def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) user = User.query.filter_by(username=form.username.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username or password") try: if not bcrypt.check_password_hash(user.password, form.password.data): return render_template("auth/loginform.html", form=form, error="No such username or password") except: return render_template( "auth/loginform.html", form=form, error="You need to hash your password with bcrypt before inserting " "if you create an user in SQL") login_user(user) return redirect(url_for("index"))
def account_edit_password(): """Change user's password.""" form = PasswordForm(request.form) if not form.validate(): return render_template("error.html", errors=form.errors.values()) new_password = form.new_password.data.strip() current_password = form.current_password.data.strip() account = Account.query.filter_by(email=current_user.email).first() pass_okay = bcrypt.check_password_hash(account.password, current_password) if not pass_okay: return render_template("error.html", errors=["Nykyinen salasana on väärin."]) hashed_password = bcrypt.generate_password_hash(new_password, 12).decode("utf-8") account.password = hashed_password db.session().commit() return redirect(url_for("account_edit", _anchor="password_tab"))
def loginTest(name, inPassword): returnBool = False returnString = u'' #Først Tjek username user = User.query.filter_by(username=name).first() if user == None: returnBool = False returnString = u'Brugernavenet findes ikke' elif len(inPassword) <= 1: returnBool = False returnString = u'Kodeordet er tomt' elif bcrypt.check_password_hash(user.password, inPassword) != True: returnBool = False returnString = u'Kodeordet er forkert' else: user.lastLogin = datetime.now() db.session.commit() returnBool = True returnString = u'None' return [returnBool, returnString]
def tryCreateUser(userName, userPassword, remeberMe, authenticateCode): ''' create User ''' returnBool = False returnString = u'' returnType = 'error' u = userFromUserName(userName) secret = bcrypt.check_password_hash(authenticateCode, app.config['SECRET_KEY']) if u == False and secret == True and passwordCheck(userPassword) == True: hashedpassword = bcrypt.generate_password_hash(userPassword, 7) theUser = User(userName,hashedpassword) db.session.add(theUser) db.session.commit() loginUser(theUser, remeberMe) returnBool = True returnString = '{} created!'.format(userName) returnType = '' else: returnBool = False returnString = 'Could not create user' returnType = 'error' return [returnBool, returnString, returnType]
def tryLogin(userName, userPassword, remeberMe, authenticateCode): ''' Prøv at logge ind, og hvis den ''' returnBool = False returnString = u'' returnType = 'error' u = userFromUserName(userName) secret = bcrypt.check_password_hash(authenticateCode, app.config['SECRET_KEY']) if u and authenticateUser(u, userPassword) and secret: loginUser(u, remeberMe) returnBool = True returnString = 'Logged in as {}!'.format(u.username) returnType = '' else: returnBool = False returnString = 'Incorrect username or password.' returnType = 'error' return [returnBool, returnString, returnType]
def login(): form = LoginForm() title = 'Login' if form.validate_on_submit(): user = User(form.password.data, form.email.data) user.select_user(form.email.data) print(user.select_user(form.email.data)) print('user is None?', user == None) print(user) password = query('password', 'clients', f"email='{form.email.data}'")[0] if user is not None and bcrypt.check_password_hash( password, form.password.data): login_user(user, form.remember.data) print("current user self.getname '{}'".format(login_fresh())) flash("Login Sucessful!", 'success') next = request.args.get('next') print(next) if next is None or not next.startswith('/'): next = url_for('index') return redirect(next) else: flash("Login Unsucessful, Please check email and password", 'danger') return render_template('login.html', form=form, title=title)
def change_password(): user = User.query.get(current_user.id) if request.method == "GET": return render_template("auth/changepassform.html", form=ChangePassForm()) form = ChangePassForm(request.form) if bcrypt.check_password_hash( user.password, form.oldpass.data) and form.newpass.data == form.confirmpass.data: user.password = bcrypt.generate_password_hash( form.newpass.data).decode('utf-8') db.session().commit() flash('Password changed successfully') return redirect(url_for("user_edit")) else: return render_template( "auth/changepassform.html", form=form, error="Passwords did not match or the old password was wrong")
