def login():
form = flask.request.form
if flask.request.method == "POST" and form.get("login", False):
password = form.get("password", None)
email = form.get("email", None)
if password is None or email is None:
flask.flash("Please enter your email address and password")
else:
user = User.authorize(email, password)
if user is None:
flask.flash("Invalid email and password combination")
else:
flask.session["user"] = user.id
flask.session.permanent = True
return flask.redirect(flask.request.args.get("next") or flask.url_for("account.my_account"))
return flask.render_template("login.html")
def get_session(email):
"""
If the email and password match,
a sessionId is returned as a string.
This sessionId can to be passed
along all the other requests that are annotated
with @with_user in this file
"""
password = request.form.get("password", None)
if password is None:
return make_error(400, "Password not given")
user = User.authorize(email, password)
if user is None:
return make_error(401, "Invalid credentials")
session = Session.for_user(user)
db_session.add(session)
db_session.commit()
return str(session.id)
def get_session(email):
"""
If the email and password match,
a new sessionId is created, and returned
as a string. This sessionId has to be passed
along all the other requests that are annotated
with @with_user in this file
"""
password = flask.request.form.get("password", None)
if password is None:
flask.abort(400)
user = User.authorize(email, password)
if user is None:
flask.abort(401)
session = Session.for_user(user)
zeeguu.db.session.add(session)
zeeguu.db.session.commit()
return str(session.id)
def login():
form = flask.request.form
if flask.request.method == "POST" and form.get("login", False):
password = form.get("password", None)
email = form.get("email", None)
if password is None or email is None:
flask.flash("Please enter your email address and password")
else:
user = User.authorize(email, password)
if user is None:
flask.flash("Invalid email and password combination")
else:
flask.session["user"] = user.id
flask.session.permanent = True
return flask.redirect(
flask.request.args.get("next")
or flask.url_for("account.my_account"))
return flask.render_template("login.html")
def get_session(email):
"""
If the email and password match,
a new sessionId is created, and returned
as a string. This sessionId has to be passed
along all the other requests that are annotated
with @with_user in this file
"""
password = flask.request.form.get("password", None)
if password is None:
flask.abort(400)
user = User.authorize(email, password)
if user is None:
flask.abort(401)
session = Session.for_user(user)
zeeguu.db.session.add(session)
zeeguu.db.session.commit()
return str(session.id)
def test_authorize(self):
new_password = self.faker.password()
self.user.update_password(new_password)
result = User.authorize(self.user.email, new_password)
assert result is not None and result == self.user
