def login(): if current_user.is_authenticated: #current user from flask-login, if it is authenticated not then its anonymous. flash("user already logged in") return redirect(url_for("main.index")) form = LoginForm() if form.validate_on_submit( ): #fails if user do get request to login page like without clicking submit / or any validation on field fails user = User.query.filter_by(name=form.name.data).first( ) #first return uer obj only when entry is present if user is None or not user.check_password(form.password.data): flash("login failed") return redirect(url_for("auth.login")) login_user( user, remember=form.remember.data ) #flask login function -> taking user object from db -> saves it in its session #now current_user variable will point to this user -> and its authenticated print("--------CURRENT USER-- ", current_user) flash("user logged in") return redirect(url_for("main.index")) return render_template("authentication/login.html", title="sign in form", form=form) #login failed -> try again
def signin(): form = LoginForm(request.form) if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and check_password_hash(user.password, form.password.data): session['user_id'] = user.id flash('Welcome %s' % user.name) return redirect(url_for('auth.home')) flash('Wrong email or password', 'error-message') return render_template("authentication/signin.html", form=form)
def do_the_login(): if current_user.is_authenticated: flash('you are already logged-in') return redirect(url_for('main.display_books')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(user_email=form.email.data).first() if not user or not user.check_password(form.password.data): flash('Invalid Credentials, Please try again') return redirect(url_for('authentication.do_the_login')) login_user(user, form.stay_loggedin.data) return redirect(url_for('main.display_books')) return render_template('login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if not user: flash('Who are you ?') if not user.confirmed: flash('Confirm your account before logging in') return redirect(url_for('login')) if user.locked: flash( "Your account has been locked.\n Please wait for the asministrator to unlock your account" ) return redirect(url_for('login')) if user.id != 1 and not user.activated: flash("Please wait for the administrator to activate your account") return redirect(url_for("login")) if not user.check_password(form.password.data): user.failedLogin += 1 if user.failedLogin >= 3: user.locked = True db.session.add(user) db.session.commit() flash('Invalid username or password') return redirect(url_for('login')) if not user.verify_totp(form.token.data): user.failedLogin += 1 if user.failedLogin >= 3: user.locked = True db.session.add(user) db.session.commit() flash('Invalid token') return redirect(url_for('login')) user.failedLogin = 0 db.session.add(user) db.session.commit() login_user(user, remember=form.remember_me.data) session['logged_in'] = True session['number'] = str(uuid4()) session.permanent = True next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index') return redirect(next_page) return render_template('authentication/login.html', title='Sign In', form=form)
def signin(): form = LoginForm(request.form) if 'token' in session: user = User.verify_token(session['token']) if user: return redirect(url_for('auth.profile')) if request.method == 'POST': if form.validate(): user = User.query.filter_by(email=form.email.data).first() session['user_id'] = user.id session['token'] = user.generate_token() session['email'] = user.email session['user_name'] = user.username return redirect(url_for('auth.profile')) return render_template("authentication/signin.html", form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('videoapp.videolist')) form = LoginForm() if form.validate_on_submit(): user = User.find_user(form.username.data) if user is None or not user.check_password( form.password.data) or not user.enabled: flash('Incorrect user or password') return redirect(url_for('videoapp.videolist')) login_user(user, form.remember_me.data) next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('videoapp.index') return redirect(next_page) return render_template('authentication/login.html', title='Login', form=form)
def get(self): form = LoginForm(request.form) try: session, discharge = get_session_and_discharge(request) valid_session = UserSessionValidator().verify(session, discharge) if valid_session: return render_template("auth/logged_in.html") except Exception as e: self.logger.exception(e) return render_template("auth/login.html", form=form)
def post(self): form = LoginForm(request.form) if form.validate_on_submit(): try: self._authenticate_credentials(form.email.data, form.password.data) session_macaroon, session_signature, auth_discharge = ( UserSessionFactory( username=form.email.data).create_tokens()) response = make_response( render_template("auth/logged_in.html", form=form)) self._set_session_cookie(response, session_macaroon, session_signature, auth_discharge) return response except Exception as e: self.logger.exception(e) return render_template("auth/login.html", form=form)