示例#1
0
def register():
    if request.method == 'GET':
        return render_template('register.html')
    elif request.method == 'POST':
        username = request.form['username']
        password = hashing.hash_password(request.form['password'])
        queries.insert_user(username, password)
        return redirect(url_for('login'))
示例#2
0
def add_userdata(username, password, role='user'):
    query = session.query(User.username).filter(User.username == username)
    role_id = session.query(Role.id).filter(Role.role == role)
    if query.first():
        return False
    hpassword = hash.hash_password(password)
    new_user = User(username=username, password=hpassword, role_id=role_id)
    session.add(new_user)
    session.commit()
    return True
示例#3
0
def registration():
    logout()
    username = request.form['username']
    password = request.form['userPassword']
    registration_time = str(datetime.now())
    # TODO checking if the username exsist The query is ""ready""
    hashed_password = hashing.hash_password(password)
    database_queri.save_username(username, hashed_password,
                                 registration_time[0:10])
    return render_template('login_registration_page.html')
示例#4
0
def sign_up_screen():

    sign_up_message = ""
    login_message = ""

    if request.method == 'POST':
        new_user_data = request.form.to_dict()

        if "new_user_name" in new_user_data:
            new_user_data["new_password"] = hashing.hash_password(
                new_user_data["new_password"])
            unsuccessful_sign_up = data_manager.sign_up(new_user_data)

            if unsuccessful_sign_up is True:
                sign_up_message = "Username taken. Enter another name."
                return render_template('login.html',
                                       sign_up_message=sign_up_message,
                                       login_message=login_message)

            else:
                sign_up_message = "Sign up successful. Login allowed"
                return render_template('login.html',
                                       sign_up_message=sign_up_message,
                                       login_message=login_message)

        else:
            login_data = request.form.to_dict()
            unhashed_password = login_data['password']
            user_name = login_data['user_name']
            hashed_password_dict = data_manager.get_hashed_password_by_user_name(
                user_name)

            if hashed_password_dict is None:
                login_message = "Incorrect user name or password."
                return render_template('login.html',
                                       sign_up_message=sign_up_message,
                                       login_message=login_message)

            else:
                hashed_password = hashed_password_dict['password']
                verified = hashing.verify_password(unhashed_password,
                                                   hashed_password)

                if verified:
                    session['user_id'] = data_manager.get_id_by_user_name(
                        user_name)['id']
                    session['user_name'] = login_data['user_name']
                    return redirect(url_for('index_page'))

                else:
                    login_message = "Incorrect user name or password."

    return render_template('login.html',
                           sign_up_message=sign_up_message,
                           login_message=login_message)
示例#5
0
def login(request):
    if request.method == 'GET':
        return render_template(request, 'login.html')
    elif request.method == 'POST':
        usr = request.POST['username']
        pw = request.POST['password']
        user = get_user(username=usr)
        if user:
            hashed = hash_password(pw, salt=user.salt)[0]
            if hashed == user.hashed_pw:
                return successful_login(request, user)
        else:
            c = {'error': 'invalid login'}
            return render_template(request, 'login.html', context=c)
示例#6
0
def signup(request):
    signup_template = 'signup.html'

    if request.method == "GET":
        return render_template(request, signup_template)

    elif request.method == "POST":
        usr = request.POST['username']
        pw = request.POST['password']
        verify = request.POST['verify']
        email = request.POST['email']
        error_occurred = False
        c = {
                'usr': '',
                'usr_val': '',
                'email': '',
                'email_val': '',
                'pw': '',
                'pw_val': '',
                'verify': '',
                'verify_val': ''}
        if not valid_username(usr):
            c['usr'] = "******"
            error_occurred = True
        else:
            c['usr_val'] = usr
        if not valid_email(email) and not email.strip() == "":
            c['email'] = "This email is invalid."
            error_occurred = True
        else:
            c['email_val'] = email
        if not valid_password(pw) :
            c['pw'] = "This password is inavlid."
            error_occurred = True
        else:
            c['pw_val'] = pw
        if verify != pw:
            c['verify'] = "These passwords do not match."
            error_occurred = True
        else:
            c['verify_val'] = verify
        if error_occurred:
            return render_template(request, signup_template, context=c)
        else:
            hashed = hash_password(pw)
            user = User(username=usr, hashed_pw=hashed[0], salt=hashed[1], email=email)
            user.save()
            return successful_login(request, user)
示例#7
0
def route_registration():
    registration = True
    if request.method == "POST":
        username = request.form["username"]
        existing_username = data_manager.check_username(username)
        if existing_username:
            message = "Sorry, we already have a user by that username."
            return render_template("register-login.html",
                                   registration=registration,
                                   message=message)
        else:
            password = request.form["password"]
            hashed_password = hashing.hash_password(password)
            data_manager.insert_user(username, hashed_password)
            return redirect(url_for('route_login'))
    else:
        return render_template("register-login.html",
                               registration=registration)
示例#8
0
def register_process():
    """handles the user register form"""

