def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
if os.environ.get("HEROKU"):
user = User.query.filter_by(username=form.username.data,
password=form.password.data).first()
if not user:
return render_template("auth/loginform.html",
form=form,
error="No such username")
else:
user = User.query.filter_by(username=form.username.data).first()
if not user:
return render_template("auth/loginform.html",
form=form,
error="No such username")
if not bcrypt.check_password_hash(user.password, form.password.data):
return render_template("auth/loginform.html",
form=form,
error="Incorrect password")
login_user(user)
return redirect(url_for("index"))
def auth_login():
if request.method == "GET":
if current_user.is_authenticated:
return redirect(url_for("index"))
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template("auth/loginform.html", form=form)
user = User.query.filter_by(username=form.username.data).first()
if not user:
form.username.errors.append("No such username")
return render_template("auth/loginform.html", form=form)
if not user.password_is_correct(form.password.data):
form.password.errors.append("Wrong password")
return render_template("auth/loginform.html", form=form)
login_user(user)
return redirect(url_for("index"))
def auth_login():
if current_user.is_authenticated:
return redirect(url_for("index"))
if request.method == "GET":
return render_template("auth/login.html", form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template("auth/login.html",
form=form,
error="Remember to fill all the fields")
user = User.query.filter_by(email=form.email.data,
password=form.password.data).first()
if not user:
return render_template("auth/login.html",
form=form,
error="Incorrect email address or password")
login_user(user)
app.jinja_env.globals.update(is_student=current_user.is_student())
app.jinja_env.globals.update(is_teacher=current_user.is_teacher())
return redirect(url_for("index"))
def auth_login():
form = LoginForm(request.form)
if g.user.is_authenticated:
return redirect(url_for("index"))
if request.method == "GET":
return render_template("auth/loginform.html", form=form)
remember_me = False
if 'remember_me' in request.form:
remember_me = True
if request.form.get("Guest") == "Guest":
username = "******"
password = u"guest".encode('utf-8')
elif request.form.get(
"Login") == "Login" and form.username.data == 'admin':
username = "******"
password = u"admin".encode('utf-8')
else:
if not form.validate():
return render_template(
"auth/loginform.html",
form=form,
error="Fields must not be empty. Check password length.")
username = form.username.data
password = form.password.data
if username == 'guest' or username == 'admin':
user = User.query.filter_by(username=username).first()
if not user:
flash("No such username or password.", "warning")
return render_template("auth/loginform.html", form=form)
try:
login_user(user, remember=remember_me)
except IntegrityError:
flash("Problems with login.", "danger")
return render_template("auth/loginform.html", form=form)
else:
user = User.query.filter_by(username=username).first()
if not user:
flash("No such username or password.", "warning")
return render_template("auth/loginform.html", form=form)
# Check password with hashed password
if not bcrypt.check_password_hash(user.password.encode('utf-8'),
password):
flash("No such password.", "warning")
return render_template("auth/loginform.html", form=form)
try:
login_user(user, remember=remember_me)
except IntegrityError:
flash("Problems with login.", "danger")
return render_template("auth/loginform.html", form=form)
db.session.permanent = remember_me
return redirect(url_for("index"))
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username/password')
return redirect(url_for('auth.login'))
login_user(user, remember=form.remember_me.data)
# if any, capture url with 'next' arg
next_page = request.args.get('next')
# if not 'next' redirect nonetheless to index
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('auth/login.html', title='Sign In', form=form)
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
username_error = ""
password_error = ""
user = User.query.filter_by(
username=form.username.data).first()
if (user == None):
username_error = "Kyseisellä nimellä ei ole käyttäjää!"
return render_template("auth/loginform.html", form=form, usernameError=username_error, passwordError = password_error)
else:
password = form.password.data
pw = user.password
if (bcrypt.check_password_hash(pw, password)):
login_user(user)
return redirect(url_for("votings_index"))
else :
password_error = "Salasana väärin!"
return render_template("auth/loginform.html", form=form, usernameError = username_error, passwordError=password_error)
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template("auth/loginform.html", form=form)
# jos käyttäjänimi ja salasana ei vastaa
user = User.query.filter_by(username=form.username.data,
password=form.password.data).first()
if not user:
return render_template("auth/loginform.html",
form=form,
error="Username and password do not match.")
