def login(): ''' Function Type: View Function, Form handler Template: accounts/login.html Purpose: Handle the login of a user and provide feedback when login fails. Inputs: None Template Parameters: form: A form of the class SignInForm. This takes the username and password of the user. active_pate: A string naming the active page. This is for higlighting the active page in the nav-bar. Forms Handled: SignInForm: Uses this form to determine if the user has the credentials to access the account. If an error occurs the appropriate error fields are filled in and the form is sent back to the template. ''' #If the user is already authenticated we are done here just go to the index if g.user is not None and g.user.is_authenticated(): flash("User is alread logged in", "warning") return redirect(url_for('index')) #If the form is being submitted (we get a POST request) handle the login if request.method == 'POST': form = SignInForm(request.form) if form.validate(): try: user = User.objects.get(username=form.username.data) passMatch = user.checkPassword(form.password.data) #Check for matching password hashes if not passMatch: flash(LOGIN_ERROR_MSG, "error") return render_template("accounts/login.html", form=form, \ active_page="login") #Validated so login the user (If the asked to be remembered tell #flask-login to handle that) login_user(user, remember=form.remember.data) #set the session global user variable g.user = current_user return redirect(url_for('index')) except User.DoesNotExist: flash(LOGIN_ERROR_MSG, "error") return render_template("accounts/login.html", form=form, \ active_page="login") #If it wasn't a form submission just render a blank form return render_template("accounts/login.html", form=SignInForm(), \ active_page="login")
def login(): ''' Function Type: View Function, Form handler Template: accounts/login.html Purpose: Handle the login of a user and provide feedback when login fails. Inputs: None Template Parameters: form: A form of the class SignInForm. This takes the username and password of the user. active_pate: A string naming the active page. This is for higlighting the active page in the nav-bar. Forms Handled: SignInForm: Uses this form to determine if the user has the credentials to access the account. If an error occurs the appropriate error fields are filled in and the form is sent back to the template. ''' #If the user is already authenticated we are done here just go to the index if g.user is not None and g.user.is_authenticated: flash("User is alread logged in", "warning") return redirect(url_for('index')) #If the form is being submitted (we get a POST request) handle the login if request.method == 'POST': form = SignInForm(request.form) if form.validate(): try: user = User.objects.get(username=form.username.data) passMatch = user.checkPassword(form.password.data) #Check for matching password hashes if not passMatch: flash(LOGIN_ERROR_MSG, "error") return render_template("accounts/login.html", form=form, \ active_page="login") #Validated so login the user (If the asked to be remembered tell #flask-login to handle that) login_user(user, remember=form.remember.data) #set the session global user variable g.user = current_user return redirect(url_for('index')) except User.DoesNotExist: flash(LOGIN_ERROR_MSG, "error") return render_template("accounts/login.html", form=form, \ active_page="login") #If it wasn't a form submission just render a blank form return render_template("accounts/login.html", form=SignInForm(), \ active_page="login")
def requestRecovery(): if request.method == 'POST': form = SignInForm(request.form) if form.validate(): try: user = User.objects.get(username=form.username.data) if user.email == None or len(user.email) == 0: flash("No email address on file for this user", "error") return redirect(url_for('login')) rec = RecoverAccount() rec.user = user rec.requestIP = str(request.environ['REMOTE_ADDR']) rec.save() #Send an email to recover the password import smtplib from email.mime.text import MIMEText messageText = """\ <html> <head></head> <body> <p>It looks like you requested a link to reset your password. <a href=' """ messageText += url_for('recovery', rid=rec.id, _external=True) messageText += """'>Here</a> is the link. If you didn't request this link and you think this has been recieved in error please contact your system administrator.</p> </body> </html>""" msg = MIMEText(messageText,'html') msg['Subject'] = 'Password reset request' msg['From'] = app.config['SYSTEM_EMAIL_ADDRESS'] msg['To'] = user.email s = smtplib.SMTP(app.config['SMTP_SERVER']) s.sendmail(app.config['SYSTEM_EMAIL_ADDRESS'], [user.email], msg.as_string()) flash("Password reset request sent", "success") return redirect(url_for('login')) except User.DoesNotExist: flash("The user you specified could not be found.", "error") return redirect(url_for('login')) else: for v in form.errors.values(): flash(v[0], "error") return redirect(url_for('login'))
def requestRecovery(): if request.method == 'POST': form = SignInForm(request.form) if form.validate(): try: user = User.objects.get(username=form.username.data) if user.email == None or len(user.email) == 0: flash("No email address on file for this user", "error") return redirect(url_for('login')) rec = RecoverAccount() rec.user = user rec.requestIP = str(request.environ['REMOTE_ADDR']) rec.save() #Send an email to recover the password import smtplib from email.mime.text import MIMEText messageText = render_template('accounts/passResetEmail.html', recoveryURL=url_for( 'recovery', rid=rec.id, _external=True)) msg = MIMEText(messageText, 'html') msg['Subject'] = 'Password reset request' msg['From'] = app.config['SYSTEM_EMAIL_ADDRESS'] msg['To'] = user.email import os SENDMAIL = "/usr/sbin/sendmail" # sendmail location p = os.popen("%s -t -i" % SENDMAIL, "w") p.write(msg.as_string()) status = p.close() if status: print "Sendmail exit status", status flash("Password reset request sent", "success") return redirect(url_for('login')) except User.DoesNotExist: flash("The user you specified could not be found.", "error") return redirect(url_for('login')) else: for v in form.errors.values(): flash(v[0], "error") print request.method return render_template("accounts/login.html", form=SignInForm(), \ active_page="login")
def requestRecovery(): if request.method == 'POST': form = SignInForm(request.form) if form.validate(): try: user = User.objects.get(username=form.username.data) if user.email == None or len(user.email) == 0: flash("No email address on file for this user", "error") return redirect(url_for('login')) rec = RecoverAccount() rec.user = user rec.requestIP = str(request.environ['REMOTE_ADDR']) rec.save() #Send an email to recover the password import smtplib from email.mime.text import MIMEText messageText = render_template('accounts/passResetEmail.html', recoveryURL= url_for('recovery', rid=rec.id, _external=True)) msg = MIMEText(messageText,'html') msg['Subject'] = 'Password reset request' msg['From'] = app.config['SYSTEM_EMAIL_ADDRESS'] msg['To'] = user.email import os SENDMAIL = "/usr/sbin/sendmail" # sendmail location p = os.popen("%s -t -i" % SENDMAIL, "w") p.write(msg.as_string()) status = p.close() if status: print "Sendmail exit status", status flash("Password reset request sent", "success") return redirect(url_for('login')) except User.DoesNotExist: flash("The user you specified could not be found.", "error") return redirect(url_for('login')) else: for v in form.errors.values(): flash(v[0], "error") print request.method return render_template("accounts/login.html", form=SignInForm(), \ active_page="login")