def login(): ''' auth endpoint ''' header_data = parse_qs(request) print(request) data = validate_user(header_data) if data['ok']: data = data['data'] user = db.users.find_one({'email': data['email']}, {"_id": 0}) if user and flask_bcrypt.check_password_hash(user['password'], data['password']): del user['password'] access_token = create_access_token(identity=data) refresh_token = create_refresh_token(identity=data) user['token'] = access_token user['refresh'] = refresh_token return jsonify({'ok': True, 'data': user}), 200 else: return jsonify({ 'ok': False, 'message': 'invalid username or password' }), 401 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def post(self): args = self.parser.parse_args() user = User.query.filter_by(username=args['username']).first() if user and flask_bcrypt.check_password_hash(user.password, args['password']): token = user.generate_auth_token() return jsonify({'username':user.username, 'id':user.id, 'token':base64.b64encode(token+':x')}) return '', 401
def auth_user(): '''auth endpoint ''' data = validate_user(request.get_json()) if data['ok']: data = data['data'] user = mongo.db.users.find_one({'email': data['email']}, {"_id": 0}) LOG.debug(user) if user and flask_bcrypt.check_password_hash(user['password'], data['password']): del user['password'] access_token = create_access_token(identity=data) refresh_token = create_refresh_token(identity=data) user['token'] = access_token user['refresh'] = refresh_token return jsonify({'ok': True, 'data': user}), 200 else: return jsonify({ 'ok': False, 'message': 'Invalid username or password' }), 401 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def authenticate_user(email, password): """ Create an user in the database :param email: String, user email. Ie, "*****@*****.**" :param password: String, user's password. Ie, "my-password" """ try: user = UserManager.get_user_by_email(email) if not user: raise GeneralException(message="User does not exists", status_code=400) password_hash = flask_bcrypt.check_password_hash( user.password, password) if user and password_hash: return create_access_token( identity={ 'user_id': str(user.id), 'first_name': user.first_name, 'last_name': user.last_name, 'email': email }) else: raise GeneralException( message="User and password didn't match", status_code=400) except Exception: raise
def signin(): form = SigninForm(request.form) if form.validate(): user = User.query.filter_by(email=form.email.data).first() if user is None: # form.email.errors.append('Email or password did not match') return redirect(url_for('authentication.signin')) elif flask_bcrypt.check_password_hash(user.password, form.password.data): login_user(user, form.remember_me.data) session['signed'] = True session['username'] = user.email g.user = user if session.get('next'): next_page = session.get('next') session.pop('next') return redirect(url_for('portfolio.user_home')) else: return redirect(url_for('portfolio.user_home')) else: # form.password.errors.append('Email or password did not match') return render_template('login.html', login_form=SigninForm(), register_form=SignupForm()) return render_template('login.html', login_form=SigninForm(), register_form=SignupForm())
def login(): error_message = '' if request.method == 'POST': #if not recaptchaCheck(request.form['g-recaptcha-response']): #return '请点击人机身份验证!' # check form keys if 'email' in request.form and 'password' in request.form: user = User.from_email(request.form['email']) if user is None: error_message = '此邮箱可能并未注册' current_app.logger.debug('此邮箱可能并未注册!') elif not flask_bcrypt.check_password_hash( user.password, request.form['password'], ): error_message = '登录密码不正确' current_app.logger.debug('登录密码不正确!') elif (user.expire_t.date() - datetime.date.today()).days < 0: error_message = '账户已过期' current_app.logger.debug('账户已过期!') else: if login_user(user, remember=True): current_app.logger.debug('登录成功!') return redirect('/userGameStatuses') else: error_message = '登录失败' current_app.logger.debug('登录失败!') return render_template('/auth/login.html', error_message=error_message)
def auth_user(): data = validate_user_login(request.get_json()) if data['ok']: data = data['data'] user = None user = Users.query.filter_by(login=data['login']).first() if user and flask_bcrypt.check_password_hash(user.password, data['password']): del user.password access_token = create_access_token(identity=user.json()) refresh_token = create_refresh_token( identity=user.json()) # Why it set return jsonify({ 'ok': True, 'access_token': access_token, 'refresh_token': refresh_token, 'user': user.json() }), 200 else: return jsonify({ 'ok': False, 'message': 'Invalid credentials' }), 401 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def auth_user(): data = validate_user(request.get_json()) if data['ok']: data = data['data'] user = User.query.filter_by(name=data['name']).first() if user and flask_bcrypt.check_password_hash(user.password, data['password']): del user.password access_token = create_access_token(identity=data) refresh_token = create_refresh_token(identity=data) user.token = access_token user.refresh = refresh_token return jsonify({ 'ok': True, 'access_token': access_token, 'refresh_token': refresh_token }), 200 else: return jsonify({ 'ok': False, 'message': 'Invalid credentials' }), 401 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def check_password(id, password): from app import flask_bcrypt user = User.get_by_id(id) try: result = flask_bcrypt.check_password_hash(user.password, password) except ValueError: return False return result
def post(self): form = SessionCreateForm() if not form.validate_on_submit(): return form.errors, 422 user = User.query.filter_by(email=form.email.data).first() if user and flask_bcrypt.check_password_hash(user.password, form.password.data): return UserSerializer(user).data, 201 return '', 401
def login(): if request.method == "GET": return render_template("/user-login.html") email = request.form["email"] password = request.form["password"] user = User.query.filter_by(email=email).first() if user and flask_bcrypt.check_password_hash(user.password, password): if login_user(user): return redirect(url_for(".root")) else: flash("Invalid email or password") return render_template("/user-login.html")
def login_user_page(): username = request.values.get('username').lower() password = request.values.get('password') #print("name: {} pass: {}".format(username, password)) try: user = User.query.filter_by(username=username).one() except: return ('This username doesn\'t exist') pass_check = flask_bcrypt.check_password_hash(user.password_hash, password) if (pass_check): login_user(user) return ('success') else: return ('Incorrect Password')
def login(): form = LoginForm() if form.validate_on_submit(): email = request.form['email'] password = request.form['password'] user = Users.query.filter_by(email=email).first() if user and flask_bcrypt.check_password_hash(user.password, password): login_user(user) flash('Logged In') return redirect('/') return render_template('auth/login.html', form=form)
def login(): if request.method == "POST" and "email" in request.form: email = request.form["email"] userObj = User() user = userObj.get_by_email_w_password(email) if user and flask_bcrypt.check_password_hash( user.password, request.form["password"]) and user.is_active: remember = request.form.get("remember", "no") == "yes" if login_user(user, remember=remember): flash("Logged in!") return redirect('/notes/create') else: flash("unable to log you in") return render_template("/auth/login.html")
def login(): if request.method == 'GET': return render_template("/user-login.html") email = request.form["email"] password = request.form["password"] user = User.query.filter_by(email=email).first() if user and flask_bcrypt.check_password_hash(user.password, password): if login_user(user): return redirect(url_for('.root')) else: flash("Invalid email or password") return render_template("/user-login.html")
def login(): if request.method == "POST" and "email" in request.form: email = request.form["email"] u = User() user = u.get_by_email_w_password(email) if user and flask_bcrypt.check_password_hash(user.password, request.form["password"]) and user.is_active(): remember = request.form.get("remember", "no") == "no" if login_user(user, remember=remember): return redirect('/events/create') else: pass return render_template("/auth/login.html")
def login(): if request.method == "POST" and "email" in request.form: email = request.form["email"] userObj = User() user = userObj.get_by_email_w_password(email) if user and flask_bcrypt.check_password_hash(user.password,request.form["password"]) and user.is_active(): # remember = request.form.get("remember", "no") == "yes" if login_user(user, remember=True): flash("Logged in!") return redirect('/home') else: flash("unable to log you in") return render_template("/auth/login.html")
def login(): if request.method == "POST" and "username" in request.form: username = request.form["username"] userObj = User() user = userObj.get_by_username_w_password(username) if user and flask_bcrypt.check_password_hash(user.password,request.form["password"]) and user.is_active: print(user.is_active) remember = request.form.get("remember","no") == "yes" if login_user(user,remember=remember): flash("Logged in!") return render_template("logined.html") else: flash("unable to log you in") return render_template("login.html")