    #get form variables
    email = request.form.get('email')
    password = request.form.get('pwd')
    username = request.form.get('username')

    hashed_password = hashing.hash_password(password)
    print hashed_password

    #check if username in db
    user = User.query.filter((User.username == username)
                             | (User.email == email)).first()

    # if user is empty add user to db
    if not user:
        #add user to db
        new_user = User(email=email,
                        username=username,
                        password=hashed_password)
        flash("Welcome %s." % (username))
        db.session.add(new_user)
        db.session.commit()

        created_user = User.query.filter_by(username=username).first()

        #create the key value pair in the session(= magic dictionary)
        #(flask's session)
        session['user_id'] = created_user.user_id

        # renders a user page
        return render_template('user_page.html')
    else:
        if user.email == email:
            flash("%s email already has an account." % (email))
            return redirect("/")
        else:
            flash("%s username is already taken. Choose something else." %
                  (username))
            return redirect("/")
示例#9
0
def register_process():
    """handles the user register form"""
    
    #get form variables
    email = request.form.get('email')
    password = request.form.get('pwd')
    username = request.form.get('username')

    hashed_password = hashing.hash_password(password)
    print hashed_password


    #check if username in db
    user = User.query.filter( (User.username == username) | (User.email == email) ).first()

    # if user is empty add user to db
    if not user:
        #add user to db
        new_user = User(email=email, username=username, password=hashed_password)
        flash("Welcome %s."  % (username))
        db.session.add(new_user)
        db.session.commit()

        created_user = User.query.filter_by(username=username).first()

        #create the key value pair in the session(= magic dictionary)
        #(flask's session)
        session['user_id'] = created_user.user_id
        
        # renders a user page
        return render_template('user_page.html')
    else:
        if user.email == email:
            flash("%s email already has an account."  % (email))
            return redirect("/")
        else:
            flash("%s username is already taken. Choose something else." % (username)) 
            return redirect("/")
示例#10
0
def settings():
    if "username" in session:
        #freedom of editing your personal preferences
        # pass word and e-mail
        user_id = session["userid"]
        user_name = session["username"]
        e_mail = db.get_user_eemail(user_id)
        if request.method == "POST":
            new_name = request.form["u_name"]
            new_password = request.form["password"]
            confirm = request.form["password2"]
            new_mail = request.form["e_mail"]

            edit_successful = False
            error = False

            if user_name != new_name:
                if new_name == '':
                    flash("Please enter a username", "username_error")
                    error = True
                elif len(new_name) < 4:  # if length of username is less than 4
                    flash("Username must be at least 4 characters",
                          "username_error")
                    # Categorizes the messsage into a category called "username_error"
                    error = True
                elif len(new_name
                         ) > 25:  # if length of username is greater than 25
                    flash("Username must not exceed 25 characters",
                          "username_error")
                    error = True
                elif " " in new_name:  # if the username contains any whitespaces
                    flash("Username must not contain any spaces",
                          "username_error")
                    error = True
                elif db.check_username_already_used(new_name) == True:
                    flash("Username is already being used", "username_error")
                    error = True

            if new_password != '':
                if len(new_password) < 8:
                    flash("Password must be at least 8 characters long",
                          "password_error")
                    error = True
                elif not any(
                        char.isupper() for char in new_password
                ):  # if the password contains no uppercase letters
                    flash("Password must contain at least 1 uppercase letter",
                          "password_error")
                    error = True
                elif not any(char.islower() for char in new_password
                             ):  # if the password contans no lowercase letters
                    flash("Password must contain at least 1 lowercase letter",
                          "password_error")
                    error = True
                elif not any(char.isdigit() for char in new_password
                             ):  # if the password contains no numbers
                    flash("Password must contain at least 1 number",
                          "password_error")
                    error = True
                elif confirm != new_password:  # if the password does not match the other password the user entered
                    flash("Passwords do not match", "password_error")
                    error = True

