otp page working
needs testing: does user receive an email does it check that the otp matches the generated one
This commit is contained in:
Allyssa Poulin
parent
a2857083a8
commit
0098f3448a
|
|
@ -9,11 +9,11 @@ def generate_otp(user):
|
||||||
# which stores all digits
|
# which stores all digits
|
||||||
digits = "0123456789"
|
digits = "0123456789"
|
||||||
otp = ""
|
otp = ""
|
||||||
|
|
||||||
# length of password can be changed
|
# length of password can be changed
|
||||||
# by changing value in range
|
# by changing value in range
|
||||||
for i in range(4):
|
for i in range(4):
|
||||||
otp += digits[math.floor(random.random() * 10)]
|
otp += digits[math.floor(random.random() * 10)]
|
||||||
|
user.otp = otp
|
||||||
return otp
|
return otp
|
||||||
|
|
||||||
def send_otp_email(user):
|
def send_otp_email(user):
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,8 @@ class LoginForm(FlaskForm):
|
||||||
submit = SubmitField(_l('Sign In'))
|
submit = SubmitField(_l('Sign In'))
|
||||||
|
|
||||||
class OTPForm(FlaskForm):
|
class OTPForm(FlaskForm):
|
||||||
OTP = StringField(_l('One Time Passcode'), validators=[DataRequired()]) ###EqualTo(otp)
|
username = StringField(_l('Username'), validators=[DataRequired()])
|
||||||
|
OTP = StringField(_l('OTP'), validators=[DataRequired()]) ###EqualTo(otp)
|
||||||
submit = SubmitField(_l('Log in') )
|
submit = SubmitField(_l('Log in') )
|
||||||
|
|
||||||
class RegistrationForm(FlaskForm):
|
class RegistrationForm(FlaskForm):
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ from flask_babel import _
|
||||||
from app import db
|
from app import db
|
||||||
from app.auth import bp
|
from app.auth import bp
|
||||||
from app.auth.forms import LoginForm, RegistrationForm, \
|
from app.auth.forms import LoginForm, RegistrationForm, \
|
||||||
ResetPasswordRequestForm, ResetPasswordForm
|
ResetPasswordRequestForm, ResetPasswordForm, OTPForm
|
||||||
from app.models import User
|
from app.models import User
|
||||||
from app.auth.email import send_password_reset_email
|
from app.auth.email import send_password_reset_email
|
||||||
|
|
||||||
|
|
@ -27,8 +27,15 @@ def login():
|
||||||
@bp.route('/otp', methods=['GET', 'POST'])
|
@bp.route('/otp', methods=['GET', 'POST'])
|
||||||
def otp_login():
|
def otp_login():
|
||||||
form = OTPForm()
|
form = OTPForm()
|
||||||
if OTP != user.curr_otp :
|
user = User.query.filter_by(username=form.username.data).first()
|
||||||
flash(_('Invalid OTP'))
|
otp = form.OTP.data
|
||||||
|
if user:
|
||||||
|
send_otp_email(user)
|
||||||
|
flash(_('Check your email for your OTP'))
|
||||||
|
return redirect(url_for('auth.otp_login'))
|
||||||
|
if otp != user.otp:
|
||||||
|
flash(_('Invalid OTP'))
|
||||||
|
return redirect(url_for('auth.otp_login'))
|
||||||
if form.validate_on_submit():
|
if form.validate_on_submit():
|
||||||
return redirect(url_for('main.index'))
|
return redirect(url_for('main.index'))
|
||||||
return render_template('auth/otp_login.html', title=_('Enter OTP'),
|
return render_template('auth/otp_login.html', title=_('Enter OTP'),
|
||||||
|
|
|
||||||
|
|
@ -88,7 +88,6 @@ followers = db.Table(
|
||||||
db.Column('followed_id', db.Integer, db.ForeignKey('user.id'))
|
db.Column('followed_id', db.Integer, db.ForeignKey('user.id'))
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class User(UserMixin, PaginatedAPIMixin, db.Model):
|
class User(UserMixin, PaginatedAPIMixin, db.Model):
|
||||||
id = db.Column(db.Integer, primary_key=True)
|
id = db.Column(db.Integer, primary_key=True)
|
||||||
username = db.Column(db.String(64), index=True, unique=True)
|
username = db.Column(db.String(64), index=True, unique=True)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue