def validate(self): if not super(ExtendedLoginForm, self).validate(): return False if self.login_name.data.strip() == '': self.login_name.errors.append(get_message('EMAIL_NOT_PROVIDED')[0]) return False if self.password.data.strip() == '': self.password.errors.append(get_message('PASSWORD_NOT_PROVIDED')[0]) return False self.user = _datastore.get_user(self.login_name.data) if self.user is None: self.login_name.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if not self.user.is_active: self.login_name.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate(self): if self.name.data.strip() == '': self.name.errors.append(get_message('NAME_NOT_PROVIDED')[0]) return False if self.password.data.strip() == '': self.password.errors.append( get_message('PASSWORD_NOT_PROVIDED')[0]) return False self.user = User.first(name=self.name.data) if self.user is None: self.user = User.create(name=self.name.data, active=True, password=encrypt_password( self.password.data)) return True if self.user is None: self.name.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False return True
def verify_pw(username, password): user = services.users.get(email=username) if not user: return False return verify_and_update_password(password, user)
def validate(self): if not super(DeploymentLoginForm, self).validate(): return False if self.email.data.strip() == '': self.email.errors.append(get_message('EMAIL_NOT_PROVIDED')[0]) return False if self.password.data.strip() == '': self.password.errors.append( get_message('PASSWORD_NOT_PROVIDED')[0]) return False self.user = _datastore.find_user(email=self.email.data, deployment=g.deployment) if self.user is None: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if requires_confirmation(self.user): self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) return False if not self.user.is_active(): self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate_password(form, field): user = db.session.query(User).filter_by(email=form.email.data).first() if not user: raise ValidationError('Inccorect Email or Password combination') if not verify_and_update_password(field.data, user): raise ValidationError('Inccorect Email or Password combination') login_user(user)
def authenticate(username, password): user = _datastore.get_user(username) if user and verify_and_update_password(password, user): _log.info("%s authenticated successfully", username) return user if not user: _log.warn("Authentication failed; unknown username %s", username) else: _log.warn("Authentication failed; invalid password for %s", username)
def _check_json_auth(): security = current_app.extensions['security'] auth = request.get_json() user = security.datastore.find_user(email=auth['email']) if user and utils.verify_and_update_password(auth['password'], user): utils.login_user(user) return True return False
def validate(self): if not super(ExtendedChangePasswordForm, self).validate(): return False if not verify_and_update_password(self.password.data, current_user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if self.password.data.strip() == self.new_password.data.strip(): self.password.errors.append(get_message('PASSWORD_IS_THE_SAME')[0]) return False return True
def index(self): login_user_form = LoginForm() if login_user_form.validate_on_submit(): user = user_datastore.get_user(login_user_form.email.data) if verify_and_update_password(login_user_form.password.data, user): login_user(user, login_user_form.remember.data) return self.render( 'admin/master.html') #redirect(url_for('indexview.index')) #self._template_args['login_user_form'] = login_user_form return render_template('members.html', login_user_form=login_user_form) #class NewsPostView(sqla.ModelView): # column_list = ['title', 'content', 'date', 'live'] # column_editable_list = ('live',) # form_columns = ['title', 'content'] # form_widget_args = { # 'content': { # 'rows': 15 # } # } # def is_accessible(self): # return current_user.is_authenticated #def get_save_return_url(self, model, is_created): # return url_for('newspost.index_view') #def _handle_view(self, name, **kwargs): # if not self.is_accessible(): # return redirect(url_for('loginview.index', next=request.url)) # def __init__(self, session, **kwargs): # super(NewsPostView, self).__init__(NewsPost, session, **kwargs) #class CategoryView(sqla.ModelView): # form_columns = ['name'] # column_labels = dict(name='Category') # def is_accessible(self): # return current_user.is_authenticated #def _handle_view(self, name, **kwargs): # if not self.is_accessible(): # return redirect(url_for('loginview.index', next=request.url)) # def __init__(self, session, **kwargs): # super(CategoryView, self).__init__(Category, session, **kwargs)
def index(self): login_user_form = LoginForm() if login_user_form.validate_on_submit(): user = user_datastore.get_user(login_user_form.email.data) if verify_and_update_password(login_user_form.password.data, user): login_user(user, login_user_form.remember.data) return self.render('admin/master.html')#redirect(url_for('indexview.index')) #self._template_args['login_user_form'] = login_user_form return render_template('members.html', login_user_form=login_user_form) #class NewsPostView(sqla.ModelView): # column_list = ['title', 'content', 'date', 'live'] # column_editable_list = ('live',) # form_columns = ['title', 'content'] # form_widget_args = { # 'content': { # 'rows': 15 # } # } # def is_accessible(self): # return current_user.is_authenticated #def get_save_return_url(self, model, is_created): # return url_for('newspost.index_view') #def _handle_view(self, name, **kwargs): # if not self.is_accessible(): # return redirect(url_for('loginview.index', next=request.url)) # def __init__(self, session, **kwargs): # super(NewsPostView, self).__init__(NewsPost, session, **kwargs) #class CategoryView(sqla.ModelView): # form_columns = ['name'] # column_labels = dict(name='Category') # def is_accessible(self): # return current_user.is_authenticated #def _handle_view(self, name, **kwargs): # if not self.is_accessible(): # return redirect(url_for('loginview.index', next=request.url)) # def __init__(self, session, **kwargs): # super(CategoryView, self).__init__(Category, session, **kwargs)
def authenticate(username, password): user = _datastore.get_user(username) if user and verify_and_update_password(password, user) and user.roles: _log.info("%s authenticated successfully, logging in", username) login_user(user) user.save() #Saving just in case to make sure the login stats are tracked. _request_ctx_stack.top.current_user = user return user if not user: _log.warn("Authentication failed; unknown username %s", username) else: _log.warn("Authentication failed; invalid password for %s", username) if not user.roles: _log.warn("Authentication failed; No user roles found.")
