def login(): # forget any user_id session.clear() if request.method == "POST": username = request.form.get("username") password = request.form.get("password") # Ensure username or password was submitted if not username or not password: flash('Input valid username or password') return render_template("login.html") # check if user exists in table if count_user(username) != 1 or check_password(username, password) == False: flash('Invalid username or password') return render_template("/login.html") # Query database for username userid = get_userid(username, password) # Remember which user has logged in session["user_id"] = userid # Redirect user to home page return redirect("/") else: return render_template("login.html")
def login(): if request.method == 'GET': return render_template('users/login.html', mlh_oauth_url=helpers.mlh_oauth_url()) # handle login POST logic email = request.form.get('email') password = request.form.get('password') if not email or not password: flash('Please fill out the required fields!', 'error') return redirect( request.url ) # redirect to original url to prevent loss of possible url parameters user = User.query.filter_by(email=email).first() if user is None: flash( "We couldn't find an account related with this email. Please verify the email entered.", 'error') return redirect(request.url) elif not user.password: # they signed up with MLH or are a corporate account and have no password flash('An error occurred. Please contact us for more information.', 'error') return redirect(request.url) elif not helpers.check_password(user.password, password): flash('Invalid password. Please try again.', 'warning') return redirect(request.url) login_user(user, remember=True) target = request.args.get('next') if (target and is_safe_url(target)): return redirect(target) else: flash('Logged in successfully!', 'success') return redirect(url_for(get_default_dashboard_for_role()))
def login(email, password): login = False user = User.get_user_by_email(email) if user: if helpers.check_password(password, user.password) == user.password: login = True now = datetime.now() user.last_login = now user.login_history.insert(0, str(now)) user.put() return login, user
def login(): ... """ if 'user_id' in session: user is already logged in redirect to dashboard if username and password match get the user from db session['user_id'] = user.id else bhul login ache, hobe na """ username = request.form.get('username') if request.method == 'POST': missing_val = [] password = request.form.get('password') if not username: missing_val.append('username') elif not password: missing_val.append("password") error = ' ' if missing_val: error = (' ').join(missing_val) + " are required" return render_template('login.html', error=error) userrow = db.execute( ''' Select password from users where username=:username ''', { "username": username }).fetchone() if not userrow: error = " Sorry {username} doesn't exist. Please register." return redirect(url_for('user_blueprint.register'), error=error) for row in userrow: hash_password = row if not check_password(hash_password, password): return render_template('login.html', error="Password Doesn't match ") else: session['username'] = username return redirect(url_for('book_blueprint.search')) else: # session['username']=username # return redirect( url_for('user_blueprint.login')) return render_template('login.html')
def login(): if request.method == 'GET': if current_user.is_authenticated: return redirect(url_for('dashboard')) return render_template('users/login.html') email = request.form['email'].lower().strip() password = request.form['password'] user = User.query.filter_by(email=email).first() if user is None or not check_password(user.password, password): flash(u"Invalid username or password.", 'warning') return redirect(url_for('login')) login_user(user, remember=True) flash(u'Logged in successfully!', 'success') return redirect(request.args.get('next') or url_for('dashboard'))
def login(): if request.method == 'GET': if current_user.is_authenticated: return redirect(url_for('dashboard')) return render_template('users/login.html') email = request.form['email'] password = request.form['password'] user = User.query.filter_by(email=email).first() if user is None: flash("We couldn't find an account related with this email. Please verify the email entered.", "warning") return redirect(url_for('login')) elif not check_password(user.password, password): flash("Invalid Password. Please verify the password entered.", 'warning') return redirect(url_for('login')) login_user(user, remember=True) flash('Logged in successfully!', 'success') return redirect(request.args.get('next') or url_for('dashboard'))
def post(self): username = self.get_argument('username') password = self.get_argument('password') try: user = User.objects(username=username)[0] if not check_password(user, password): raise ValueError() self.set_secure_cookie('auth', username) result = { 'type': 'redirect', 'redirect_url': self.reverse_url('home') } except Exception as e: result = {'type': 'error', 'message': 'Invalid credentials'} self.write(result)
def login(): username = request.form['username'] password = request.form['password'] category = request.form['category'] session['username'] = username pass_hash = hashlib.md5(password.encode()) session['password'] = pass_hash.hexdigest() session['category'] = category status, message = helpers.check_password(username, password, category) if status: session['logged_in'] = True else: flash(message) return index()
def post(self): user_username = self.request.get('username') user_password = self.request.get('password') user_verify = self.request.get('verify') user_email = self.request.get('email') username_error = helpers.check_username(user_username) password_error = helpers.check_password(user_password) verify_error = '' if not password_error: verify_error = helpers.check_verify(user_verify, user_password) email_error = helpers.check_email(user_email) if (username_error or password_error or verify_error or email_error): self.write_form(user_username, '', '', user_email, username_error, password_error, verify_error, email_error) else: self.redirect('/welcome?username=%s' % user_username)