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) username_error = "" password_error = "" user = User.query.filter_by( username=form.username.data).first() if (user == None): username_error = "Kyseisellä nimellä ei ole käyttäjää!" return render_template("auth/loginform.html", form=form, usernameError=username_error, passwordError = password_error) else: password = form.password.data pw = user.password if (bcrypt.check_password_hash(pw, password)): login_user(user) return redirect(url_for("votings_index")) else : password_error = "Salasana väärin!" return render_template("auth/loginform.html", form=form, usernameError = username_error, passwordError=password_error)
def login(): '''Login route''' if current_user.is_authenticated: return redirect(url_for('auth.profile')) form = LoginForm() if form.validate_on_submit(): try: user = User.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user) # next_page = request.args.get('next') # if next_page: # return redirect(next_page) flash('Login successful!', 'success') return redirect(url_for('auth.profile')) else: flash('Login unsuccessful. Check email/password.', 'fail') return redirect(url_for('auth.login')) except Exception: flash('An error has occurred', 'fail') return redirect(url_for('auth.login')) return render_template('auth/login.html', form=form)
def login_route(): '''Login registered users''' if current_user.is_authenticated: return redirect(url_for('forum.index_page')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): view_count = int(request.cookies.get('view-count', 0)) view_count += 1 # user_agent = request.headers.get('User-Agent') # host = request.headers.get('Host') # referer = request.headers.get('Referer') login_user(user) next_page = request.args.get('next') if next_page: pass # return redirect(next_page) return redirect(url_for('auth.profile', _external=True)) else: logger.warn('Login failure!!!!', exc_info=True) flash('Login failed. Check your email/password.', 'fail') return render_template('auth/login.html', form=form)
def teacher_login(): # If the user is already logged in, redirect to the dashboard if current_user.is_authenticated: return redirect(url_for('teacher_dashboard')) # Create form using Flask-WTF form = LoginForm() # If the form has been successfully submitted if form.validate_on_submit(): # Check if the user exists and whether the bcrypt hash of the input and the user's hash match user = User.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): # Log the user in and redirect to the dashboard if there is not "?next=" parameter in the URL login_user(user, remember=form.remember.data) return redirect(url_for('teacher_dashboard') ) if not request.args.get('next') else redirect( request.args.get('next')) # Flash that the login was unsuccessful (Flash is an in-built # Flask tool that sends messages which can be retrieved on the HTML page) else: flash('Login Unsuccessful. Please check your email and password', 'danger') return render_template('teacher/general/login.html', form=form, page_title='Login')
def login(credentials): """ Login Login endpoint. """ post_data = request.get_json() response_object = { 'status': 'fail', 'msg': 'Invalid request.', 'token': '', } email = post_data.get('email') password = post_data.get('password') try: # fetch the user data user = User.query.filter_by(email=email).first() if user: if bcrypt.check_password_hash(user.password, password.encode('utf-8')): auth_token = create_access_token(identity=email) if auth_token: response_object['status'] = 'success' response_object['msg'] = 'Successfully logged in.' response_object['token'] = auth_token return response_object, 200 else: response_object['msg'] = 'Incorrect password.' else: response_object['msg'] = 'User does not exist.' return response_object, 404 except Exception as e: response_object['msg'] = e return response_object, 500
def auth_login(): if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm()) form = LoginForm(request.form) if os.environ.get("HEROKU"): user = User.query.filter_by(username=form.username.data, password=form.password.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username") else: user = User.query.filter_by(username=form.username.data).first() if not user: return render_template("auth/loginform.html", form=form, error="No such username") if not bcrypt.check_password_hash(user.password, form.password.data): return render_template("auth/loginform.html", form=form, error="Incorrect password") login_user(user) return redirect(url_for("index"))