print("User '" + user.username + "' identified")
login_user(user)
flash("Succesfully logged in!", "alert alert-success")
# kirjautumiskehotteen jälkeinen ohjaus
next = request.args.get("next")
return redirect(next or url_for("posts_index"))
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
user = User.query.filter_by(username=form.username.data).first()
if not user:
return render_template("auth/loginform.html",
form=form,
error="No such username or password")
try:
if not bcrypt.check_password_hash(user.password, form.password.data):
return render_template("auth/loginform.html",
form=form,
error="No such username or password")
except:
return render_template(
"auth/loginform.html",
form=form,
error="You need to hash your password with bcrypt before inserting "
"if you create an user in SQL")
login_user(user)
return redirect(url_for("index"))
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
# form.validate_on_submit() returns True if all fields are valid, otherwise
# form renders back to user
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash(_('Invalid username or password'))
return redirect(url_for('auth.login'))
# login_user comes from Flask-Login; sets current_user to user
login_user(user, remember=form.remember_me.data)
# Flask's request = data client sent
next_page = request.args.get('next')
# url_parse check ensures only relative redirect, protecting against
# inserted URLs
if not next_page or url_parse(next_page).netloc != '':
# redirect URL /login?next=/<this_view>
next_page = url_for('main.index')
return redirect(next_page)
return render_template('auth/login.html', title=_('Sign In'), form=form)
def auth_login():
if request.method == 'GET':
return render_template('auth/login.html', form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template('auth/login.html', form=form)
user = User.query.filter_by(username=form.username.data).first()
if not user:
return render_template('auth/login.html',
form=form,
error='No such username or password')
password = form.password.data.encode()
phash = user.phash.encode()
if not bcrypt.checkpw(password, phash):
return render_template('auth/login.html',
form=form,
error='No such username or password')
login_user(user)
return redirect(request.args.get('next') or url_for('posts_index'))
def auth_login():
# GET
if request.method == "GET":
next = request.args.get('next')
form = LoginForm()
return render_template("/auth/login.html", form=form, next=next)
# POST
form = LoginForm(request.form)
if not form.validate():
return render_template("/auth/login.html", form=form)
user = User.query.filter_by(username=form.username.data,
active=True).first()
if not (user and check_password_hash(user.password, form.password.data)):
flash("Kirjautuminen ei onnistunut. Tarkista tunnus ja salasana.",
"login_error")
return render_template("/auth/login.html", form=form)
remember = form.remember
login_user(user, remember=remember)
next = request.form.get('next')
if not next is None:
return redirect(next)
return redirect(url_for("home"))
def auth_login():
next_page = request.args.get("next", default=url_for("index"))
if request.method == "GET":
return render_template("auth/loginform.html",
form=LoginForm(),
next_page=next_page)
form = LoginForm(request.form)
if not form.validate():
return render_template("auth/loginform.html",
form=form,
next_page=next_page)
trainer = Trainer.query.filter_by(username=form.username.data).first()
if not trainer:
flash("No such username or password.", "error")
return render_template("auth/loginform.html",
form=form,
next_page=next_page)
password = form.password.data.encode()
db_password = trainer.password
if isinstance(trainer.password, str):
db_password = trainer.password.encode()
if not bcrypt.checkpw(password, db_password):
flash("No such username or password.", "error")
return render_template("auth/loginform.html",
form=form,
next_page=next_page)
login_user(trainer)
return redirect(next_page)
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
pw = form.password.data
if not form.validate():
return render_template("auth/loginform.html",
form=form,
error="Input between 1 and 64 char expected")
user = User.query.filter_by(
username=form.username.data.lower().strip()).first()
if not user:
return render_template("auth/loginform.html",
form=form,
error="No such username or incorrect password")
if checker(user.password, pw) == False:
return render_template("auth/loginform.html",
form=form,
error="No such username or incorrect password")
login_user(user)
flash("Otagai ni rei, sensei ni rei, welcome to the dojo {}".format(
user.name))
return redirect(url_for("index"))
def auth_create():
if request.method == 'GET':
return render_template("auth/registerform.html", form=LoginForm())
# If method is POST, validate form data
form = LoginForm(request.form)
if form.validate():
user = User.query.filter_by(email=form.email.data).first()
if user:
# Enforce unique emails
return render_template("auth/loginform.html",
form=form,
error="This email is already in use.")
# If valid email, create user and hash password, then login and redirect
pw_hash = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
u = User(email=form.email.data, password=pw_hash)
if form.admin.data is True:
u.admin = True
db.session.add(u)
db.session.commit()
login_user(u)
print(u)
return redirect(url_for('events_index'))
# If anything in POST goes wrong, serve login form with errors
return render_template("auth/registerform.html",
form=form,
error="Invalid information")
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template("auth/loginform.html", form=form)
if request.form.get('login'):
user = Agency.query.filter_by(username=form.username.data,
password=form.password.data).first()
if not user:
return render_template(
"auth/loginform.html",
form=form,
error=
"No such username or password. Register a new user or check spelling."