def sign_in(): #First, if someone is trying to sign in if request.method == "POST": #Check if all the fields are filled in if not request.form.get("username"): return render_template("sign_in.html", error="Please fill in your username.") elif not request.form.get("password"): return render_template("sign_in.html", error="Please fill in your password.") #Save their data into variables username = request.form.get("username") password = request.form.get("password") #Then, check if that user already exists if db.execute("SELECT * FROM users WHERE username = :username", { "username": username }).rowcount == 0: return render_template( "sign_in.html", error="Invalid credentials. Please try again.") #Since they do exist, check their password passkey = db.execute( "SELECT passkey FROM users WHERE username = :username", { "username": username }).fetchone() #Since the password is right, store session and redirect them to home if check_password(password, passkey.passkey): session["USERNAME"] = username return redirect(url_for('home')) #Since that's not the case, return invalid credentials return render_template("sign_in.html", error="Invalid credentials. Please try again.") #If they just brought up the page, then don't do anything, just wait else: return render_template("sign_in.html")
def post(self): self.user_username = self.request.get('username') self.user_password = self.request.get('password') self.user_verify = self.request.get('verify') self.user_email = self.request.get('email') username_error = helpers.check_username(self.user_username) password_error = helpers.check_password(self.user_password) verify_error = '' if not password_error: verify_error = helpers.check_verify(self.user_verify, self.user_password) email_error = helpers.check_email(self.user_email) if (username_error or password_error or verify_error or email_error): self.write_form(self.user_username, '', '', self.user_email, username_error, password_error, verify_error, email_error) else: self.done()
def index(): # POST-request to this route means the user tries to log in if request.method == "POST": # Check if all required fields were filled in if not request.form.get("username"): return render_template("sorry.html", error="Username field not filled in") if not request.form.get("password"): return render_template("sorry.html", error="Must fill in password") # Get data from form username = request.form.get("username") password = request.form.get("password") # Query database for user userrow = db.execute("SELECT passwordhash FROM users WHERE username = :username", {"username": username}).fetchone() # If we get no data back here, the user is not in our database= if not userrow: return render_template("sorry.html", error="We could not find that username. Have you signed up yet?") # Get passwordhash from userrow for row in userrow: userhash = row # We found the user. Continue to check if filled-in password was correct if not check_password(userhash, password): return render_template("sorry.html", error="Password incorrect.") # If we get here, we found the user and the password is correct. Continue to log in. else: session["user"] = username return redirect("/loginhome") # Branch for GET-request to index page; prompt for login else: if session.get("user") is None: return render_template("welcome.html") else: return redirect("/loginhome")
def login(): if request.method == 'GET': return render_template('users/login.html') email = request.form['email'] password = request.form['password'] remember_me = False if 'remember_me' in request.form: remember_me = True user = User.query.filter_by(email=email).first() if user is None: flash( "We can't find an account related with this Email id. Please verify the Email entered.", "error") return redirect(url_for('login')) elif not check_password(user.password, password): flash("Invalid Password. Please verify the password entered.") return redirect(url_for('login')) login_user(user, remember=remember_me) flash('Logged in successfully') return redirect(request.args.get('next') or url_for('dashboard'))
def login(): if request.method == 'GET': if current_user.is_authenticated(): return redirect(url_for('dashboard')) return render_template('users/login.html') email = request.form['email'] password = request.form['password'] remember_me = False if 'remember_me' in request.form: remember_me = True user = User.query.filter_by(email=email).first() if user is None: flash("We can't find an account related with this Email id. Please verify the Email entered.", "error") return redirect(url_for('login')) elif not check_password(user.password, password): flash("Invalid Password. Please verify the password entered.") return redirect(url_for('login')) login_user(user, remember = remember_me) # flash('Logged in successfully') # this is ugly return redirect(request.args.get('next') or url_for('dashboard'))
def login(): if request.method == 'GET': if current_user.is_authenticated: return redirect(url_for('corp-dash')) return render_template('corporate/login.html') else: email = request.form['email'].lower() password = request.form['password'] user = User.query.filter_by(email=email).first() if user is None: flash("We couldn't find an account related with this email. Please verify the email entered.", "warning") return redirect(url_for('corp-login')) elif user.password is None: flash('This account has not been setup yet. Please click the login link in your setup email.') return redirect(url_for('corp-login')) elif not check_password(user.password, password): flash("Invalid Password. Please verify the password entered.", 'warning') return redirect(url_for('corp-login')) login_user(user, remember=True) flash('Logged in successfully!', 'success') if 'ADMIN' in user.roles: return redirect(url_for('admin-dash')) return redirect(url_for('corp-dash'))