def login():
if request.method == 'POST':
username = request.form['username']
password_candidate = request.form['password']
cur = mysql.connection.cursor()
result = cur.execute('SELECT * FROM admin WHERE username = %s',
[username])
print('yes')
if result > 0:
data = cur.fetchone()
password = data['password']
if sha256_crypt.verify(password_candidate, password):
session['logged_in'] = True
session['username'] = username
session['prof'] = 1
flash('You are logged in', 'success')
return redirect(url_for('adminDash'))
else:
error = 'Invalid login'
return render_template('login.html', error=error)
cur.close()
result1 = cur.execute('SELECT * FROM member WHERE username = %s',
[username])
if result1 > 0:
data = cur.fetchone()
password = data['password']
if sha256_crypt.verify(password_candidate, password):
session['logged_in'] = True
session['username'] = username
session['prof'] = 2
result2 = cur.execute(
'SELECT trainer_id FROM member WHERE username = %s',
[username])
result3 = cur.fetchone()
result4 = result3['trainer_id']
print(result4)
if result4 == None:
return redirect(url_for('fillDetails'))
flash('You are logged in', 'success')
return redirect(url_for('memberDash'))
else:
error = 'Invalid login'
return render_template('login.html', error=error)
cur.close()
else:
error = 'Username NOT FOUND'
return render_template('login.html', error=error)
return render_template('login.html')
def login():
form = LoginForm(request.form)
if request.method == "POST":
nickname = form.nickname.data
password_entered = form.password.data
cursor = mysql.connection.cursor()
sorgu = "Select * From users where nickname = %s"
result = cursor.execute(sorgu,(nickname,))
if result > 0:
data = cursor.fetchone()
real_password = data["password"]
if sha256_crypt.verify(password_entered,real_password):
flash("Başarıyla giriş yapıldı. Hoşgeldiniz...","success")
session["logged_in"] = True
session["nickname"] = nickname
return redirect(url_for("emre"))
else:
flash("Parola hatalı!","danger")
return redirect(url_for("login"))
else:
flash("Böyle bir kullanıcı bulunmuyor...","danger")
return redirect(url_for("login"))
else:
pass
return render_template("login.html",form = form)
def login():
form = LoginForm(request.form)
if request.method == 'POST':
username = form.username.data
password_entered = form.password.data
cursor = mysql.connection.cursor()
sorgu = 'Select * From users where username=%s'
result = cursor.execute(sorgu, (username, ))
if result > 0:
data = cursor.fetchone()
real_password = data['password']
if sha256_crypt.verify(password_entered, real_password):
flash('Başarıyla Giriş Yaptınız...', 'success')
#oturum kontrolü
session['logged_in'] = True
session['username'] = username
return redirect(url_for('index'))
else:
flash('Parolanızı Yanlış Girdiniz... ', 'danger')
return redirect(url_for('login'))
else:
flash('Böyle bir kullanıcı bulunmuyor', 'danger')
return redirect(url_for('login'))
else:
return render_template('login.html', form=form)
def login():
if request.method == "POST":
# test = sha256_crypt.encrypt("P@ssw0rd")
username = request.form.get("username")
password = request.form.get("password")
remember_me = bool(request.form.get("remember_me"))
redirect_url = next(
iter(
parse_qs(request.query_string.decode("utf-8")).get("next")
or []), '/')
data = {
'username': username,
'password': password,
'remember_me': remember_me
}
user = User.query.filter(User.username == username).first()
if not user:
return render_template(
'login.html',
errors={'user': _('User does not exist')},
data=data)
# Check pass is valid
if sha256_crypt.verify(password, user.password):
login_user(user, remember=remember_me)
session.pop('_flashes', None)
else:
return render_template(
'login.html',
errors={'password': _('Password is incorrect')},
data=data)
return redirect(redirect_url)
return render_template('login.html', errors={}, data={})
def login_page():
error = ''
try:
c, conn = connection()
if request.method == "POST":
data = c.execute("SELECT * FROM users WHERE username = '******' " % (request.form["username"]))
data = c.fetchone()[2]
if sha256_crypt.verify(request.form['password'], data):
session['logged_in'] = True
session['username'] = request.form['username']
flash("You are now logged in")
return redirect(url_for("homepage"))
else:
error = "Invalid credentials, try again."