            if new_mail != e_mail:
                if new_mail == '':
                    flash("Please enter an email address", "email_error")
                    error = True
                elif db.check_email_already_used(new_mail) == True:
                    flash("Email is already registed to an account",
                          "email_error")
                    error = True

            if error == False:
                if user_name != new_name:
                    db.edit_personal_data(user_id, 'username', new_name)
                    edit_successful = True
                if new_password != '':

                    get_name = db.get_user_name_from_id(user_id)
                    hashed_password = hashing.hash_password(
                        get_name, new_password)
                    db.edit_personal_data(user_id, 'password', hashed_password)
                    edit_successful = True
                if new_mail != e_mail:
                    db.edit_personal_data(user_id, 'email', new_mail)
                    edit_successful = True

            if edit_successful == True:
                # making the user know her/his changes were saved

                done = 'Your Edit Was Successful'
                return redirect(url_for("settings", successful=done))

            return render_template("settings.html",
                                   u_name=user_name,
                                   e_mail=e_mail)
        else:
            return render_template("settings.html",
                                   u_name=user_name,
                                   e_mail=e_mail)
    else:

        return redirect(url_for("login"))
示例#11
0
def signup():
    '''The signup page for the application.
	Arguments:
		Nothing
	Returns:
		redirect(url_for("account_verification")): redirects user to the verification page on successful signup
		render_template("signup.html"): gets the signup.html file from the templates folder
	'''
    global verification_username
    if request.method == "POST":

        username = request.form["username"]
        password = request.form["password"]
        confirm = request.form["confirm"]
        email = request.form["email"]

        error = False

        if username == '':
            flash("Please enter a username", "username_error")
            error = True
        elif len(username) < 4:  #if length of username is less than 4
            flash("Username must be at least 4 characters", "username_error")
            #Categorizes the messsage into a category called "username_error"
            error = True
        elif len(username) > 25:  #if length of username is greater than 25
            flash("Username must not exceed 25 characters", "username_error")
            error = True
        elif " " in username:  #if the username contains any whitespaces
            flash("Username must not contain any spaces", "username_error")
            error = True
        elif db.check_username_already_used(username) == True:
            flash("Username is already being used", "username_error")
            error = True

        if password == '':
            flash("Please enter a password", "password_error")
            error = True
        elif len(password) < 8:
            flash("Password must be at least 8 characters long",
                  "password_error")
            error = True
        elif not any(char.isupper() for char in
                     password):  #if the password contains no uppercase letters
            flash("Password must contain at least 1 uppercase letter",
                  "password_error")
            error = True
        elif not any(char.islower() for char in
                     password):  #if the password contans no lowercase letters
            flash("Password must contain at least 1 lowercase letter",
                  "password_error")
            error = True
        elif not any(
                char.isdigit()
                for char in password):  #if the password contains no numbers
            flash("Password must contain at least 1 number", "password_error")
            error = True
        elif confirm != password:  #if the password does not match the other password the user entered
            flash("Passwords do not match", "password_error")
            error = True

        if email == '':
            flash("Please enter an email address", "email_error")
            error = True
        elif db.check_email_already_used(email) == True:
            flash("Email is already registed to an account", "email_error")
            error = True

        if error == False:
            hashed_password = hashing.hash_password(username, password)
            db.add_user(username, hashed_password, email, 0)
            session["verificationusername"] = username
            return redirect(url_for("account_verification"))

    return render_template("signup.html")
示例#12
0
def change_password(username, password):
    user = session.query(User).filter(User.username == username)
    if user.first():
        hpassword = hash.hash_password(password)
        user.first().password = hpassword
        session.commit()
示例#13
0
def change_password_for_user(user):
    new_pass = request.form['new-password']
    user.salt = get_salt()
    user.pass_hash = hash_password(new_pass, user.salt)
    user.save()
示例#14
0
def verify_password_change(user):
    old_password = request.form['old-password']
    pass_hash = hash_password(old_password, user.salt)
    return (pass_hash == user.pass_hash or has_role('ROLE_ADMIN')) and \
        request.form['new-password'] == request.form['repeat-new-password']