def verify_code_form(email=''): try: form = VerifyForm(request.form, csrf_enabled=False) if request.method == 'GET': form.email.data = email if request.method == 'POST' and form.validate(): # set session session['user'] = request.form.get('email') # delete user from temporary delete_user_from_data(request.form.get('email')) # redirect return redirect(url_for('logged_in')) return render_template('verify.html', form=form) except Exception as e: #todo: error handling print(e)
def __verify(self, db_session, submit=True): """Show form for TOTP verification token. :param Session db_session: DB session :param bool submit: Whether form was submitted (False if shown after login form) """ if not TOTP_ENABLED or 'login_uid' not in session: # TOTP not enabled or not in login process return redirect(url_for('login')) user = self.find_user(db_session, id=session.get('login_uid', None)) if user is None: # user not found return redirect(url_for('login')) form = VerifyForm(meta=wft_locales()) if submit and form.validate_on_submit(): if self.user_totp_is_valid(user, form.token.data, db_session): # TOTP verified target_url = session.pop('target_url', self.tenant_prefix()) self.clear_verify_session() return self.__login_response(user, target_url) else: flash(i18n.t('auth.verfication_invalid')) form.token.errors.append(i18n.t('auth.verfication_invalid')) form.token.data = None if user.failed_sign_in_count >= MAX_LOGIN_ATTEMPTS: # redirect to login after too many login attempts return redirect(url_for('login')) return render_template('verify.html', form=form, i18n=i18n, title=i18n.t("auth.verify_page_title"))
def result(): form = VerifyForm() realorfake = "" if form.is_submitted(): result = request.form realorfake = predict([result['articletext']]) return render_template('index.html', form=form, realorfake=realorfake)
def setup_totp(self, submit=True): """Show form with TOTP QR Code and token confirmation. :param bool submit: Whether form was submitted (False if shown after login form) """ if not TOTP_ENABLED or 'login_uid' not in session: # TOTP not enabled or not in login process return redirect(url_for('login')) user = self.load_user(session.get('login_uid', None)) if user is None: # user not found return redirect(url_for('login')) totp_secret = session.get('totp_secret', None) if totp_secret is None: # generate new secret totp_secret = pyotp.random_base32() # store temp secret in session session['totp_secret'] = totp_secret form = VerifyForm() if submit and form.validate_on_submit(): if pyotp.totp.TOTP(totp_secret).verify(form.token.data, valid_window=1): # TOTP confirmed # save TOTP secret user.totp_secret = totp_secret # update last sign in timestamp and reset failed attempts # counter user.last_sign_in_at = datetime.utcnow() user.failed_sign_in_count = 0 self.user_query().session.commit() target_url = session.pop('target_url', '/') self.clear_verify_session() return self.__login_response(user, target_url) else: flash('Invalid verification code') form.token.errors.append('Invalid verification code') form.token.data = None # enable one-time loading of QR code image session['show_qrcode'] = True # show form resp = make_response( render_template('qrcode.html', title='Two Factor Authentication Setup', form=form, totp_secret=totp_secret)) # do not cache in browser resp.headers.set('Cache-Control', 'no-cache, no-store, must-revalidate') resp.headers.set('Pragma', 'no-cache') resp.headers.set('Expires', '0') return resp
def verify(self, submit=True): """Show form for TOTP verification token. :param bool submit: Whether form was submitted (False if shown after login form) """ if not TOTP_ENABLED or 'login_uid' not in session: # TOTP not enabled or not in login process return redirect(url_for('login')) user = self.load_user(session.get('login_uid', None)) if user is None: # user not found return redirect(url_for('login')) form = VerifyForm() if submit and form.validate_on_submit(): if self.user_totp_is_valid(user, form.token.data): # TOTP verified target_url = session.pop('target_url', '/') self.clear_verify_session() return self.__login_response(user, target_url) else: flash('Invalid verification code') form.token.errors.append('Invalid verification code') form.token.data = None if user.failed_sign_in_count >= MAX_LOGIN_ATTEMPTS: # redirect to login after too many login attempts return redirect(url_for('login')) return render_template('verify.html', title='Sign In', form=form)