gc.collect()
return render_template("login.html", error=error)
except Exception as e:
# flash(e)
error = "Exception"
return render_template("login.html", error=error)
def login():
if request.method == 'POST':
#Get Form Fields
username = request.form['username']
password_candidate = request.form['password']
#Create a cursor
cur = mysql.connection.cursor()
#Get user by username
result = cur.execute("SELECT * FROM user WHERE username = %s",
[username])
if result > 0:
# Get stored hash
data = cur.fetchone()
password = data['password']
#Compare passwords
if sha256_crypt.verify(password_candidate, password):
#Passed
session['logged_in'] = True
session['username'] = username
flash('You are now logged in', 'success')
return redirect(url_for('dashboard'))
else:
error = 'Invalid Login'
return render_template('login.html', error=error)
cur.close()
else:
error = 'Username not found'
return render_template('login.html', error=error)
return render_template('login.html')
def login():
form = LoginForm(request.form)
if request.method == "POST":
username = form.username.data
password_entered = form.password.data
cursor = mysql.connection.cursor()
query = "Select * from users where username = %s"
result = cursor.execute(query, (username, ))
if result > 0:
data = cursor.fetchone()
cursor.close()
real_password = data["password"]
if sha256_crypt.verify(password_entered, real_password):
flash("<strong>Hoşgeldin!</strong> Giriş yapıldı!", "success")
session["logged_in"] = True
session["username"] = username
return redirect(url_for("index"))
else:
flash("<strong>Dikkat!</strong> Parola Yanlış!", "danger")
redirect(url_for("login"))
else:
flash("<strong>Dikkat!</strong> Böyle bir kullanıcı bulunmuyor!",
"danger")
redirect(url_for("login"))
return render_template("login.html", form=form)
def login():
form = LoginForm(request.form)
if request.method == "POST":
username = form.username.data
password_entered = form.password.data
cursor = mysql.connection.cursor()
query = "Select * From users where username = %s"
result = cursor.execute(query, (username, ))
if result > 0:
data = cursor.fetchone()
real_password = data["password"]
if sha256_crypt.verify(password_entered, real_password):
flash("Successfully logged in!", "success")
session["logged_in"] = True
session["username"] = username
return redirect(url_for("index"))
else:
flash("Incorrect password!", "danger")
return redirect(url_for("login"))
else:
flash("Incorrect username!", "danger")
return redirect(url_for("login"))
else:
return render_template("login.html", form=form)
def login():
form = LoginForm(request.form)
if request.method == "POST" and form.validate():
email = form.email.data
password = form.password.data
cursor = mysql.connection.cursor()
sql = "Select * from Users WHERE Email=%s"
result = cursor.execute(sql, (email, ))
if result > 0:
data = cursor.fetchone()
real_pw = data["Password"]
if sha256_crypt.verify(password, real_pw):
flash("Giriş başarılı.", "success")
session["IsAdmin"] = data["IsAdmin"]
session["LoggedIn"] = True
session["Name"] = data["Name"]
session["Surname"] = data["Surname"]
return redirect(url_for('index'))
else:
flash(
"Şifreniz yanlış. Sıfırlamak için aşağıdaki şifremi unuttum linkini kullanabilirsiniz.",
"danger")
return redirect(url_for('login'))
else:
flash("Bu e-posta adresine kayıtlı bir kullanıcı bulunamadı.",
"danger")
return redirect(url_for('login'))
else:
return render_template("login.html", form=form)
def login():
if request.method == 'POST':
# Get the fields
POST_USERNAME = request.form['username']
POST_PASSWORD = request.form['password']
# Create a cursor
cur = mysql.connection.cursor()
# Get user by username
result = cur.execute("SELECT * FROM users WHERE username = %s",
[POST_USERNAME])
if result > 0:
# Get the stored hash
data = cur.fetchone()
password = data['password']
# Compare the passwords
if sha256_crypt.verify(POST_PASSWORD, password):
session['logged_in'] = True
session['username'] = POST_USERNAME
flash('You are now logged in', 'success')
return redirect(url_for('dashboard'))
else:
