def login():
if 'id' in session:
return redirect(url_for('route_main'))
if request.method == 'POST':
req = request.form
try:
if not util.verify_password(req['password'], data_manager.get_password(req['username'])[0]['password']):
flash('Incorrect password or username!')
return redirect(request.url)
else:
session['id'] = data_manager.get_user_id(req['username'])[0]['id']
session['username'] = req['username']
return redirect(url_for('route_main'))
except IndexError:
flash('Incorrect Username!')
return redirect(request.url)
return render_template('login.html')
def get_validation(cursor, user_id, pw):
cursor.execute(
"""
SELECT hashed_password FROM regduser
WHERE id = %(id)s;
""", {'id': user_id})
result = cursor.fetchall()
if result:
result = result[0]['hashed_password']
validation = util.verify_password(pw, result)
if validation == True:
return True
else:
return False
else:
return False
def login(message=None):
action = request.args.get('action')
if request.method == 'POST':
user_name = request.form.get('user_name')
password = request.form.get('password')
user_login_data = data_manager.get_user_login_data(user_name)
if len(user_login_data) == 1:
message = util.verify_password(password,
user_login_data[0]['password'])
if message:
session['username'] = user_name
return redirect('/')
else:
message = 'Wrong username or password!!'
else:
message = 'Username or password is wrong!'
return render_template('login.html', message=message, action=action)
def login_page(invalid_login=False):
if request.method == "GET":
return render_template('login.html', invalid_login=invalid_login)
elif request.method == "POST":
username = request.form['username']
text_password = request.form['password']
if data_manager.username_exist(username):
hashed_password = data_manager.get_hashed_password(username)
if util.verify_password(text_password, hashed_password):
session['username'] = username
return redirect('userPage.html')
else:
return render_template(
'login.html',
message='Incorrect login or password, please try again',
invalid_login=True)
def login():
if request.method == "GET":
return render_template("login.html")
elif request.method == "POST":
username = request.form['username']
hashed_password = data_handler.get_password_from_user_name(username)
try:
result = verify_password(request.form['password'],
hashed_password[0]['password'])
except IndexError:
return render_template("login.html")
if result:
session['username'] = request.form['username']
session['id'] = data_handler.get_id_from_user_name(
session['username'])
return redirect(url_for('index'))
else:
return render_template("login.html")
def login():
if request.method == 'POST':
hash = data_manager.get_hash_by_username(request.form['username'])
if hash and util.verify_password(request.form['password'], hash):
session['username'] = request.form['username']
session['user_id'] = data_manager.get_user_id_by_username(
session['username'])
return redirect(url_for('route_list'))
else:
return render_template('reg_login.html',
error='Wrong username/password',
title='Login',
server_function='login',
submit_text='Login!')
return render_template('reg_login.html',
title='Login',
server_function='login',
submit_text='Login!')
def login():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
if data_manager.get_usernames(username) is False:
reg_password = data_manager.get_password(username)
is_matching = util.verify_password(password, reg_password)
if is_matching:
session['username'] = request.form['username']
print(session)
return redirect(url_for('display_list'))
else:
message = "Wrong e-mail or password!"
return render_template('login_fail.html', message=message)
else:
message = "Wrong e-mail or password!"
return render_template('login_fail.html', message=message)
return render_template('login.html')
def login():
if request.method == "POST":
email = request.form["email"]
password = request.form["password"]
if data_manager.get_usernames(email) is False:
psw = util.hash_password(password)
reg_password = data_manager.get_password(email)
is_matching = util.verify_password(password, reg_password)
if is_matching:
session['email'] = request.form['email']
return redirect(url_for('main_page'))
else:
message = "Wrong e-mail or password!"
return render_template('login_fail.html', message=message)
else:
message = "Wrong e-mail or password!"
return render_template('login_fail.html', message=message)
return render_template('login.html')
def login():
BOOKS_HEADINGS = [
'ID', 'Title', 'Author', 'Published Date', 'ISBN', 'Copies', 'Status'
]
all_books = con.get_all_books()
member_page = False
is_member = False
new_sort_options = {
"book_id": "",
"title": "",
"author": "",
"ASC": "",
"DESC": ""
}
if request.method == 'POST':
member_to_login = con.check_registered_user(request.form['username'])
if len(member_to_login) > 0:
is_member = utl.verify_password(request.form['password'],
member_to_login[0]['password'])
if is_member:
member_page = True
session['username'] = request.form['username']
user_role = con.get_role_for_user(session['username'])['role']
member_full_name = con.get_user_full_name(session['username'])
return render_template('books.html',
member_to_login=member_to_login,
books_headings=BOOKS_HEADINGS,
all_books=all_books,
member_page=member_page,
member_full_name=member_full_name,
user_role=user_role,
new_sort_options=new_sort_options)
else:
return render_template('login.html', is_member=is_member)
else:
return render_template('login.html', is_member=is_member)
return render_template('login.html')
def check_auth(username, password):
"""This function is called to check if a username /
password combination is valid.