def verify_otp(name, user_email, user_password): global otp form = VerifyForm() if request.method == "GET": flash(f"An OTP is send to your email ({user_email}) address.") otp = randint(123456, 987654) send_otp = SendOTP(user_name=name, user_email=user_email, otp=otp) send_otp.register_msgBody() send_otp.send_otp() if request.method == "POST" and form.validate_on_submit(): enter_otp = int(request.form.get("otp")) if enter_otp == otp: new_user = User(name=name, email=user_email, password=user_password) db.session.add(new_user) db.session.commit() # This line will authenticate the user with Flask-Login login_user(new_user) return redirect(url_for('get_all_posts')) else: flash("OTP mismatched, another OTP send to your email address.") return redirect(url_for('verify_otp', name=name, user_email=user_email, user_password=user_password)) return render_template("email-verification.html", form=form)
def verifyFile(request, cloudItem, tokenID, form): """ Verify file and metadata """ dajax = Dajax() try: t = parseAjaxParam(tokenID) ci = checkCloudItem(cloudItem, request.user.id) tkn = checkAccessToken(t, ci) f = VerifyForm(deserialize_form(form)) if f.is_valid(): verType = parseAjaxParam(f.cleaned_data['verificationType']) metaVerification = None downVerification = None dtaVerification = None v = Verifier(tkn) if verType == constConfig.VERIFY_CHOICE_METADATA: metaVerification = v.verifyMetadata() elif verType == constConfig.VERIFY_CHOICE_FILES or verType == constConfig.VERIFY_CHOICE_FILESHISTORY: downVerification = v.verifyFileDownload(verType) elif verType == constConfig.VERIFY_CHOICE_DTA_SIGNATURE: dtaVerification = v.verifyZIP() else: raise Exception("Invalid Verification Type") table = render_to_string( "dashboard/comparator/comparatorVerify.html", { "meta": metaVerification, 'file': downVerification, 'dta': dtaVerification }) dajax.assign("#verifyer", "innerHTML", table) dajax.assign("#verifyerError", "innerHTML", "") dajax.remove_css_class("#verifyerError", ['alert', 'alert-danger']) else: dajax.assign("#verifyer", "innerHTML", "") dajax.assign("#verifyerError", "innerHTML", "Invalid Form") dajax.add_css_class("#verifyerError", ['alert', 'alert-danger']) except Exception as e: dajax.assign("#verifyerError", "innerHTML", formatException(e)) dajax.add_css_class("#verifyerError", ['alert', 'alert-danger']) return dajax.json()
def register(): form = RegistrationForm() verifyform = VerifyForm() if form.validate_on_submit(): user = db.execute( "SELECT username FROM users where username = :username", { 'username': form.username.data }).fetchone() email = db.execute("SELECT email FROM users where email = :email", { 'email': form.email.data }).fetchone() if user: flash('Username taken!', 'danger') return render_template("register.html", form=form) if email: flash('An account with this email id already exist!', 'danger') return render_template("register.html", form=form) session['otp'] = randint(99999, 999999) session['username'] = form.username.data session['email'] = form.email.data session['password'] = form.password.data subject = 'Goodreads' mail = GMail(subject + ' <*****@*****.**>', os.getenv("password")) msg = Message('verify your email', to=form.email.data, text=f"use {session['otp']} as your verification code") mail.send(msg) return render_template("verify.html", email=session['email'], verifyform=verifyform) return render_template("register.html", form=form)
def verify(user_id=-1): if user_id is not -1: form = VerifyForm(request.form) if form.validate_on_submit(): user = User.query.filter_by(id=user_id).first_or_404() otp = OTP.query.filter_by(user_id=user.id).first_or_404() print('after gettig user'+str(user.id)) print(form.otp_num.data) if form.otp_num.data == 'open': login_user(user) flash('مرحبا بك في جمعة', 'success') return redirect(url_for('index')) #check otp if correct redirect to index and Login #else return to page with error msg return render_template('verify.html', form=form) else: return redirect(url_for('index'))
def verify(): verifyform = VerifyForm() if verifyform.validate_on_submit(): session['loggedin'] = 'True' if session['otp'] == verifyform.otp.data: db.execute( "INSERT INTO users (username, email, password) VALUES (:username, :email, :password)", { "username": session["username"], "email": session['email'], "password": session['password'] }) db.commit() flash(f"Account created for {session['username']}!", 'success') return redirect(url_for('home')) flash("verification code didn't match", 'danger') return render_template("verify.html", email=session['email'], verifyform=verifyform)