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and flask_bcrypt.check_password_hash(user.password, form.password.data): login_user(user) flash('Welcome %s %s. You have logged in successfully.' % (user.firstname, user.lastname)) return redirect(url_for('main.index')) else: flash('User not found.') form.email.data = '' form.password.data = '' return render_template('auth/login.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and flask_bcrypt.check_password_hash(user.password, form.password.data): login_user(user) flash('Welcome %s %s. You have logged in successfully.' % (user.en_firstname, user.en_lastname)) return redirect(url_for('main.index')) else: flash('User not found.') form.email.data = '' form.password.data = '' return render_template('auth/login.html', form=form)
def login(): if request.method == "POST" and "username" in request.form: username = request.form["username"] u = User() user = u.get_by_username_w_password(username) if user and flask_bcrypt.check_password_hash( user.password, request.form["password"]) and user.is_active(): remember = request.form.get("remember", "no") == "no" if login_user(user, remember=remember): return redirect('/events/create') else: pass return render_template("auth/login.html")
def change_password(): error = None old_password = request.form['oldPassword'] new_password = flask_bcrypt.generate_password_hash(request.form['newPassword'], rounds=12) #Retrieve logged-in doctor document, to populate his profile page doctor_doc = Users.objects.get(id=current_user.get_id()) if not flask_bcrypt.check_password_hash(doctor_doc["password"], old_password): error = 'Fjalekalimi gabim! Kerkesa juaj per ndryshim te fjalekalimit nuk u ekzekutua.' return render_template('doc_profile/doc_profile.html', message=error,type="error", doctor_doc=doctor_doc) elif request.form['newPassword'] != request.form['passwordConfirm']: error = 'Fjalekalimet nuk jane te njejta! Kerkesa juaj per ndryshim te fjalekalimit nuk u ekzekutua.' return render_template('doc_profile/doc_profile.html', message=error, type="error", doctor_doc=doctor_doc) else: doctor_doc.update(password=new_password) success = "Ndryshimi fjalekalimit u krye me sukses!" return render_template('doc_profile/doc_profile.html', message=success, type="success", doctor_doc=doctor_doc)
def auth_user(): ''' auth endpoint ''' data = request.get_json() user = db.get_by_query({'email': data['email']}) if user and flask_bcrypt.check_password_hash(user['password'], data['password']): del user['password'] access_token = create_access_token(identity=data) refresh_token = create_refresh_token(identity=data) user['token'] = access_token user['refresh'] = refresh_token return jsonify({'ok': True, 'data': user}), 200 else: return jsonify({ 'ok': False, 'message': 'invalid username or password' }), 401
def post(cls): from app import flask_bcrypt data = _parser.parse_args() user = UserModel.find_by_username(data['username']) if user and flask_bcrypt.check_password_hash(user.password_hash, data['password']): access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(user.id) return { 'access_token': access_token, 'refresh_token': refresh_token }, 200 return {'message': 'Invalid credentials'}, 401
def login(): ''' Login request. ''' form = LoginForm(request.form) if request.method == 'POST': try: user = Users.objects.get(email=form.email.data) if user['email'] == form.email.data and flask_bcrypt.check_password_hash(user['password'], form.password.data): login_user(user) current_app.logger.info("User '%s' logged in." % form.email.data) return redirect(url_for('patient_directory.patients')) else: return render_template('mod_auth/login.html', message="ErrorData" ,form=form) except DoesNotExist: return render_template('mod_auth/login.html', message="ErrorData", form=form) return render_template('mod_auth/login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('listing')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if not user: flash('No such User exists') return render_template('login.html', form=form) if (not flask_bcrypt.check_password_hash(user.password, form.password.data)): flash("Invalid Password.") return render_template('login.html', form=form) login_user(user, remember=True) flash("you have logged in successfully.") return redirect(url_for('listing')) return render_template('login.html', form=form)
def auth_user(): """Auth endpoint.""" data = validate_user(request.get_json()) if data.get('ok'): data = data.get('data') user_data = mongo.db.users.find_one({'email': data.get('email')}, {'_id': 0}) LOG.debug(user_data) if user_data and flask_bcrypt.check_password_hash(user_data.get('password'), data.get('password')): del user_data['password'] access_token = create_access_token(identity=data) refresh_token = create_refresh_token(identity=data) user_data['token'] = access_token user_data['refresh'] = refresh_token return jsonify({'ok': True, 'data': user_data}), 200 else: return jsonify({'ok': False, 'message': 'Invalid username or password'}), 401 else: return jsonify({'ok': False, 'message': 'Bad request parameters: {}'.format(data.get('message'))}), 400
