我们从Python开源项目中,提取了以下49个代码示例,用于说明如何使用flask_login.current_user.password()。
def validate(self): rv = BaseForm.validate(self) if not rv: return False if current_user.name in self.password.data: self.password.errors.append(ERROR_PASSWORD_CONTAINS_USERNAME) return False if self.password.data != self.password_repeat.data: self.password_repeat.errors.append(ERROR_PASSWORD_REPEAT_MISMATCHES) return False if not compare_digest(current_user.password, hash_password(self.password_current.data, current_user.salt)): self.password_current.errors.append(ERROR_PASSWORD_INCORRECT) return False return True
def do_ldap_authentication(username, password): """Authenticate users with CERT-EU LDAP server :param username: CERT-EU email or username :param password: Account password """ if '@' in username: ldap_user = username.split('@')[0] else: ldap_user = username ldap_info, ldap_authenticated = _ldap_authenticate(ldap_user, password) if ldap_authenticated: u = User.query.filter_by( email=ldap_info['userPrincipalName'][0]).first() if not u: _save_ldap_user(ldap_info) u = User.query.filter_by( email=ldap_info['userPrincipalName'][0]).first() if login_user(u, remember=True): return ApiResponse({'auth': 'authenticated'}, 200) raise ApiException('Invalid username or password', 401)
def _ldap_authenticate(username, password): """Performs a search bind to authenticate a user. LDAP server details are defined in :doc:`config`. :param username: LDAP username :param password: LDAP password :return: Returns a tuple of user_info and authentication status :rtype: tuple """ user = ldap3_manager.get_user_info_for_username(username) ldap_auth = ldap3_manager.authenticate_search_bind(username, password) if ldap_auth.status is AuthenticationResponseStatus.success: authenticated = True else: authenticated = False return user, authenticated
def password_reset_request(): """Request for reseting password when user forget his/her password. """ if not current_user.is_anonymous: return redirect(url_for('.index')) form = PasswordResetRequestForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: token = user.generate_reset_token() send_email(user.email, 'Reset Your Password', 'auth/email/reset_password', user=user, token=token, next=request.args.get('next')) flash('An email with instructions to reset your password has been ' 'sent to you.') return redirect(url_for('auth.login')) return render_template('auth/reset_password.html', form=form)
def password_reset(token): """Reset password using token. """ if not current_user.is_anonymous: return redirect(url_for('.index')) form = PasswordResetForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is None: return redirect(url_for('.index')) if user.reset_password(token, form.password.data): flash('Your password has been updated.') return redirect(url_for('auth.login')) else: return redirect(url_for('.index')) return render_template('auth/reset_password.html', form=form)
def personalsubmitpassword(): '''Change user's password in database''' user_login = User.attempt_login(current_user.studentid, request.form['old']) if user_login is None: fail('You have entered wrong old password. Please enter again.', 'status_pw') elif request.form['new'] == '': fail('Please enter new password.', 'status_pw') elif request.form['new'] != request.form['again']: fail('You have entered two different passwords. ' 'Please enter again.', 'status_pw') else: try: current_user.password = request.form['new'] flash('Your information has been successfully changed.', 'status_pw') except PasswordTooShort: fail('Password must be at least six digits.', 'status_pw') return redirect(url_for('.personal'))
def validate(self): check_validate = super(LoginForm, self).validate() if not check_validate: return False user = User.query.filter_by(email=self.email.data).first() if not user: check_password_hash('A dumb password', self.password.data) self.email.errors.append('Invalid email or password') self.password.errors.append('Invalid email or password') return False if not user.check_password(self.password.data): self.email.errors.append('Invalid email or password') self.password.errors.append('Invalid email or password') return False return True
def login(): back_to_login = send_file(in_http_dir("login.html")) if request.method == 'GET': return back_to_login username = request.form['username'] password = request.form['password'] check_user = db.DJUser.get(username) if (check_user is not None): if (check_user.password == password): login_user(check_user) next_page = request.args.get('next') if next_page in ['/admin']: return redirect(next_page) return redirect('/dj') return back_to_login
def change_pass_page(): if request.method == 'GET': return render_template("change_password.html") else: current_pass = request.form['current_pass'] new_pass = request.form['new_pass'] double_check = request.form['double_check'] if current_user.password == current_pass: if new_pass == double_check: db.change_password(current_user.id, new_pass) logout_user() return 'Password changed, now log in again.' return redirect('/dj/password_change_form') ############################################################################### # The admin pages