"""
if username == var.config.get("webinterface",
"user") and password == var.config.get(
"webinterface", "password"):
return True
web_users = json.loads(var.db.get("privilege", "web_access",
fallback='[]'))
if username in web_users:
user_dict = json.loads(var.db.get("user", username, fallback='{}'))
if 'password' in user_dict and 'salt' in user_dict and \
util.verify_password(password, user_dict['password'], user_dict['salt']):
return True
return False
def login():
if request.method == 'POST':
user = {
'username': request.form.get('username'),
'password': request.form.get('password')
}
hashed_password = data_handler.get_password(user)
verified = util.verify_password(user['username'],
hashed_password[0]['password'])
if verified:
user_all_data = data_handler.get_user_data(user)
session['user'] = user_all_data[0]['username']
return redirect(url_for('route_list'))
else:
return redirect(url_for('route_list'))
return render_template('login.html',
page_title='Login',
button_title='Login')
def is_user_valid(cursor, username, password):
cursor.execute("""
SELECT password
FROM users
WHERE
%(username)s = username;
""",
{'username': username,
})
user_pw_select = cursor.fetchall()
is_password_valid = util.verify_password(password, user_pw_select[0].get('password', ' '))
if is_password_valid:
return True
else:
return False
def login():
if request.method == 'POST':
session['message'] = None
try:
username = request.form['username']
password = request.form['password']
pw_hash = data_manager.get_hash(username)
if len(pw_hash) == 1:
password_hash = pw_hash[0]['password_hash']
valid = util.verify_password(password, password_hash)
if valid == True:
session['username'] = request.form['username']
else:
session['message'] = 'Invalid username or password'
except:
session['message'] = 'Invalid username or password'
return redirect('/')
def login():
if request.method == "GET":
try:
error = False
return render_template("login.html", error=error)
except (IndexError, UndefinedError):
abort(404)
elif request.method == "POST":
username = request.form['username']
hashed_password = data_manager.get_password_from_user_name(username)
try:
result = verify_password(request.form['password'], hashed_password[0]['password'])
except IndexError:
error = True
return render_template("login.html", error=error)
if result:
session['username'] = request.form['username']
session['id'] = data_manager.get_id_from_user_name(session['username'])
return redirect(url_for('five_latest_question'))
else:
error = True
return render_template("login.html", error=error)
def registration():
if request.method == 'POST':
req = request.form
hashed_password = util.hash_password(req['password'])
if data_manager.check_user_data('username', req['username']) is True:
flash('This username is already taken!')
return redirect(request.url)
elif data_manager.check_user_data('email_address', req['email']) is True:
flash('This email address is already taken!')
return redirect(request.url)
elif len(req['password']) < 7:
flash('Too short password! (Min. 7 character.)')
return redirect(request.url)
elif not util.verify_password(req['password_again'], hashed_password):
flash('The passwords are different!')
return redirect(request.url)
else:
list_of_data = [req['username'], req['email'], util.hash_password(req['password'])]
data_manager.add_new_user(list_of_data)
session['id'] = data_manager.get_user_id(req['username'])[0]['id']
session['username'] = req['username']
return redirect(url_for('route_main'))
return render_template('registration.html')
def index():
"""Renders the home page with the login form."""
# if already logged in
if 'username' in session:
username = session['username']
full_name = session['full_name']
return render_template("home.html", full_name=full_name)
# regular login
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
# retrieve details based on the username
user = db.execute(
"SELECT id, full_name, username, password FROM users WHERE username = :username",
{
'username': username
}).fetchone()
# if user doesn't exist
if user is None:
return render_template("index.html", error="Invalid Crendentials")
else:
password_check = verify_password(user.password, password)
if password_check:
session['username'] = user.username
session['full_name'] = user.full_name
session['id'] = user.id
return render_template("home.html", full_name=user.full_name)
else:
return render_template("index.html",
error="Invalid Crendentials")
# normal page visit, uses GET method
if request.method == "GET":
return render_template('index.html')
def check_password(self, password):
return util.verify_password(password, self.password)