error = 'Invalid Login'
return render_template('login.html', error=error)
# Close connection
cur.close()
else:
return render_template('login.html')
def login():
"""This function returns the login page"""
error = None
if request.method == "POST":
#log usernames and passwords to txt file
entered_name = request.form['username']
entered_pw = request.form['pwd']
f = open("usernames.txt", "r")
f2 = open("passfile.txt", "r")
lines = f.readlines()
lines2 = f2.readlines()
username_found = False
pw_found = False
for line in lines:
if entered_name == line.strip():
username_found = True
for line1 in lines2:
if sha256_crypt.verify(entered_pw, line1.strip()):
pw_found = True
if username_found and pw_found:
session['user'] = entered_name
return render_template('welcome.html')
else:
error = "You could not be logged in"
return render_template('login.html', error=error)
def login():
form = LoginForm(request.form)
if request.method == "POST":
username = form.username.data
password_entered = form.password.data
cursor = mysql.connection.cursor()
sorgu = "Select * From users where username=%s"
result = cursor.execute(sorgu, (username, ))
if (result > 0):
data = cursor.fetchone()
real_password = data["password"]
if sha256_crypt.verify(password_entered, real_password):
flash("Başarıyla Giriş Yaptınız")
session["logged_in"] = True
session["username"] = username
return redirect(url_for("index"))
else:
flash("Parolanızı Yanlış Girdiniz")
return redirect(url_for("login"))
else:
flash("Hatalı kullanıcı adı girdiniz")
return redirect(url_for("login"))
return render_template("login.html", form=form)
def login():
form = LoginForm(request.form)
if request.method == "POST":
username = form.username.data
password_entered = form.password.data
cursor = mysql.connect.cursor()
sorgu = "Select * From users where username = %s" #Herşeyi alıyor datadan
result = cursor.execute(sorgu, (username, )) #Yanlışsa sonuç 0 geliyor
if result > 0:
data = cursor.fetchone()
real_password = data["password"]
if sha256_crypt.verify(password_entered,
real_password): #Verify doğrula
flash("Başarıyla giriş yaptınız", "success")
session["logged_in"] = True
session["username"] = username
return redirect(url_for("index"))
else:
flash("Parolanızı kontrol ediniz.", "danger")
return redirect(url_for("login"))
else:
flash("Böyle bir kullanıcı adı bulunmamaktadır.", "danger")
return redirect(url_for("login"))
return render_template("login.html", form=form)
def adminlogin(request):
try:
if 'admin' in request.session:
return HttpResponseRedirect('/adminh4u')
if request.method == 'POST':
email = request.POST.get('email')
password = request.POST.get('password')
login_cred = CustomUser.objects.filter(email=email, password=password, is_superuser=True)
if login_cred:
det = User.objects.filter(email=email).values()
details = login_cred[0]
dets = []
for i in det:
for k, v in i.items():
dets.append(v)
superuser = dets[3]
if email == details['email'] and sha256_crypt.verify(password, details['password']):
request.session['email'] = email
request.session['admin'] = True
if superuser:
return redirect('app:adminh4u')
else:
messages.warning(request, 'Not an admin, please contact administrator')
else:
messages.warning(request, 'Not an admin, please contact administrator')
return render(request, 'app/adminlogin.html')
else:
return render(request, 'app/adminlogin.html')
except:
return render(request, 'app/adminlogin.html')
def check(email: str, password: str) -> bool:
user = Base.users.find_one({"email": email})
if user:
db_password = User.get_model(user).password
if sha256_crypt.verify(password, db_password):
return True
return False
def login():
error = ''
conn = psycopg2.connect(conn_string)
conn2 = psycopg2.connect(conn_string)
try:
if request.method == "POST":
attempted_username = request.form['username']
attempted_password = request.form['password']
cursor = conn.cursor()
cursor2 = conn2.cursor()
salida = ""
salida2 = ""
cursor.execute("SELECT nombre FROM usuario where nombre = (%s)", [request.form['username']])