def login(): if not current_user.is_anonymous: flash("You have login before, return to homepage!") return redirect('/') form = LoginForm(request.form) if request.method == 'POST': user_obj = User() email = form.email.data password = form.password.data remember = form.remember.data user_obj.get_by_email(email, password_acquirement=True) if flask_bcrypt.check_password_hash(user_obj.password, password): login_user(user_obj, remember=remember) flash("Logged in!") else: logging.debug('login-- user {} has input wrong password'.format(email)) return redirect('/') return render_template('login.html', form=form)
def login(): if request.method == 'POST' and 'email' in request.form: email = request.form['email'] user_obj = User() user = user_obj.get_by_email_w_password(email) if ( user and # user exists in db flask_bcrypt.check_password_hash( user.password, request.form['password'], ) and # user pw stored matched user.is_active # user is active now ): remember = request.form.get('remember', 'no') == 'yes' if login_user(user, remember=remember): flash('登录成功!') return redirect('/game') else: flash('登录失败!') return render_template('/auth/login.html')
def post(self): user_info = request.get_json(force=True) exact_user = UserModel.query.filter_by( email=user_info['email']).first() if not exact_user: return error_response(message="No associated account " + "with this email. 😩", status=404) is_valid_password = BCrypt.check_password_hash(exact_user.password, user_info['password']) if not is_valid_password: return error_response(message="Email or Password " + "is not correct 😕", status=401) user_schema = UserSchema(exclude=['password', 'push_sub']) user_info = user_schema.dump(exact_user) token = create_access_token(identity={"id": exact_user.id}) return success_response(message='Logged in successfuly', data=dict(token=token, user=user_info), status=200)
def login(): """User login functionality.""" if current_user.is_authenticated: return redirect(url_for('snaps.listing')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by( username=form.username.data).first() if not user: flash("No such user exists") return render_template('users/login.html', form=form) if not flask_bcrypt.check_password_hash( user.password, form.password.data): flash("invalid password") return render_template('users/login.html', form=form) login_user(user, remember=True) flash("Success! You are logged in.") return redirect(url_for("snaps.listing")) return render_template('users/login.html', form=form)
def login(): if g.user is not None and g.user.is_authenticated(): return redirect(url_for('index')) if request.method == "POST" and "email" in request.form: email = request.form["email"] userObj = User() user = userObj.get_by_email_w_password(email) if user and user.is_active() and flask_bcrypt.check_password_hash(user.password, request.form["password"]): remember = request.form.get("remember", "no") == "yes" if login_user(user, remember=remember): flash("Logged In!") identity_changed.send(current_app._get_current_object(), identity = Identity(user.id)) return redirect(request.args.get('next') or '/jobs') else: flash("Unable to log you in") form = LoginForm(request.form) return render_template('forms/login.html', form=form)
def auth_user(): try: data = validate_user(request.get_json()) if not data['ok']: return jsonify({'ok': False, 'message': 'Bad request parameters: {}'.format(data['message'])}), 400 data = data['data'] user = mongo.db.users.find_one({'user': data['user'].upper()}, {'_id': False, 'role': False}) if not user or not flask_bcrypt.check_password_hash(user['password'], data['password']): return jsonify({'ok': False, 'message': 'Usuario o contraseña incorrectos'}), 401 del user['password'] del data['password'] if not user['active']: return jsonify({'ok': False, 'message': 'Usuario o contraseña incorrectos'}), 401 del user['active'] access_token = create_access_token(identity=data) refresh_token = create_refresh_token(identity=data) user['token'] = access_token user['refresh'] = refresh_token return jsonify({'ok': True, 'data': user}), 200 except: return jsonify({'ok': False, 'message': 'Usuario o contraseña incorrectos'}), 401
def auth_user(): # auth endpoint data = validate_user(request.get_json()) if data['ok']: data = data['data'] found_user = mongo.db.users.find_one({'email': data['email']}) if found_user and flask_bcrypt.check_password_hash( found_user['password'], data['password']): del found_user['password'] found_user['token'] = create_access_token(identity=data) found_user['refresh'] = create_refresh_token(identity=data) return jsonify({'ok': True, 'data': found_user}), 200 else: return jsonify({ 'ok': False, 'message': 'invalid username or password' }), 401 else: return jsonify({ 'ok': False, 'message': 'Bad request parameters: {}'.format(data['message']) }), 400