def password_reset(username=None): if not current_user.is_admin: return redirect("/") if username is not None: if current_user.id != 'superadmin': check_user = db.DJUser.get(username) if check_user.is_admin and check_user.id != current_user.id: return 'You can\'t reset another admin\'s password.' new_pass = db.change_password(username) if new_pass is not None: return '{}\'s new password is "{}".'.format(username, new_pass) return '{} doesn\'t exist.'.format(username) ############################################################################### # Utility functions
def register(): form = RegistrationForm() if form.validate_on_submit(): if form.user_type.data == '0': role = 2 else: role = 3 user = orm.User(email=form.email.data, username=form.username.data, password=form.password.data, role_id = role) token = user.generate_confirmation_token() try: send_email(user.email, '????', 'auth/email/confirm', user=user, token=token) except Exception: flash(u'??????.') return redirect(url_for('register')) else: db.session.add(user) db.session.commit() flash(u'????????????????.') return redirect(url_for('login')) elif request.method == 'GET': logic.LoadBasePageInfo('??', form) return render_template('auth/register.html', form=form)
def login(): if not models.Users.query.all(): return redirect(url_for('user.signup', next=request.args.get('next'))) form = LoginForm() if form.validate_on_submit(): username = form.username.data password = form.password.data me = models.Users.query.filter_by(username=username).one_or_none() if me is not None and me.verify_password(password): login_user(me, form.remember_me.data) flash('Logged in successfully.') current_app.logger.info('A successful login attempt (%s)', username) return redirect(request.args.get('next') or url_for('home.index')) flash('Invalid usename or password.') current_app.logger.warning('A warning login attempt (%s)', username) return render_template('user/login.html', form=form)
def password_reset_request(): if not current_user.is_anonymous: return redirect(url_for('home.index')) form = PasswordResetRequestForm() if form.validate_on_submit(): me = models.Users.query.filter_by(email=form.email.data).first() if me: token = me.generate_reset_token() send_email(me.email, 'Reset Your Password', 'mail/user/reset_password', user=me, token=token, next=request.args.get('next')) flash('An email with instructions to reset your password has been ' 'sent to you.') return redirect(url_for('user.login')) return render_template('user/reset_password.html', form=form)
def password_reset_request(): if not current_user.is_anonymous: return redirect(url_for('main.index')) form = PasswordResetRequestForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: token = user.generate_reset_token() send_email(user.email, 'Reset Your Password', 'auth/email/reset_password', user=user, token=token, next=request.args.get('next')) flash('An email with instructions to reset your password has been' 'sent to you.') return redirect(url_for('auth.login')) return render_template('auth/reset_password.html', form=form)
def patch(self): """????(???)""" form = request.form password = form.get('password', '') new_password = form.get('new_password', '') if MD5(password) != current_user.password: return {'message': '????'}, 233 if not checkPassword(new_password): return {'message': '??????'}, 233 if not current_user.isAdmin: current_user.password = MD5(new_password) db.session.commit() logout_user() return {'message': '????????????'}, 200
def set_password(token): """Set initial customer password. The template for this route contains bootstrap.css, bootstrap-theme.css and main.css. This is similar to the password reset option with two exceptions: it has a longer expiration time and does not require old password. :param token: Token generated by :meth:`app.models.User.generate_reset_token` :return: """ s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY']) try: s.loads(token) except BadSignature: flash('Signature expired.') return redirect(url_for('main.index')) form = SetPasswordForm() if form.validate_on_submit(): User.set_password(token, form.data['password']) flash('Your new password has been set.') return redirect(url_for('main.index')) for field, err in form.errors.items(): flash(err[0], 'danger') return render_template('auth/set_password.html', form=form, token=token)
def register(): """Register page. """ form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data, username=form.username.data, password=form.password.data) db.session.add(user) db.session.commit() send_email(current_app.config['FLASK_ADMIN'], 'New Register Request', 'auth/email/confirm', user=user) flash('Your register request has been sent to adminstrator by email.') return redirect(url_for('.login')) return render_template('auth/register.html', form=form)
def login(): """Log in page. """ form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is not None and user.verify_password(form.password.data): login_user(user, form.remember_me.data) if not user.confirmed: # account did not confirmed by admin cannot login flash('Your register request has not been confirmed by administrator yet.') return render_template('auth/login.html', form=form) return redirect(request.args.get('next') or url_for('.profile')) flash('Invalid username or password.') return render_template('auth/login.html', form=form)
