async def login(request):
"""
Validate form, login and authenticate user with JWT token
"""
path = request.query_params['next']
data = await request.form()
form = LoginForm(data)
username = form.username.data
password = form.password.data
if request.method == "POST" and form.validate():
try:
results = await User.get(
username=username)
hashed_password = results.password
valid_password = check_password(password, hashed_password)
if not valid_password:
user_error = "Invalid username or password"
return templates.TemplateResponse(
"accounts/login.html",
{
"request": request,
"form": form,
"user_error": user_error
},
)
# update login counter and login time
results.login_count += 1
results.last_login = datetime.datetime.now()
await results.save()
response = RedirectResponse(BASE_HOST + path, status_code=302)
response.set_cookie(
"jwt", generate_jwt(results.username), httponly=True
)
response.set_cookie(
"admin", ADMIN, httponly=True
)
return response
except: # noqa
user_error = "Please register you don't have account"
return templates.TemplateResponse(
"accounts/login.html",
{
"request": request,
"form": form,
"user_error": user_error,
},
)
return templates.TemplateResponse("accounts/login.html", {
"request": request,
"form": form,
"path": path
})
async def login(request):
"""
Validate form, login and authenticate user with JWT token
"""
data = await request.form()
form = LoginForm(data)
username = form.username.data
password = form.password.data
if request.method == "POST" and form.validate():
try:
query = users.select().where(users.c.username == username)
results = await database.fetch_one(query)
hashed_password = results["password"]
valid_password = check_password(password, hashed_password)
if not valid_password:
user_error = "Invalid username or password"
return templates.TemplateResponse(
"accounts/login.html",
{
"request": request,
"form": form,
"user_error": user_error
},
)
request.session["user"] = results["username"].capitalize()
# update login counter and login time
update_query = users.update(users.c.username == username).values(
login_count=users.c.login_count + 1,
last_login=datetime.datetime.now())
await database.execute(update_query)
response = RedirectResponse(url="/", status_code=302)
response.set_cookie("jwt",
generate_jwt(results["username"]),
httponly=True)
response.set_cookie("admin", ADMIN, httponly=True)
return response
except TypeError:
user_error = "Please register you don't have account"
return templates.TemplateResponse(
"accounts/login.html",
{
"request": request,
"form": form,
"user_error": user_error
},
)
return templates.TemplateResponse("accounts/login.html", {
"request": request,
"form": form
})
async def login(request):
"""
Validate form, login and authenticate user
"""
path = request.query_params["next"]
data = await request.form()
form = LoginForm(data)
username = form.username.data
password = form.password.data
if request.method == "POST" and form.validate():
if await User.exists().where(User.username == username).run():
results = await (User.select().columns(
User.id, User.username, User.password).where(
(User.username == username)).first()).run()
valid_user = await User.login(username=username, password=password)
if not valid_user:
user_error = "Invalid username or password"
return templates.TemplateResponse(
"accounts/login.html",
{
"request": request,
"form": form,
"user_error": user_error,
},
)
response = RedirectResponse(BASE_HOST + path, status_code=302)
response.set_cookie("jwt",
generate_jwt(results["username"]),
httponly=True)
return response
else:
user_error = "Please register you don't have account"
return templates.TemplateResponse(
"accounts/login.html",
{
"request": request,
"form": form,
"user_error": user_error,
},
)
return templates.TemplateResponse("accounts/login.html", {
"request": request,
"form": form
})