def login(): global settings, data, devinfo, devdata if current_user.is_authenticated: return redirect(url_for('.index')) if request.method == "GET": return render_template('login.html') elif request.method == "POST": session['password'] = request.form['pswrd'] password = session['password'] global context_output context_output[request.form['userid']] = {} session.pop(request.form['userid'], None) # drop existing session user = User.query.filter_by(username=request.form['userid']).first() if not user: flash(f'User {request.form["userid"]} does not exist', 'danger') elif bcrypt.check_password_hash(user.password, password): login_user(user, remember=False) if type(settings) != dict: settings = readsettings() if type(settings) == str: data = {'settings': {}, 'devices': {}} flash( f'Settings missing. General settings are required for system to work.\ Please setup the system', 'danger') return render_template('home.html', showTab={'mainTab': 'settings'}, data=data, user_id=user.username) if not data['devices']: devices = Device(user.username, password, path=settings['general-database']) devinfo = devices.database() devdata = ip_to_name_as_key(devinfo) data = { 'settings': settings, 'devices': devdata, 'device_refresh_time': device_refresh_time } print('\n====> Loaded devices | ip as key\n') pprint.pprint(devinfo) print('\n====> Loaded devices | hostname as key\n') pprint.pprint(devdata) print('\n====> data\n') pprint.pprint(data) next_page = request.args.get('next') log(command='login: web', user_id=user.id) return redirect(url_for('.index')) else: flash(f'Login failed. Please confirm the password', 'danger') return redirect(url_for('.login'))
def post(self): """ Method to see if login was successful or not and returns a boolean. :return: Boolean """ try: data = api.payload if User.objects(email=data['email']): # Compares password with encrypted password in db if bcrypt.check_password_hash( User.objects(email=data['email'])[0].password, data['password']): # if the password matches a token will be created for user token = create_access_token(identity=data['email']) print(token) return jsonify({ 'response': 'Login Successful!', 'login': True, 'token': token }) else: # Returns error if passwords do not match return jsonify({ 'response': 'Login Unsuccessful!', 'login': False }), 401 else: return jsonify({ 'response': 'Invalid! Please Try again', 'login': False }), 401 except Exception as e: print(e) return jsonify({'response': "Backend Error", 'login': False}), 500
def test_hashed_password(self): """ Comparing hashed and non-hashed password """ password = "******" hashed = bcrypt.generate_password_hash(password) test = bcrypt.check_password_hash(hashed, password) self.assertEqual(True, test)
def validate_password(self, password): user = Users.query.filter_by(email=self.email.data).first() if user: if not bcrypt.check_password_hash(user.password, self.password.data): raise ValidationError('Incorrect Email or Password') else: raise ValidationError('Incorrect Email or Password')
def auth_login_post(): """Login functionality (POST).""" if current_user.is_authenticated: return redirect(url_for("index")) form = LoginForm(request.form) if not form.validate(): return render_template("error.html", errors=form.errors.values()) login = Login(request.environ["REMOTE_ADDR"], request.user_agent.string) account = Account.query.filter_by(email=form.email.data).first() error_template = render_template( "error.html", errors=["Virheellinen käyttäjätunnus tai salasana."]) if not account: # Login fails. login.failure(form.email.data ) # If the login fails, we store the used email address. db.session().add(login) db.session().commit() return error_template password = form.password.data.strip() pass_okay = bcrypt.check_password_hash(account.password, password) if not pass_okay: login.failure(form.email.data) db.session().add(login) db.session().commit() return error_template login_user(account) login.success( account.id) # If the login succeeds, we'll store the account's ID. db.session().add(login) db.session().commit() # TODO: Handle Flask's "next" URL parameter, if present. if account.role != 'N': return redirect(url_for("index")) else: profile = Profile.query.filter_by(id=current_user.id).first() if not profile: return redirect( url_for("profile_create")) # User doesn't have a profile yet. return redirect( url_for("profile_view_with_handle", handle=account.handle))