)
else:
user = Agency(request.form.get("username"),
request.form.get("username"),
request.form.get("password"))
db.session().add(user)
db.session().commit()
login_user(user)
return redirect(url_for("index"))
def auth_login():
if request.method == "GET":
# Set the previous page into memory
session['url'] = request.referrer
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
user = User.query.filter_by(userID=form.username.data).first()
# Return with error if no user
if not user:
return render_template("auth/loginform.html",
form=form,
error="No such username or password")
# Also return if no password match
if not (sha256_crypt.verify(form.password.data, user.password)):
return render_template("auth/loginform.html",
form=form,
error="No such username or password")
# Do not login user and inform if account has not been activated yet
if user.inactive:
return render_template(
"auth/loginform.html",
form=form,
error=
"Your registration has not been approved yet. Please contact system administrator for activation"
)
login_user(user)
# get the previous page from memory
if 'url' in session:
return redirect(session['url'])
return redirect(url_for("index"))
def auth_login():
if request.method == 'GET':
return render_template('auth/loginform.html', form=LoginForm())
form = LoginForm(request.form)
# for possible validations
user = User.query.filter_by(username=form.username.data,
password=form.password.data).first()
if not user:
return render_template('auth/loginform.html',
form=form,
error='Väärä käyttäjätunnus tai salasana')
login_user(user)
flash('Kirjautuminen onnistui')
# TODO
#next = flask.request.args.get('next')
# is_safe_url should check if the url is safe for redirects.
# See http://flask.pocoo.org/snippets/62/ for an example.
#if not is_safe_url(next):
# return flask.abort(400)
return redirect(url_for('index'))
def newuser():
try:
if request.method == "GET":
return render_template("auth/newuser.html", form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template(
"auth/newuser.html",
form=form,
error=
"Invalid input. The username and password must have 3-20 characters, and mustn't contain illegal characters."
)
user = db.session.query(
User).filter((User.name == form.username.data)
| (User.username == form.username.data)).first()
if user:
return render_template("auth/newuser.html",
form=form,
error="Username already in use")
user = User(form.username.data, form.username.data, form.password.data)
user.acc_type = "USER"
db.session().add(user)
db.session().commit()
login_user(user)
return redirect(url_for("main"))
except:
print("Something went wrong.")
db.session().rollback()
return redirect(url_for("page_404"))
def delete_self():
try:
form = LoginForm(request.form)
if not form.validate():
return render_template(
"auth/options.html",
form=form,
error=
"Invalid input. The username and password must have 3-20 characters, and mustn't contain illegal characters."
)
u = User.query.filter_by(username=form.username.data,
password=form.password.data).first()
if not u:
return render_template("auth/options.html",
form=form,
error="Incorrect username or password")
if current_user.id != u.id:
return render_template("auth/options.html",
form=form,
error="Incorrect username or password")
logout_user
delete_user(u)
db.session().commit()
return redirect(url_for("main"))
except:
print("Something went wrong.")
db.session().rollback()
return redirect(url_for("page_404"))
def login():
try:
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
if not form.validate():
return render_template(
"auth/loginform.html",
form=form,
error=
"Invalid input. The username and password must have 3-20 characters, and mustn't contain illegal characters."
)
user = User.query.filter_by(username=form.username.data,
password=form.password.data).first()
if not user:
return render_template("auth/loginform.html",
form=form,
error="No such username or password")
login_user(user)
return redirect(url_for("main"))
except:
print("Something went wrong.")
db.session().rollback()
return redirect(url_for("page_404"))
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
username = form.username.data
password = form.password.data.encode('utf-8')
user = User.query.filter_by(username=username).first()
if not user:
return render_template("auth/loginform.html",
form=form,
error="Username was not found.")
else:
password_hash = user.password
is_password_correct = flask_bcrypt.check_password_hash(
password_hash, password)
if not is_password_correct:
return render_template("auth/loginform.html",
form=form,
error="Password is incorrect.")
else:
login_user(user)
return redirect(url_for("roster_index"))
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
return redirect(request.args.get('next') or url_for('main.index'))
flash('Invalid username or password.')
return render_template('auth/login.html', form=form)
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
flash(u'Tervetuloa %s!' % form.user.name)
next = request.args.get('next')
app_login.login_user(form.user)
if not utils.is_safe_url(next):
return abort(400)
return redirect(next or url_for('index'))
return render_template('auth/login.html', form=form)
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
# katsotaan löytyykö kirjautuva käyttäjätunnus tietokannasta
user = User.query.filter_by(username=form.username.data).first()
active_user = User.query.filter_by(username=form.username.data,
active=True).first()
# katsotaan, täsmääkö käyttäjän suolatu salasana vs. selkokielisenä annettu salasana
try:
pwd_ok = user.check_password(form.password.data)
except AttributeError:
return render_template("auth/loginform.html",
form=form,
error="Antamasi tunnus tai salasana ei kelpaa!")