def verify(): form = VerifyForm() if form.validate_on_submit(): user = Users.query.filter_by(email=form.email.data).first() if user is not None and user.numberverification == form.numbercode.data: if user.verified == 0 or user.verified == False: user.verified = True db.session.commit() db.session.close() flash('Verified!') return redirect(url_for('login')) else: flash('You are already verified!') return redirect(url_for('login')) else: flash('Invalid code or email!') return redirect(url_for('verify')) return render_template('verify.html', form=form)
def verifyFile(request,cloudItem,tokenID,form): """ Verify file and metadata """ dajax = Dajax() try: t = parseAjaxParam(tokenID) ci = checkCloudItem(cloudItem,request.user.id) tkn = checkAccessToken(t,ci) f = VerifyForm(deserialize_form(form)) if f.is_valid(): verType = parseAjaxParam(f.cleaned_data['verificationType']) metaVerification = None downVerification = None dtaVerification = None v = Verifier(tkn) if verType == constConfig.VERIFY_CHOICE_METADATA: metaVerification = v.verifyMetadata() elif verType == constConfig.VERIFY_CHOICE_FILES or verType == constConfig.VERIFY_CHOICE_FILESHISTORY: downVerification = v.verifyFileDownload(verType) elif verType == constConfig.VERIFY_CHOICE_DTA_SIGNATURE: dtaVerification = v.verifyZIP() else: raise Exception ("Invalid Verification Type") table = render_to_string("dashboard/comparator/comparatorVerify.html",{"meta":metaVerification,'file': downVerification,'dta':dtaVerification}) dajax.assign("#verifyer","innerHTML",table) dajax.assign("#verifyerError","innerHTML","") dajax.remove_css_class("#verifyerError",['alert','alert-danger']) else: dajax.assign("#verifyer","innerHTML","") dajax.assign("#verifyerError","innerHTML","Invalid Form") dajax.add_css_class("#verifyerError",['alert','alert-danger']) except Exception as e: dajax.assign("#verifyerError","innerHTML",formatException(e)) dajax.add_css_class("#verifyerError",['alert','alert-danger']) return dajax.json()
def index(request): if request.method == 'POST': form = VerifyForm(request.POST, request.FILES) if form.is_valid(): form.verify() else: form = VerifyForm() return render(request, 'index.html', {'form': form})
def verify(): form = VerifyForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: if form.mantra.data == "secret": user.tdr_mark = int(form.mark.data) user.tdr_school = form.school.data db.session.commit() return redirect(url_for('verify')) else: flash("Aquest mantra no és vàlid") else: flash("No existeix cap usuari amb aquest correu") return render_template('verify.html', form=form)
def verify_user_otp(name, user_email): global otp form = VerifyForm() if request.method == "GET": otp = randint(123456, 987654) otp_send = SendOTP(user_name=name, user_email=user_email, otp=otp) otp_send.forgot_password_msgBody() otp_send.send_otp() if request.method == "POST" and form.validate_on_submit(): user_otp = int(request.form.get("otp")) if user_otp == otp: print(user_otp, otp) flash("Enter your new password, and note it in your dairy.") return redirect(url_for('reset_password', user_email=user_email)) else: flash("Wrong credentials provided, Please try again !") return redirect(url_for('login')) return render_template("forgot-password.html", form=form)
def comparatorView(request, cloudItem, tokenID): """ Show the timeline options """ #when the page loads display the comparator data = dict() data['objID'] = cloudItem data['tokenID'] = tokenID data['showToken'] = True data['form'] = VerifyForm() return render_to_response("dashboard/comparator/comparatorHome.html", data, context_instance=RequestContext(request))
def post(self, request): req = request.POST verify_form = VerifyForm(req) if not verify_form.is_valid(): context = {'form': verify_form} return render(request, 'users/verify.html', context) else: addr = verify_form.cleaned_data['wallet_addr'] amt = verify_form.cleaned_data['amount'] time = verify_form.cleaned_data['tx_time'] date = verify_form.cleaned_data['tx_date'] curr = verify_form.cleaned_data['curr'] desc = verify_form.cleaned_data['desc'] new_claim = PayClaim.objects.create(sender_addr=addr, user=request.user, amount=amt, date=date, time=time, curr=curr, description=desc) context = { 'claim': new_claim, 'msg': 'Your pay verification is being processed, your account will be credited once the pay is verified. Thanks for trading with us.', 'color': 'green' } return render(request, 'users/dashboard.html', context)
def about(): form = VerifyForm() if form.is_submitted(): result = request.form print(result['articletext']) return render_template('index.html', form=form)