def login(): form = UserLoginForm() if request.method == 'GET': return render_template('login.html', form=form) if request.method == 'POST': if form.validate_on_submit(): username = form.username.data password = form.password.data user = User.query.filter(User.username == username).first() # 验证用户是否存在 if user: # 验证密码 if check_password_hash(user.password, password): # 密码正确 # 实现登录, django中auth.login(request, user) login_user(user) return redirect(url_for('app.index')) else: error = '密码错误' return render_template('login.html', error=error, form=form) else: # 账号不存在 error = '账号不存在!' return render_template('login.html', error=error, form=form) else: return render_template('login.html', form=form)
def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = UserLoginForm() search_form = SearchForm() if form.validate_on_submit(): user = mongo.db.users.find_one({'username': form.username.data}) if user and User.check_password(user['password'], form.password.data): user_obj = User(user['username'], user['email'], user['_id'], user['is_admin']) login_user(user_obj) # accesses the 'next page' query string to determine which url user wanted to visit # before being redirected to the login page. If no next page was given then redirects user # to the index page. 'url_parse.netloc' prevents malicious redirect attacks. This prevents #redirects by ensuring that the url is relative to the page. next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index') return redirect(next_page) else: flash('Wrong username or password', 'warning') return render_template('loginform.html', form=form, search_form=search_form, title='Login')
def login(): if current_user.is_authenticated: return redirect(url_for('index')) form = UserLoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash("""Invalid username or password. Please try again.""") return redirect(url_for('login')) login_user(user, remember=form.remember_me.data) return redirect(url_for('index')) return render_template('login.html', title='Sign In', form=form)
def login(): form = UserLoginForm() if request.method == 'POST' and form.validate_on_submit(): error = None user = User.query.filter_by(username=form.username.data).first() if not user: error = "존재하지 않는 사용자입니다." elif not check_password_hash(user.password, form.password.data): error = "비밀번호가 올바르지 않습니다." if error is None: session.clear() session['user_id'] = user.id return redirect(url_for('main.index')) flash(error) return render_template('auth/login.html', form=form)
def login(): form = UserLoginForm() if request.method == 'POST' and form.validate_on_submit(): error = None user = User.query.filter_by(email=form.email.data).first() if not user: error = "There are no matching emails." elif not check_password_hash(user.password, form.password.data): error = "incorrect password." if error is None: session.clear() session['user_id'] = user.email if user.authority_type == 1: session['admin_mode'] = True return redirect('/') flash(error, 'danger') return render_template('main/auth/login.html', form=form)
def user_login(): # If user is already logged in, redirect to home page if current_user.is_authenticated: return redirect(url_for("home")) # UserLoginForm object from forms.py user_login_form = UserLoginForm() if user_login_form.validate_on_submit(): user = User.query.filter_by( username=user_login_form.username.data).first() # Checks validity of username and if provided password matches username if (user is None) or (not user.check_password( user_login_form.password.data)): flash("Invalid username or password") return redirect(url_for("user_login")) else: # Login function from flask_login UserLoginForm().login_user(user, user_login_form.remember_me.data) return redirect(url_for("user_profile", username=user.username)) return render_template("user_login_form.html", title="Login", form=user_login_form)
def login_usuario(): if current_user.is_authenticated: return redirect(url_for('home')) form = UserLoginForm() if form.validate_on_submit(): usuario = Usuario.query.filter_by(nombre=form.nombre.data).first() if usuario is None or not usuario.check_password(form.password.data): flash('Nombre de usuario o contraseña es incorrecto', 'danger') return redirect(url_for('login_usuario')) login_user(usuario, remember=form.remember_me.data) app.logger.info(f'{datetime.now()}: {usuario} logged in') flash(f'Bienvenido {usuario.nombre}!', 'success') next_page = request.args.get('next') if next_page: try: next_page = my_utils.get_last_dir_url(next_page) return redirect(url_for(next_page)) except BuildError: app.logger.info( f'{datetime.now()}: Wierd redirect: {next_page} from {current_user} - {request.remote_addr}' ) return redirect(url_for('home')) else: return redirect(url_for('home')) return render_template('login.html', barra_busqueda=True, titulo='Login', form=form, debug=app.config['DEBUG'])