# jos käyttäjää ei löydy tai salasana ei täsmää, niin ilmoitetaan herja käyttäjälle
if not user or not pwd_ok:
return render_template("auth/loginform.html",
form=form,
error="Antamasi tunnus tai salasana ei kelpaa!")
elif not active_user:
return render_template(
"auth/loginform.html",
form=form,
error="Ylläpitäjä on deaktivoinut käyttäjätunnuksesi!")
login_user(user)
# katsotaan onko käyttäjä admin vai ei
adminExists = User.query.filter_by(username=form.username.data,
admin=True).first()
if adminExists:
return redirect(url_for("admin_index"))
else:
# katsotaan onko käyttäjän money_source -taulussa mitään merkintää kirjautumisen ohessa
# jos merkintöjä ei vielä ole, niin luodaan kirjautumisen ohessa yksi merkintä, jolle
# annetaan arvoksi (ms_name): Käteinen
# Ideana tässä on se, että kaikilla on joskus käteistä :) ja siksi käyttäjällä on hyvä
# olla heti luomisvaiheessa yksi rahanlähde ja olkoon se tässä käteinen.
# Käyttäjä voi sitten myöhemmässä vaiheessa lisäillä lisää rahalähteitään...
m = Moneysource("Käteinen", "")
m.acc_id_fk = current_user.id
exists = Moneysource.query.filter_by(acc_id_fk=current_user.id).first()
if not exists:
db.session().add(m)
db.session.commit()
return redirect(url_for("booking_index"))
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form = LoginForm())
form = LoginForm(request.form)
user = User.query.filter_by(username=form.username.data, password=form.password.data).first()
if not user or user.account_active == False:
return render_template("auth/loginform.html", form = form, error = "Virheellinen käyttäjätunnus tai salasana.")
login_user(user)
return redirect(url_for("index"))
def login():
# Halutessaan voi käyttää etuliitettä (prefix)
prefix = "login-"
# Renderöidään GET-pyynnössä lomake ilman dataa
if request.method == "GET":
return render_template("auth/loginform.html",
form=LoginForm(prefix=prefix))
# Lomakkeen data
data = request.form
form = LoginForm(data, prefix=prefix)
# Tallennetaan lähetetyt tiedot lyhyempiin muuttujiin kästtelyä varten
email = data[prefix + "email"].strip()
passwd = data[prefix + "password"].strip()
# Haetaan sähköpostiin liittyvän käyttäjän tiedot. Tarvitsemme aluksi salasanan hashin.
cursor = db.engine.execute(
"SELECT salasana FROM kayttaja WHERE sahkopostiosoite = ? LIMIT 1",
email)
# Haetaan tulos
result = cursor.fetchone()
cursor.close()
# Jos salasana hashia ei löytynyt, tarkoittaa se samalla sitä ettei käyttäjää ole olemassa
if not result:
return render_template("auth/loginform.html",
form=form,
error="Käyttäjää ei löytynyt")
# Halutessaan tämän voisi jättää pois mutta säilytetään selkeyden vuoksi
passwd_hash = result.salasana
# Tarkistataan hash
if not bcrypt.check_password_hash(passwd_hash, passwd):
return render_template("auth/loginform.html",
form=form,
error="Käyttäjää ei löytynyt")
# Käyttäjä sisäänkirjaus
user = Kayttaja.query.filter_by(sahkopostiosoite=email).first()
# Kenties turha tarkistus...
if not user:
return render_template("auth/loginform.html",
form=form,
error="Käyttäjää ei löytynyt")
login_user(user)
# Kaikki kunnossa -> palautetaan käyttäjä etusivulle
return redirect(url_for("index"))
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
user = User.query.filter_by(username=form.username.data, password=form.password.data).first()
if not user:
return render_template("auth/loginform.html", form=form, error="No such username or password")
login_user(user)
return redirect(url_for("courses_index"))
def auth_create():
form = LoginForm(request.form)
if not form.validate():
return render_template("auth/new.html", form=form)
password = form.password.data
u = User(form.username.data, form.username.data, password)
db.session().add(u)
db.session().commit()
return redirect(url_for("index"))
def login():
if current_user.is_authenticated:
return redirect(url_for("main.index"))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash("Invalid username or password")
return redirect(url_for("auth.login"))
login_user(user)
return redirect(url_for('main.index'))
return render_template('auth/login.html', form=form)
def auth_login():
if request.method == "GET":
return render_template("auth/loginform.html", form=LoginForm())
form = LoginForm(request.form)
user = User.query.filter_by(username=form.username.data, password=form.password.data).first()
if not user:
return render_template("auth/loginform.html", form=form, error="Väärä käyttäjätunnus tai salasana")
login_user(user)
return redirect(url_for("threads_index"))
