOccured': True,
'errorMessage': "You need to choose a password"
}
return jsonify(msg)
existing_user = User.find_one({'email': request_dict['email']})
print("made it")
if existing_user is None:
hashedPass = bcrypt.hashpw(request_dict['password'].encode('utf-8'),
bcrypt.gensalt())
User.insert({
'email': request_dict['email'],
'db': request_dict['db'],
'firstName': request_dict['firstName'],
'familyName': request_dict['familyName'],
'nationality': request_dict['nationality'],
'password': hashedPass
})
session['email'] = request_dict['email']
return redirect(url_for('index'))
else:
msg = {
'errorOccured': True,
'errorMessage': "An account is already registered with this email"
}
return jsonify(msg)
def check_password(self, password):
return bcrypt.hashpw(password.encode('utf-8'), self.password.encode('utf-8')) == self.password.encode('utf-8')
def hash_password(plain_text_password):
# By using bcrypt, the salt is saved into the hash itself
hashed_bytes = bcrypt.hashpw(plain_text_password.encode('utf-8'),
bcrypt.gensalt())
return hashed_bytes.decode('utf-8')