def user_login(): form = UserLoginForm() # POST: Process the PowerToken login form. if form.validate_on_submit(): username = form.username.data user = User.query.filter_by(username=username).first() # If the user has not been added to the database, add the user to the # database and redirect to the WEconnect login. if user is None: user = User(username=username) db.session.add(user) db.session.commit() return redirect(url_for("user_wc_login", username=username)) # If the user exists in the database, but the WEconnect (or Fitbit) # info isn't filled out, redirect to the WEconnect login. if any([not user.wc_id, not user.wc_token, not user.fb_token]): return redirect(url_for("user_wc_login", username=username)) #TODO Add token expiry check here # If user exists in the db, but token returns an error, then login again to refresh if not check_wc_token_status(user.wc_id, user.wc_token): return redirect(url_for("user_wc_login", username=username)) # If the user exists in the database, and the WEconnect and Fitbit info # is already filled out, bypass the login process. return redirect(url_for("user_home", username=username)) # GET: Render the PowerToken login page. error = request.args.get("error") if error: return render_template("user_login.html", form=form, error=error) else: return render_template("user_login.html", form=form)
def tdinfo(): dbSession = db.Session() userLoginForm = UserLoginForm() takedownTradeForm = TakedownTradeForm() stats = dbSession.getTDStats() def tdPage(userEmail): if userEmail is None: user = [None] else: uid = dbSession.getUid(userEmail) pname = dbSession.getPname(uid) tdScore = dbSession.getTakedownScore(uid) penaltyScore = dbSession.getPenaltyBalance(uid) userPenalties = dbSession.getPenalties(uid) userAssignments = dbSession.getUserAssignments(uid) assignments = [] if userAssignments: for dateId in userAssignments: tid = dbSession.getTid(dateId[0]) date = dbSession.getIsoDate(dateId[0]) meal = ["Lunch", "Dinner"][tid % 2] day = [ "Monday", "Tuesday", "Wednesday", "Thursday", "Friday" ][int((tid - tid % 2) / 2)] assignments.append([day + " " + meal, date, dateId[0]]) user = [pname, tdScore, penaltyScore, userPenalties, assignments] resp = make_response( render_template("tdinfo.html", user=user, userLoginForm=userLoginForm, takedownTradeForm=takedownTradeForm, stats=stats)) if userEmail: resp.set_cookie("userEmail", userEmail) dbSession.close() return resp if userLoginForm.submit.data and userLoginForm.validate_on_submit(): userEmail = userLoginForm.email.data dbSession.close() return tdPage(userEmail) if takedownTradeForm.submitData.data and takedownTradeForm.validate_on_submit( ): userEmail = takedownTradeForm.email.data uid = dbSession.getUid(userEmail) dateId = takedownTradeForm.dateId.data tid = dbSession.getTid(dateId) traders = dbSession.getAvailibility(tid) mail.TakedownTradeMessage(uid, dateId, traders) dbSession.close() return tdPage(userEmail) try: userEmail = request.cookies.get("userEmail") # dbSession.close() return tdPage(userEmail) except Exception: # dbSession.close() return tdPage(None)
def user_login_attempt(): form = UserLoginForm() email = request.form.get('email') login_ip = User.userIP() if form.validate_on_submit(): if not User.check_email(email): message = 'Incorrect login details' return render_template('auth/login.html', message=message, form=form, title="Login") if not User.check_hashed_password(request.form.get('password'), User.get_hashed_password(email)): User().verificationFail(email) message = 'Incorrect login details' return render_template('auth/login.html', message=message, form=form, title="Login") if not User.check_account_status(email): generate_new_verfication_code = EmailVerification(email).verifyAccountLink() Emails(request.form.get('email')).newUserVerification(generate_new_verfication_code) User().updateCodeinDB(request.form.get('email'), generate_new_verfication_code, 'activation_link') message = 'Your account has not been verified. Another email has been sent' return render_template('auth/login.html', form=form, message=message, title="Login") if User.(email): if User.check_ifcheck_account_lock_lock_is_expired(email): pass else: account_locked = Emails(email).accountLocked() message = 'Account Locked' return render_template('/auth/login.html', form=form, message=message, title="Login") if User.check_login_ip(email, login_ip): user_to_login = User.query.filter_by(email=email).first() login_user(user_to_login, remember=True) session['logged-in'] = True if current_user.get_role() == 'BUYER': return redirect(url_for('buyer_bp.dashboard')) elif current_user.get_role() == 'SELLER': return redirect(url_for('seller_bp.dashboard')) else: logout_user() return redirect('auth_bp.user_login') else: session['email'] = email session['ip'] = login_ip generate_verification_code = EmailVerification(email).emailVerificationCode() Emails(request.form.get('email')).sendVerificationEmail(User().userIP(), generate_verification_code) User.updateCodeinDB(session['email'], generate_verification_code, 'email_verification') return redirect(url_for('auth_bp.verify_new_ip')) else: if not User().check_form_email_validation(request.form.get('email')): message = 'Invalid Login Details' return render_template('auth/login.html', message=message, form=form, title="Login") message = 'Unknown Error Occured' return render_template('auth/login.html', message=message, form=form, title="Login")