def authenticate(): data = request.args email = data['email'] password = data['password'] try: admin = Admin.find_admin_by_email(email) if admin and bcrypt.check_password_hash(admin.password, password): identity = { 'email': admin.email, 'name': admin.username, 'id': admin.id, 'isAdmin': True } access_token = create_access_token(identity=identity) if access_token: response_object = { 'status': 'success', 'message': 'Successfully logged in', 'auth_token': access_token } return make_response(jsonify(response_object)), 200 elif admin and not bcrypt.check_password_hash(admin.password, password): response_object = { 'status': 'fail', 'message': 'Invalid password.' } return make_response(jsonify(response_object)), 403 else: response_object = { 'status': 'fail', 'message': 'Admin does not exist.' } return make_response(jsonify(response_object)), 404 except Exception as e: response_object = { 'status': 'fail', 'message': 'Could not sign in', 'error': ','.join(e.args) } return make_response(jsonify(response_object)), 401
def authenticateUser(userObj, inPassword): ''' Tjek om bruger obj's kodeord = input koden. ''' if bcrypt.check_password_hash(userObj.password, inPassword): return True else: return False
def account(): form = UpdateAccountForm() user_info = User_info.query.filter_by(id=current_user.id).first() password = User.query.filter_by(password=current_user.password).first() attended_events = event_id = AttendingEvent.query.join(Event).filter( AttendingEvent.user_id == current_user.id, Event.event_date < datetime.today()).order_by(Event.event_date).all() #User does not change password if form.validate_on_submit() and form.new_password.data == "": flash(f'Ditt konto är nu uppdaterat!', 'success') if form.picture.data: picture_file = save_picture(form.picture.data) current_user.image_file = picture_file current_user.email = form.email.data user_info.food_preference = form.food_preference.data user_info.semester = form.semester.data db.session.commit() #User change password elif form.validate_on_submit() and form.old_password.data != "": if bcrypt.check_password_hash(current_user.password, form.old_password.data): flash(f'Ditt konto och lösenord är nu uppdaterat!', 'success') if form.picture.data: picture_file = save_picture(form.picture.data) current_user.image_file = picture_file hashed_password = bcrypt.generate_password_hash( form.confirm_password.data).decode('utf-8') current_user.email = form.email.data user_info.food_preference = form.food_preference.data user_info.semester = form.semester.data current_user.password = hashed_password db.session.commit() elif form.validate_on_submit(): flash(f'Någonting gick snett, försök igen!', 'danger') elif request.method == 'GET': form.email.data = current_user.email form.food_preference.data = user_info.food_preference form.semester.data = user_info.semester image_file = url_for('static', filename='profile_pics/' + current_user.image_file) get_warnings = AttendingEvent.query.filter( AttendingEvent.warning == 'warning').filter( AttendingEvent.user_id == current_user.id).all() user_warning = [] for warning in get_warnings: event = Post.query.filter(Post.event_id == warning.event_id).first() user_warning.append(event) return render_template('account.html', image_file=image_file, form=form, user_info=user_info, attended_events=attended_events, user_warning=user_warning)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user, remember=form.remember.data) return redirect(url_for('home')) else: flash('Login Unsuccessful. Please check email and password', 'danger') return render_template('login.html', title='Login', form=form)
def login(): username = request.get_json()['username'] password = request.get_json()['password'] user = User.query.filter_by(username=username).first() if not bcrypt.check_password_hash(user.password, password): return 'Wrong password' return jsonify({'id': user.id, 'username': user.username})
def login(): if session.get('USER_ID'): return redirect(url_for('main.home')) else: form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(user_id=form.username.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): flash("Successfully logged in!!!", category="success") session['USER_ID'] = user.user_id session['ROLE'] = user.role return redirect(url_for('main.dashboard')) elif user and not bcrypt.check_password_hash( user.password, form.password.data): flash("Wrong password entered!!!", category="danger") else: flash("Wrong username entered!!!", category="danger") return render_template("main/login.html", title="Login", form=form)
