def check_auth(username, password): user = User.by_email(username) if user and user.check_password(password) and user.active: g.user = user return True else: return False
def recover(): form = RecoverRequestForm() if form.validate_on_submit(): user = User.by_email(form.data['email']) recover = EmailVerification.recover(user) db.session.add(recover) db.session.commit() send_mail( _("Password recover mail subject"), render_template("user/recover_mail.txt", user=user, recover=recover), [user.email]) return redirect(url_for(".recover_sent")) return render_template("user/recover.html", form=form)
def recover(): form = RecoverRequestForm() if form.validate_on_submit(): user = User.by_email(form.data['email']) recover = EmailVerification.recover(user) db.session.add(recover) db.session.commit() send_mail( _("Password recover mail subject"), render_template("user/recover_mail.txt", user=user, recover=recover), [user.email] ) return redirect(url_for(".recover_sent")) return render_template("user/recover.html", form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.by_email(form.data['email']) if not user or not user.check_password(form.data['password']): flash(_("user or passwort is not correct"), 'error') pass # fall through elif user and not user.verified: return redirect(url_for('.verify_wait', id=user.id)) elif user and not user.active: flash(_("account not activated"), 'error') else: login_user(user) session['authproxy_token'] = user.authproxy_token user.update_last_login() db.session.commit() flash(_("Logged in successfully."), 'success') return redirect(request.args.get("next") or url_for(".home")) # else: update form with errors return render_template("user/login.html", form=form)
def username_exists(form, field): if not User.by_email(field.data): raise ValidationError(_l('email does not exist.'))
def username_unique(form, field): if User.by_email(field.data): raise ValidationError(_l('email already exists.'))