def test_user_validate(): u = create_user_with_permissions() u.password = u'testpass123' db.sess.commit() assert User.validate(u.login_id, u'bad_password') is None assert User.validate(u'bad_login', u'testpass123') is None assert User.validate(u.login_id, u'testpass123').id == u.id
def post(self): if self.form.is_valid(): user = orm_User.validate( self.form.els.login_id.value, self.form.els.password.value ) if user: if user.inactive: session_user.add_message('error', 'That user is inactive.') else: load_session_user(user) log.application('user %s logged in; session id: %s; remote_ip: %s', user.login_id, rg.session.id, rg.request.remote_addr) session_user.add_message('notice', 'You logged in successfully!') if user.reset_required: url = url_for('auth:ChangePassword') else: url = after_login_url() redirect(url) else: log.application('user login failed; user login: %s; session id: %s; remote_ip: %s', self.form.elements.login_id.value, rg.session.id, rg.request.remote_addr) session_user.add_message('error', 'Login failed! Please try again.') elif self.form.is_submitted(): # form was submitted, but invalid self.form.assign_user_errors() self.default()