def login(): try: if session['user_id']: return redirect("/index") except: pass form = LoginForm() if form.validate_on_submit(): user_name = form.username.data password = form.password.data user_model = UsersModel(users_db.get_connection()) true_pass = user_model.password_check(user_name) exists = user_model.exists(user_name, true_pass) if check_password_hash(true_pass, password) and exists[0]: session['username'] = user_name session['user_id'] = exists[1] session['block'] = exists[2] return redirect("/index") else: all_data = user_model.get_all() for x in all_data: if user_name == x[1]: return render_template('login.html', title='Авторизация', form=form, alert='Неправильный пароль') return render_template('login.html', title='Авторизация', form=form, alert='Такой пользователь не существует') return render_template('login.html', title='Авторизация', form=form, alert='')
def login(): form = LoginForm() if form.validate_on_submit(): user_name = form.username.data password = form.password.data user_model = UsersModel(users_db.get_connection()) true_pass = user_model.password_check(user_name) exists = user_model.exists(user_name, true_pass) if check_password_hash(true_pass, password) and exists[0]: session['username'] = user_name session['user_id'] = exists[1] return redirect("/index") return render_template('login.html', title='Sign in', form=form)
def api_auth(): if not request.json: return json.dumps({'error': 'Empty request'}) elif not all(key in request.json for key in ['pass', 'login']): return json.dumps({'error': 'Bad request'}) password = request.json['pass'] user_name = request.json['login'] user_model = UsersModel(users_db.get_connection()) true_pass = user_model.password_check(user_name) exists = user_model.exists(user_name, true_pass) if check_password_hash(true_pass, password) and exists[0]: token = generate_password_hash(str(password) + str(user_name)) user_model.add_token(token, exists[1]) return json.dumps({'token': token}) else: return json.dumps({'error': 'Incorrect info'})