cursor2.execute("SELECT password FROM usuario where nombre = (%s)", [request.form['username']])
for row in cursor:
salida += str(row[0])
for row in cursor2:
salida2 += str(row[0])
if attempted_username == salida and sha256_crypt.verify(attempted_password, salida2):
valores.usuarioActual = salida
return redirect((url_for('dashboard')))
else:
error = "Invalid Credentials. Please try again"
return render_template("login.html", error = error)
except Exception as e:
return render_template("login.html", error = error)
def login():
form = LoginForm(request.form)
if request.method == "POST":
username = form.username.data
password_entered = form.password.data
cursor = mysql.connection.cursor()
sorgu = "SELECT * FROM users where username = %s"
result = cursor.execute(sorgu, (username, ))
if result > 0:
data = cursor.fetchone()
real_password = data["password"]
if sha256_crypt.verify(password_entered, real_password):
flash(message="Başarıyla Giriş Yaptınız...",
category="success")
session["logged_in"] = True
session["username"] = username
return redirect(location=url_for("index"))
else:
flash(message="Parola Hatalı...", category="danger")
return redirect(location=url_for("login"))
else:
flash(message="Böyle bir kullanıcı bulunmuyor...",
category="danger")
return redirect(location="login")
return render_template("login.html", form=form)
def login():
form = LoginForm(request.form)
if request.method == "POST":
username=form.username.raw_data[0]
password_entered=form.password.raw_data[0]
cursor = mysql.connection.cursor()
sorgu = "Select * From User where username = %s"
result = cursor.execute(sorgu,(username,))
if result > 0:
data = cursor.fetchone()
real_password = data ["password"]
#print(form.password.raw_data[0])
if sha256_crypt.verify(password_entered , real_password):
flash("başarıyla giriş yaptınız","success")
return redirect(url_for("index"))
else:
flash("uyumsuz","danger")
else:
flash("kullanıcı uyumsuz","danger")
return redirect(url_for("login"))
return render_template("login.html",form= form)
def login():
form = LoginForm(request.form)
if request.method == "POST":
username = form.username.data
password_entered = form.password.data
cursor = database.connection.cursor()
sorgu = "Select * from users where username = %s"
result = cursor.execute(sorgu, (username, ))
if result > 0:
data = cursor.fetchone()
real_password = data["password"]
if sha256_crypt.verify(password_entered, real_password):
flash("Başarıyla giriş yaptınız...", "success")
session["logged_in"] = True
session["username"] = username
return redirect(url_for("index"))
else:
flash("Parolanız uyuşmuyor.. Lütfen Kontrol Ediniz..",
"danger")
return redirect(url_for("login"))
else:
flash("Böyle bir kullanıcı bulunmuyor...", "warning")
return redirect(url_for("login"))
return render_template("login.html", form=form)
def verify(email, password):
user = User.query.filter_by(email=email).first()
if user and sha256_crypt.verify(password, user.password):
return user
return False
def log_in(request, session):
from flask_app import Users
username = request.form['username']
password_p = request.form['password']
q = Users.query.filter(Users.username == username).first()
if not q:
return {
'status': 'error',
'message': 'User not found',
'level': 'danger'
}
else:
if sha256_crypt.verify(password_p, q.password):
session['logged_in'] = True
session['username'] = username
session['user_id'] = q.id
if q.admin:
session['admin'] = 1
return {'status': 'OK', 'message': 'Logged in', 'level': 'success'}
else:
return {
'status': 'error',
'message': 'Invalid Passord',
'level': 'danger'
}
def showSignIn():
error = ''
try:
if request.method == "POST":
name = request.form['inputName']
password = sha256_crypt.encrypt(str(request.form['inputPassword']))
c, conn = connection()
data = c.execute("SELECT * FROM doctor WHERE docname = (%s)", name)
data = c.fetchone()[4]
if sha256_crypt.verify(password, data):
session['logged_in'] = True
session['username'] = name
flash("You are now logged in")
return redirect(url_for("main"))
else:
print data
error = "Invalid credentials, try again."
