def login():
if '_id' in session:
return redirect_to_home()
if request.method == 'POST':
params = {
'email': request.form['email'],
'password': request.form['password']
}
conn = BRConnection()
users = conn.users
user = users.find_one({'email': params['email']})
if user is None:
return render_template('sign_in.html', errors=['Either your email or password is incorrect.'])
if not user['verified']:
return render_template('sign_in.html', errors=['You need to click the link in your verification email. If you need me to send another verification email for you, please click <a href="/verification/resend/{0}">here</a>.'.format(params['email'])])
if sha512_crypt.verify(params['password'], user['password']):
session['_id'] = str(user['_id'])
return redirect('/')
else:
return render_template('sign_in.html', errors=['Either your email or password is incorrect.'])
return render_template('sign_in.html')
def login():
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
userdata = db.execute(
"select username from users where username=:username", {
"username": username
}).fetchone()
passdata = db.execute(
"select password from users where username=:username", {
"username": username
}).fetchone()
if userdata is None:
flash("username not found", "warning")
return render_template("login.html")
else:
for pass_data in passdata:
if sha512_crypt.verify(password, pass_data):
session['loggedin'] = True
rows = db.execute(
"SELECT * FROM users WHERE username = :username",
{"username": username})
result = rows.fetchone()
# Remember which user has logged in
session["id"] = result[0]
session["username"] = result[1]
flash("login success", "success")
return redirect(url_for('index'))
else:
flash("Incorrect Password", "danger")
return redirect(url_for('login'))
return render_template("login.html")
def get_authenticated_account(cls, email, password):
account = AccountService.find_account_by_email(email)
if not account:
return None
if not sha512_crypt.verify(password, account.password_hash):
return None
return account
def check_password(self, password: str) -> bool:
if self.ldap and USE_LDAP:
from home.web.utils import ldap_auth
return ldap_auth(self.username, password)
try:
return sha512_crypt.verify(password, self.password)
except ValueError:
return sha256_crypt.verify(password, self.password)
def authenticate(cls, username, plain_text_pw):
user = AccountService.find_username(username)
if not user:
return None
if not sha512_crypt.verify(plain_text_pw, user.password_hash):
return None
return user
def get_authenticated_account(cls, username, plain_text_password):
account = AccountService.find_account_by_username(username)
if not account:
return None
if not sha512_crypt.verify(plain_text_password, account.password_hash):
return None
return account
def get_authenticated_account(cls, email, plain_text_password):
account = AccountService.find_account_by_email(email)
if not account:
return None
if not sha512_crypt.verify(plain_text_password, account.password_hash):
return None
return account
def login_user(email: str, password: str) -> Optional[User]:
session = db_session.create_session()
user = session.query(User).filter(User.email == email).first()
if not user or not crypto.verify(password, user.hashed_password):
return None
return user
def authenticate(username: str, password: str) -> Optional[User]:
session = db.create_session()
user = session.query(User).filter(User.username == username).first()
if not user:
return None
if not crypto.verify(password, user.password):
return None
return user
def verify_password(user, secret):
"""
:param auth_token:
:param password:
:return:
"""
# Check if auth_token is valid
actual_user, secret_hash = config.backend_credentials()
if not user == actual_user or not sha512_crypt.verify(secret, secret_hash):
return False
return True
def login_user(email: str, password: str) -> Optional[User]:
session = db_session.create_session()
try:
user = session.query(User).filter(User.email == email).first()
if not user:
return user
# TODO: Verify password
if not crypto.verify(password, user.hash_password):
return None
return user
finally:
session.close()
async def login_user(email: str, password: str) -> Optional[User]:
async with db_session.create_async_session() as session:
query = select(User).filter(User.email == email)
results = await session.execute(query)
user = results.scalar_one_or_none()
if not user:
return user
if not crypto.verify(password, user.hash_password):
return None
return user
def login_user(name: str, password: str) -> Optional[User]:
session = db_session.create_session()
try:
user = session.query(User).filter(User.name == name.lower()).first()
if not user:
return user
if not crypto.verify(password, user.hashed_password):
return None
return user
finally:
session.close()
def get_authenticated_account(cls, email, plain_text_password):
account = AccountService.find_account_by_email(email)
if not account:
return None
if not sha512_crypt.verify(plain_text_password, account.password_hash):
return None
return account
# @classmethod
# def find_account_by_id(cls, user_id):
# if not user_id:
# return None
#
# session = DbSessionFactory.create_session()
#
# account = session.query(Account) \
# .filter(Account.id == user_id) \
# .first()
#
# return account
def verify_hash(hashed_text: str, plain_text: str) -> bool:
return crypto.verify(plain_text, hashed_text)
def verify_hash(hashed_text: str, plain_text: str) -> bool:
return sha512_crypt.verify(plain_text, hashed_text)
def check_password(user_id, password):
user = get_user(user_id)
if user is None:
return None
return sha512_crypt.verify(password, user['password'])
def verify_token(self, token):
return hashcode.verify(token, self.password)