def login(): # Halutessaan voi käyttää etuliitettä (prefix) prefix = "login-" # Renderöidään GET-pyynnössä lomake ilman dataa if request.method == "GET": return render_template("auth/loginform.html", form=LoginForm(prefix=prefix)) # Lomakkeen data data = request.form form = LoginForm(data, prefix=prefix) # Tallennetaan lähetetyt tiedot lyhyempiin muuttujiin kästtelyä varten email = data[prefix + "email"].strip() passwd = data[prefix + "password"].strip() # Haetaan sähköpostiin liittyvän käyttäjän tiedot. Tarvitsemme aluksi salasanan hashin. cursor = db.engine.execute( "SELECT salasana FROM kayttaja WHERE sahkopostiosoite = ? LIMIT 1", email) # Haetaan tulos result = cursor.fetchone() cursor.close() # Jos salasana hashia ei löytynyt, tarkoittaa se samalla sitä ettei käyttäjää ole olemassa if not result: return render_template("auth/loginform.html", form=form, error="Käyttäjää ei löytynyt") # Halutessaan tämän voisi jättää pois mutta säilytetään selkeyden vuoksi passwd_hash = result.salasana # Tarkistataan hash if not bcrypt.check_password_hash(passwd_hash, passwd): return render_template("auth/loginform.html", form=form, error="Käyttäjää ei löytynyt") # Käyttäjä sisäänkirjaus user = Kayttaja.query.filter_by(sahkopostiosoite=email).first() # Kenties turha tarkistus... if not user: return render_template("auth/loginform.html", form=form, error="Käyttäjää ei löytynyt") login_user(user) # Kaikki kunnossa -> palautetaan käyttäjä etusivulle return redirect(url_for("index"))
def login(): if current_user.is_authenticated: return redirect(url_for('mytimeline')) else: form = StudentLoginForm() if form.validate_on_submit(): user = StudentUsers.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user, remember=form.remember.data) return redirect(url_for('mytimeline')) return render_template('login.html', title='Login', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('posts.home')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user) return redirect(url_for('posts.home')) return render_template('login.html', form=form)
def login(): login_form = LoginForm() if login_form.validate_on_submit(): user = User.query.filter_by(email=login_form.email.data).first() if user and bcrypt.check_password_hash(user.password, login_form.password.data): login_user(user) next_page = request.args.get('next') if next_page: return redirect(next_page) else: return redirect(url_for('home')) return render_template('login.html', title='Login', form=login_form)
def auth(): if current_user.is_authenticated: return redirect(url_for('home')) form = LoginForm() if form.validate_on_submit(): user = Users.query.filter_by(email=form.email.data).first() if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user, form.remember.data) return redirect(url_for('home')) else: print(form.errors) return render_template('auth.html', form = form)
def login(): form = UserLoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() # show Austin how to debug (form.data.password) if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user) # put in layout template that the flash messages show flash(f'Logged in {user.firstName} {user.lastName}!', 'success') return redirect(url_for('home')) return render_template('login.html', title='Login', form=form)
def check_hashed_passwords(password_hash, password): try: # Initial boolean, set to false same_password = False # Using the bcrypt function to check if passwords are similar same_password = bcrypt.check_password_hash(password_hash, password) # Returning it return same_password except Exception as error: print("Error! %s" % error)
def loginUserFromDict(returnURL, userDict): ''' Log brueren ind fra Dict ''' user = User.query.filter(User.email.ilike(userDict['email'])).first() #find brugern hvor email er den samme som input email if user and bcrypt.check_password_hash(user.password, userDict['password']): #Er bruger ikke None & passer brugern's hashed det den samme som input email #Log brugen ind loginUser(user) #send til "returnURL" normalt Forsiden return redirect(returnURL) else: return render_login_user('Email eller kodeord er forkert')
def validate_password(self, password): return bcrypt.check_password_hash(bytes(self.password), password)