gc.collect()
return render_template("signin.html", error=error)
except Exception as e:
# flash(e)
error = "Invalid credentials, try again."
return render_template("signin.html", error=error)
def verifyPw(phone, password):
if not UserExist(phone):
return False
hashed_pw = mongo.db.Register.find_one({"Phone": phone})["Password"]
if sha256_crypt.verify(password, hashed_pw):
return True
else:
return False
def token():
username = request.json.get("username", None)
password = request.json.get("password", None)
user = User.query.filter(User.username == username).first()
if not user:
return {"msg": "Bad username"}, 401
if sha256_crypt.verify(password, user.password):
access_token = create_access_token(identity=username)
return {"access_token": access_token}
else:
return {"msg": "Bad password"}, 401
async def authenticate(request, username, password, should_remember=False):
user = await UserFactory(request).get_by_name(username)
if user.is_authenticated():
if sha256_crypt.verify(password, user.password):
if should_remember:
await remember_user(request, user.id)
return user
else:
raise PasswordDoesNotMatchError("Некорректный пароль")
else:
raise UserNotFoundError("Пользователь не найден")
def update_password(username):
form = ChangePasswordForm(request.form)
if request.method == 'POST' and form.validate():
new = form.new_password.data
entered = form.old_password.data
if session['prof'] == 1:
cur = mysql.connection.cursor()
cur.execute("SELECT password FROM admin WHERE username = %s",
[username])
old = (cur.fetchone())['password']
if sha256_crypt.verify(entered, old):
cur.execute(
"UPDATE admin SET password = %s WHERE username = %s",
(sha256_crypt.encrypt(new), username))
mysql.connection.commit()
cur.close()
flash('New password will be in effect from next login!!',
'info')
return redirect(
url_for('adminDash', username=session['username']))
cur.close()
flash('Old password you entered is wrong!!, try again', 'warning')
if session['prof'] == 2:
cur = mysql.connection.cursor()
cur.execute("SELECT password FROM member WHERE username = %s",
[username])
old = (cur.fetchone())['password']
if sha256_crypt.verify(entered, old):
cur.execute(
"UPDATE member SET password = %s WHERE username = %s",
(sha256_crypt.encrypt(new), username))
mysql.connection.commit()
cur.close()
flash('New password will be in effect from next login!!',
'info')
return redirect(
url_for('memberDash', username=session['username']))
cur.close()
flash('Old password you entered is wrong!!, try again', 'warning')
return render_template('updatePassword.html', form=form)
return render_template('updatePassword.html', form=form)
def check_user_login(self, username, password):
"""
Creates a gamed based on user_id
:param username: user unique identifier
:param password: users password
:return: user_id
"""
user_details = self.user_repository.get_user_details(username)
if sha256_crypt.verify(password, user_details['password']):
return user_details['user_id']
return None
def check_token(self, token):
customer = session.query(UsersDbTable).filter_by(email=data['email']).first()
if customer is not None:
if sha256_crypt.verify(data['password'], customer.password) is False:
abort(401)
else:
return (
{'name': customer.name, 'surname': customer.surname, 'email': customer.email,
'pseudo': customer.pseudo,
'type': customer.type, 'token': customer.token})
else:
abort(401)
def validate(self):
initial_validation = super(LoginForm, self).validate()
if not initial_validation:
return False
user = t.Users.query.filter_by(email=self.email.data).first()