def change_password(): """Change password when user knows his/her password. """ form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) flash('Your password has been updated.') return redirect(url_for('.profile')) else: flash('Invalid password.') return render_template("auth/change_password.html", form=form)
def download_new_passwords(): '''Allow admin to download new accounts' passwords''' result = [] result.append(['Passport Name', 'Login Name', 'Class', 'Password']) users = User.get_new_passwords() result.extend([(user.passportname, user.studentid, user.grade_and_class, password) for user, password in users]) return download_xlsx('New Accounts\' Passwords.xlsx', result)
def disableaccounts_submit(): '''Input disabling information into database''' user = User(request.form['id']) user.password = None flash(user.passportname + ' has been successfully disabled.', 'disableaccounts') return redirect(url_for('.disableaccounts'))
def changepassword(): '''Allow admin to change users' password''' users = User.allusers(non_teachers=True) return render_template('user/changepassword.jinja2', users=users)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): current_user.password = form.new_password.data current_user.save() flash(_("Password updated."), "success") return render_template("user/change_password.html", form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is not None and user.verify_password(form.password.data): login_user(user, form.remember_me.data) return redirect(request.args.get('next') or url_for('user.index')) flash('????????') return render_template('auth/login.html', title = '??', form =form)
def register(): form = RegisterForm() if form.validate_on_submit(): user = User(email=form.email.data, nickname=form.nickname.data, password=form.password.data) db.session.add(user) flash('???????') return redirect(url_for('auth.login')) return render_template('auth/register.html', form=form, title='??')
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) flash('?????????') return redirect(url_for('user.index')) else: flash('??????') return render_template('auth/change_password.html', form=form, title='????')
def validate(self): check_validate = super(PasswordForm, self).validate() if not check_validate: return False if current_user.password and not check_password_hash(current_user.password, self.old_password.data): self.old_password.errors.append(lazy_gettext('Old password not correct.')) return False return True
def admin_page(): if not current_user.is_admin: return redirect("/") if request.method == 'GET': user_status = db.get_a_list(['banned', 'admin']) return render_template("admin.html", all_users=user_status) else: username = request.form['username'] new_user = db.make_user(username) if new_user is None: return '{} already exists!'.format(username) else: return '{} created, with password "{}".'.format(*new_user)
def test(cls, obj, field, value, state): """ Additional check for 'current_password' as User hasn't field 'current_password' """ if field == 'current_password': if current_user.password != value and obj.password != value: abort(code=HTTPStatus.FORBIDDEN, message="Wrong password") else: state['current_password'] = value return True return PatchJSONParameters.test(obj, field, value, state)
def replace(cls, obj, field, value, state): """ Some fields require extra permissions to be changed. Changing `is_active` and `is_regular_user` properties, current user must be a supervisor of the changing user, and `current_password` of the current user should be provided. Changing `is_admin` property requires current user to be Admin, and `current_password` of the current user should be provided.. """ if 'current_password' not in state: raise ValidationError( "Updating sensitive user settings requires `current_password` test operation " "performed before replacements." ) if field in {User.is_active.fget.__name__, User.is_regular_user.fget.__name__}: with permissions.SupervisorRolePermission( obj=obj, password_required=True, password=state['current_password'] ): # Access granted pass elif field == User.is_admin.fget.__name__: with permissions.AdminRolePermission( password_required=True, password=state['current_password'] ): # Access granted pass return super(PatchUserDetailsParameters, cls).replace(obj, field, value, state)
def __init__(self, password, **kwargs): super(PasswordRequiredRule, self).__init__(**kwargs) self._password = password
def check(self): return current_user.password == self._password
def password_reset(token): if not current_user.is_anonymous: return redirect(url_for('view_rents')) form = PasswordResetForm() if form.validate_on_submit(): user = orm.User.query.filter_by(email=form.email.data).first() if user is None: return redirect(url_for('view_rents')) if user.reset_password(token, form.password.data): flash('????????.') return redirect(url_for('login')) else: return redirect(url_for('view_rents')) return render_template('auth/reset_password.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = orm.User.query.filter_by(email=form.email.data).first() if user is not None and user.verify_password(form.password.data): login_user(user, form.remember_me.data) return redirect(request.args.get('next') or url_for('view_rents')) flash(u'????????') elif request.method =='GET': logic.LoadBasePageInfo('??',form) return render_template('auth/login.html', form=form)