def load_user_from_request(request): apikey = request.headers.environ.get('HTTP_X_API_KEY', None) if apikey: user = user_datastore.find_user(apikey=apikey) if not user: return None else: auth = request.headers.get('Authorization') if not auth or auth.count(':') != 1: return None login, password = auth.split(':') user = user_datastore.find_user(email=login.strip()) if user is None: return None if not verify_and_update_password(password.strip(), user): return None return user if login_user(user) else None
def validate(self): rv = Form.validate(self) if not rv: return False user = db.session.query(User)\ .filter(func.lower(User.email) == func.lower(self.email.data))\ .first() if user is None: self.email.errors.append('Email address is not registered') return False if not verify_and_update_password(self.password.data, user): self.password.errors.append('Password is not valid') return False self.user = user return True
def validate(self): # this is a temporary fix to allow login to accounts with empty # passwords; this should not be permitted generally. if self.password.data.strip() == '': self.password.data = '_empty_' # skip calling parent's validate, but do call parent's parent if not super(SecurityLoginForm, self).validate(): return False if self.email.data.strip() == '': self.email.errors.append(get_message('EMAIL_NOT_PROVIDED')[0]) return False # TODO: this will become functional once empty passwords are disallowed if self.password.data.strip() == '': self.password.errors.append(get_message('PASSWORD_NOT_PROVIDED')[0]) return False self.user = _datastore.get_user(self.email.data) if self.user is None: self.email.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False # this is changed from upstream, to make non-PasswordUsers fail early # and reliably if not isinstance(self.user, models.PasswordUser): self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False # this is changed from upstream, to fail due to unconfirmed before # checking for wrong password, to ensure a better error message if self.user.confirmed_at is None: self.email.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if not self.user.is_active(): self.email.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate(self): if not super(LoginForm, self).validate(): return False self.user = m.User.query.filter_by(username=self.username.data).first() if self.user is None: self.user.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False if requires_confirmation(self.user): self.user.errors.append(get_message('CONFIRMATION_REQUIRED')[0]) return False if not self.user.is_active(): self.user.errors.append(get_message('DISABLED_ACCOUNT')[0]) return False return True
def validate(self): name = self.name.data self.name.errors = [] #not sure why errors are being passed in a tuples self.password.errors = [] if name.strip() == '': self.name.errors.append('Please enter a name') return False self.user = User.find_user_by_name(name).first() if self.user is None: self.user = User.find_user_by_email(email=name).first() if self.user is None: self.name.errors.append('User does not exist, please register') return False if not verify_and_update_password(self.password.data, self.user): self.password.errors.append('Password is not valid') return False if not self.user.is_active(): self.name.errors.append('Account has been disabled') return False return True
def validate(self): print "in validate" # if not super(LoginForm, self).validate(): # print "False1" # return False if self.name.data.strip() == '': print "False2" self.name.errors.append(get_message('NAME_NOT_PROVIDED')[0]) return False if self.password.data.strip() == '': self.password.errors.append( get_message('PASSWORD_NOT_PROVIDED')[0]) return False self.user = User.first(name=self.name.data) if self.user is None: self.user = User.create(name=self.name.data, active=True, password=encrypt_password( self.password.data)) return True print "got user as %s" % self.user if self.user is None: self.name.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: print self.password.errors self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): print self.password.errors self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False return True
def validate(self): print "in validate" # if not super(LoginForm, self).validate(): # print "False1" # return False if self.name.data.strip() == '': print "False2" self.name.errors.append(get_message('NAME_NOT_PROVIDED')[0]) return False if self.password.data.strip() == '': self.password.errors.append( get_message('PASSWORD_NOT_PROVIDED')[0]) return False self.user = User.first(name=self.name.data) if self.user is None: self.user = User.create( name=self.name.data, active=True, password=encrypt_password(self.password.data)) return True print "got user as %s" % self.user if self.user is None: self.name.errors.append(get_message('USER_DOES_NOT_EXIST')[0]) return False if not self.user.password: print self.password.errors self.password.errors.append(get_message('PASSWORD_NOT_SET')[0]) return False if not verify_and_update_password(self.password.data, self.user): print self.password.errors self.password.errors.append(get_message('INVALID_PASSWORD')[0]) return False return True
def check_password(self, password): if self.password is None: return False return verify_and_update_password(password, self)
def check_password(self, password): return verify_and_update_password(password, self)