def login(): """For GET requests, display the login form. For POSTS, login the current user by processing the form. """ form = LoginForm(formdata=request.form) if request.method == 'POST' and form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: if flask_bcrypt.check_password_hash(user.password, form.password.data): user.authenticated = True db.session.add(user) save_changes(db.session) login_user(user, remember=True) next_page = flask.request.args.get('next') if not is_safe_url(next_page): return flask.abort(400) return redirect(next_page or url_for('home.home')) if current_user and current_user.is_authenticated: return redirect(url_for('home.home')) return render_template('forms/login.html', form=form)
def verify_password(self, password): return flask_bcrypt.check_password_hash(self.password, password)
def check_password(self, password): return flask_bcrypt.check_password_hash(self.password_hash, password)
def check_password(self, password): if not self.password_hash or not password: return False return flask_bcrypt.check_password_hash(self.password_hash, password)
def check_password(self, password): if self.password and flask_bcrypt.check_password_hash(self.password, password): return True else: return False
def verify_password(email, password): user = User.query.filter_by(email=email).first() if not user: return False g.user = user return flask_bcrypt.check_password_hash(user.password, password)
def test_password_hashing(self): user = User(email='*****@*****.**', first_name='susan', last_name='daniel', password='******') self.assertFalse(user.password == 'mum') self.assertTrue(flask_bcrypt.check_password_hash(user.password, 'mum'))
def login(): tid, ip = setup_log_vars() lggr = setup_local_logger(tid, ip) MAM = MainModel(tid=tid, ip=ip) lggr.debug('current_user:'******'id'): #return redirect(absolute_url('/'+current_user.id+'/_home')) return redirect( url_for('avispa_rest.home', handle=current_user.id, _external=True, _scheme=URL_SCHEME)) else: return redirect( url_for('avispa_auth.login', _external=True, _scheme=URL_SCHEME)) if request.method == "POST" and "email" in request.form: lggr.info('Login attempt for:' + request.form.get('email')) email = request.form.get('email') if email.strip() != '': userObj = User(email=email, tid=tid, ip=ip) user = userObj.get_user() #print("user:"******"remember", "no") == "yes" if login_user(userObj, remember=remember): lggr.info('Login attempt successful for:' + request.form.get('email')) #next = request.args.get('next') #if not next_is_valid(next): # return flask.abort(400) mpp = {'status': 'OK'} flash({'f': 'track', 'v': '_login', 'p': mpp}, 'MP') #flash({'track':'_login OK'},'MP') flash({'f': 'identify', 'v': current_user.id}, 'MP') #flash({'identify':current_user.id},'MP') mpp = {'$name': current_user.id} flash({'f': 'people.set', 'p': mpp}, 'MP') #msg = {"$name":current_user.id} #flash({'people.set': msg },'MP') flash("Logged in!", 'UI') if 'r' in request.form: # Custom redirect sent in the form # Not using url_for as we don't know what URL they are going to request o = urlparse.urlparse(request.url) path = request.form.get('r') rr = urlparse.urlunparse( (URL_SCHEME, o.netloc, path, '', '', '')) return redirect(rr) elif (user.onlogin != '') and (user.onlogin is not None): # Custom redirect from user onlogin hook # Not using url_for as we don't know what URL they are going to request o = urlparse.urlparse(request.url) path = user.onlogin rr = urlparse.urlunparse( (URL_SCHEME, o.netloc, path, '', '', '')) return redirect(rr) else: # Default redirect to user's home return redirect( url_for('avispa_rest.home', handle=user.id, _external=True, _scheme=URL_SCHEME)) else: lggr.info('Something went wrong in the user object:' + request.form.get('email')) flash("unable to log you in", 'UI') mpp = {'status': 'KO', 'msg': 'Unable to log in'} flash({'f': 'track', 'v': '_login', 'p': mpp}, 'MP') #flash({'track':'_login KO, Try again'},'MP') else: lggr.info('User/Password is not correct for:' + request.form.get('email')) flash("User/Password is not correct", 'UI') mpp = {'status': 'KO', 'msg': 'User/Password incorrect'} flash({'f': 'track', 'v': '_login', 'p': mpp}, 'MP') #flash({'track':'_login KO, User/Password incorrect'},'MP') else: lggr.info('User is not active:' + request.form.get('email')) flash("User not active", 'UI') mpp = {'status': 'KO', 'msg': 'User not active'} flash({'f': 'track', 'v': '_login', 'p': mpp}, 'MP') #flash("_login KO, User not active",'MP') else: lggr.info('Enter a valid email:') flash("Enter a valid email", 'UI') data = {} data['method'] = '_login' #t = time.time() #data['today']= time.strftime("%A %b %d, %Y ",time.gmtime(t)) return render_template("/auth/login.html", data=data)