def change_password(): form = ChangePasswordForm() logic.LoadBasePageInfo('????', form) if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password.data orm.User.query.filter_by(id=current_user.id).update({'password_hash':current_user.password_hash}) orm.db.session.commit() flash('??????') return redirect(url_for('login')) else: flash('????') return render_template("auth/change_password.html", form=form)
def signup(): form = SignupForm() if form.validate_on_submit(): me = models.Users(email=form.email.data, username=form.username.data, password=form.password0.data) db.session.add(me) db.session.commit() token = me.generate_confirmation_token() send_email(me.email, 'Confirm Your Account', 'mail/user/confirm', user=user, token=token) flash('A confirmation email has been sent to you by email.') return redirect(request.args.get('next') or url_for('home.index')) return render_template('user/signup.html', form=form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password0.data db.session.add(current_user) db.session.commit() flash('Your password has been updated.') return redirect(url_for('home.index')) else: flash('Invalid password.') return render_template("user/change_password.html", form=form)
def password_reset(token): if not current_user.is_anonymous: return redirect(url_for('home.index')) form = PasswordResetForm() if form.validate_on_submit(): me = models.Users.query.filter_by(email=form.email.data).first() if me is None: return redirect(url_for('home.index')) if me.reset_password(token, form.password0.data): flash('Your password has been updated.') return redirect(url_for('user.login')) else: return redirect(url_for('home.index')) return render_template('user/reset_password.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is not None and user.verify_password(form.password.data): login_user(user, form.remember_me.data) return redirect(request.args.get('next') or url_for('main.index')) flash('Invalid username or password.') return render_template('auth/login.html', form=form)
def register(): form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data, username = form.username.data, password = form.password.data) db.session.add(user) db.session.commit() token = user.generate_confirmation_token() send_email(user.email, 'Confirm Your Account', 'auth/email/confirm', user=user, token=token) flash('A confirmation email has been sent to you by email.') return redirect(url_for('auth.login')) return render_template('auth/register.html', form=form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) flash('Your passoword has been update.') return redirect(url_for('main.index')) else: flash('Invalid password.') return render_template("auth/change_password.html", form=form)
def password_reset(token): if not current_user.is_anonymous: return redirect(url_for('main.index')) form = PasswordResetForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).fifirst() if user is None: return redirect(url_for('main.index')) if user.reset_password(token, form.password.data): flash('Your password has been updated.') return redirect(url_for('auth.login')) else: return redirect(url_for('main.index')) return render_template('auth/reset_password.html', form=form)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email = form.email.data).first() if user is not None and user.verify_password(form.password.data): login_user(user, form.remember_me.data) return redirect(request.args.get('next') or url_for('main.index')) flash('Invalid username or password.') return render_template('auth/login.html', form = form)
def register(): form = RegistrationForm() if form.validate_on_submit(): user = User(email = form.email.data, username = form.username.data, password = form.password.data) db.session.add(user) db.session.commit() token = user.generate_confirmation_token() send_email(User.email, 'Confirm Your Account', 'auth/email/confirm', user = user, token = token) flash('A confirmation email has been sent to you by email.') login_user(user, False) return redirect(url_for('main.index')) return render_template('auth/register.html', form = form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) flash('You password has been updated') return redirect(url_for('main.index')) else: flash('Invalid password') return render_template('auth/change_password.html', form = form)
def password_reset_request(): if not current_user.is_anonymous: return redirect(url_for('main.index')) form = PasswordRequestForm() if form.validate_on_submit(): user = User.query.filter_by(email = form.email.data).first() if user: token = user.generate_reset_token() send_email(user.email, 'Reset Your Password', 'auth/email/reset_password', user = user, token = token, next = request.args.get('next')) flash('An email with instrcuctions to reset your password has been sent to you') return redirect(url_for('auth.login')) return render_template('auth/reset_password.html', form = form)
def password_reset(token): if not current_user.is_anonymous: return redirect(url_for('main.index')) form = PasswordResetForm() if form.validate_on_submit(): user = User.query.filter_by(email = form.email.data).first() if user is None: flash('Invalid email address') return redirect(url_for('main.index')) if user.reset_password(token, form.password.data): flash('Your password has been updated') return redirect(url_for('auth.login')) else: return redirect(url_for('main.index')) return render_template('auth/reset_password.html', form = form)