def validateUser(username, password): user = lookupByUsername(username) if not user: return False if user.password != password: logging.debug("Wrong password: "******"vs " + str(password)) return False return True
def login(): clientId = request.args.get("clid") or "Touch Login" next = request.args.get("next") logging.debug(next) #call user authorization and all that stuff if request.method == 'POST': #i.e. ajax call next = request.json.get("next") clientId = request.json.get("clid") or "Touch Login" if request.json.get("username"): user = lookupByUsername(request.json.get("username")) if user: statusRequest = verifyUser(user, clientId) if statusRequest.resolved == 1: #SUCCESSFUL AUTH #logging.debug("4") session["username"] = user.username logging.debug(next) statusRequest.key.delete() if next and validateRedirect(next): logging.debug("redirecting to " + next) return json.dumps(vars(FunctionReturn(next, 0))) else: return json.dumps( vars(FunctionReturn(url_for("home"), 0))) elif statusRequest.resolved == -1: #Timed out flash( "Authentication request timed out. Please try again.", "error") statusRequest.key.delete() # logging.debug("2") return json.dumps( vars( FunctionReturn( "Authentication request timed out. Please try again.", 4))) else: #If this fires, shit has been messed up. logging.critical(request) return json.dumps( vars(FunctionReturn("No idea what happened.", 4))) #Force reload on client-side else: # logging.debug("5") flash("User does not exist.", "error") return json.dumps( vars(FunctionReturn("User does not exist", 1))) else: # logging.debug("6") flash("Imma need a username, bruh.", "error") return json.dumps(FunctionReturn("Username is not there.", 5)) else: # logging.debug("7") return render_template('login.html', next=next, clientId=clientId)
def login(): clientId = request.args.get("clid") or "Touch Login" next = request.args.get("next") logging.debug(next) #call user authorization and all that stuff if request.method == 'POST': #i.e. ajax call next = request.json.get("next") clientId = request.json.get("clid") or "Touch Login" if request.json.get("username"): user = lookupByUsername(request.json.get("username")) if user: statusRequest = verifyUser(user, clientId) if statusRequest.resolved == 1: #SUCCESSFUL AUTH #logging.debug("4") session["username"]=user.username logging.debug(next) statusRequest.key.delete() if next and validateRedirect(next): logging.debug("redirecting to " + next) return json.dumps(vars(FunctionReturn(next, 0))) else: return json.dumps(vars(FunctionReturn(url_for("home"), 0))) elif statusRequest.resolved == -1: #Timed out flash("Authentication request timed out. Please try again.", "error") statusRequest.key.delete() # logging.debug("2") return json.dumps(vars(FunctionReturn("Authentication request timed out. Please try again.", 4))) else: #If this fires, shit has been messed up. logging.critical(request) return json.dumps(vars(FunctionReturn("No idea what happened.", 4))) #Force reload on client-side else: # logging.debug("5") flash("User does not exist.", "error") return json.dumps(vars(FunctionReturn("User does not exist", 1))) else: # logging.debug("6") flash("Imma need a username, bruh.", "error") return json.dumps(FunctionReturn("Username is not there.", 5)) else: # logging.debug("7") return render_template('login.html', next = next, clientId = clientId)
def before_request(): if 'username' in session: username = session['username'] g.user = lookupByUsername(username) else: g.user = None