if not user:
self.email.errors.append('Unknown email')
return False
if not sha256_crypt.verify(self.password.data, user.password):
self.password.errors.append('Incorrect Password')
return False
return True
def login_js():
if request.method == 'POST':
# get form fields
username = request.form['username']
password_candidate = request.form['password']
# create cursor
cur = mysql.connection.cursor()
# get user by username
result = cur.execute("SELECT * FROM users WHERE username= %s",
[username])
if result > 0:
# get stored hash
data = cur.fetchone()
password = data['password']
# compare passwords
if sha256_crypt.verify(password_candidate, password):
# passed
session['logged_in'] = True
session['username'] = username
# Get articles
query_string = "SELECT * FROM users WHERE username=%s"
cur1 = mysql.connection.cursor()
result = cur1.execute(query_string, (username, ))
idofdoctor = cur1.fetchone()
session['id'] = idofdoctor['id']
cur1.close()
app.logger.info('PASSWORD MATCHED')
flash('you are now logged in', 'success')
return jsonify({'success': 'Logged in!'})
else:
error = 'Invalid login, wrong password'
app.logger.info('PASSWORD NOT MATCHED')
# flash('password not matched', 'success')
return jsonify({'Failed': 'login failed, try again!'})
return render_template('login.html', error=error)
# close connection to mysql
cur.close()
else:
error = 'Invalid login, No such user'
app.logger.info('NO USER')
flash('no user', 'success')
return render_template('login.html', error=error)
return render_template('login.html')
def test_create_user(login, password, is_superuser, setup_tables):
engine = get_engine(settings.DATABASE.DSN)
runner = CliRunner()
params = ['--login', login, '--password', password]
if is_superuser:
params.append('--is_superuser')
runner.invoke(create_user, params)
query = users.select().where(users.c.login == login)
with engine.connect() as conn:
result = conn.execute(query)
user = result.fetchone()
assert user.is_superuser is is_superuser
assert sha256_crypt.verify(password, user.passwd)
def login():
# Vraagt het eerder gemaakte 'NieuweGebruikerForm' form aan.
form = LoginForm()
# Zodra de post op de pagina langs de vallidators van WTForm zijn gegaan kan de rest plaatsvinden.
if form.validate_on_submit():
# Nodig voor de request die we hierna gaan maken.
inloggen = LoginForm(request.form)
# Alle velden worden binnengehaald en aan een variabele gekoppelt.
username = inloggen.gebruikersnaam.data
password = inloggen.password.data
# Haal username en wachtwoord op uit de database.
cur.execute(
"SELECT username, password, rank, forename, lastname, idUser, idWoning FROM User WHERE username =%s",
(escape(username)),
)
login_info = cur.fetchall()
# Bestaat deze username wel? Anders een error...:
if not login_info == ():
# Wachtwoord vergelijken met hash:
if hash.verify(password, login_info[0][1]):
session["ingelogd"] = True
session["login"] = login_info
if int(login_info[0][2]) == 3:
return redirect(url_for("admin"))
elif int(login_info[0][2]) == 2:
return redirect(url_for("meldkamer"))
else:
return redirect(url_for("bewoner"))
else:
form.password.errors.append("")
else:
form.gebruikersnaam.errors.append("")
return render_template("login.html", LoginForm=form)
def verify_password(self,trypass):
return sha256_crypt.verify(trypass,self.password_hash)
def verify_password(password: str, original: str) -> bool:
return sha256_crypt.verify(password, original)
def valid_password(self, password):
return sha256_crypt.verify(password, self.password)
