def register():
form = RegistrationForm(request.form)
adminExists = User.query.filter_by(admin=True).first()
if request.method == 'POST' and form.validate():
#user = User(form.username.data, form.password.data)
user = User.query.filter_by(username=form.username.data).first()
if user:
return render_template(
"register/register.html",
form=form,
error="Antamasi käyttäjätunnus löytyy jo tietokannasta!")
if not adminExists:
u = User(form.name.data, form.username.data, form.password2.data)
u.active = True
u.admin = True
else:
u = User(form.name.data, form.username.data, form.password2.data)
u.active = True
u.admin = False
db.session().add(u)
db.session.commit()
return redirect(url_for('auth_login'))
elif not adminExists:
return render_template('register/register_admin.html', form=form)
else:
return render_template('register/register.html', form=form)
return render_template('register/register.html', form=form)
def user_create():
form = UserForm(request.form)
if not form.validate():
return render_template("users/new.html",
form=form,
error="Tarkista lomake.")
newuser = User.query.filter_by(username=form.username.data).first()
if newuser:
return render_template("users/new.html",
form=form,
error="Käyttäjä on jo olemassa.")
u = User(form.name.data)
u.phone = form.phone.data
u.address = form.address.data
u.admin = form.admin.data
u.username = form.username.data
u.password = pbkdf2_sha256.hash(form.password.data)
db.session().add(u)
db.session().commit()
flash('Käyttäjätilin luominen onnistui.')
return redirect(url_for("user_index"))
def auth_create():
if request.method == 'GET':
return render_template("auth/registerform.html", form=LoginForm())
# If method is POST, validate form data
form = LoginForm(request.form)
if form.validate():
user = User.query.filter_by(email=form.email.data).first()
if user:
# Enforce unique emails
return render_template("auth/loginform.html",
form=form,
error="This email is already in use.")
# If valid email, create user and hash password, then login and redirect
pw_hash = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
u = User(email=form.email.data, password=pw_hash)
if form.admin.data is True:
u.admin = True
db.session.add(u)
db.session.commit()
login_user(u)
print(u)
return redirect(url_for('events_index'))
# If anything in POST goes wrong, serve login form with errors
return render_template("auth/registerform.html",
form=form,
error="Invalid information")
def user_create():
form = UserCreateForm(request.form)
if not form.validate():
return render_template("user_create.html", form=form)
if form.username.data == "deleted":
return render_template("user_create.html",
form=form,
error="Username cannot be deleted")
user = User.query.filter_by(username=form.username.data,
deleted=False).first()
if user:
return render_template("user_create.html",
form=form,
error="Username already exists")
password = form.password.data.encode() # utf-8 for bcrypt
hashed = bcrypt.hashpw(password, bcrypt.gensalt()).decode()
user = User(form.username.data, hashed)
if User.user_count() == 0:
user.admin = True
db.session().add(user)
db.session().commit()
login_user(user)
return redirect(url_for("index"))
def auth_register():
if request.method == "GET":
return render_template("auth/register.html", form=RegisterForm())
form = RegisterForm(request.form)
# validate unique, pwd is +3 char
#form.username
if not form.validate():
# how to flash?
flash("hello")
return render_template("auth/register.html", form=form)
new_user = User(form.name.data, form.username.data, form.password.data)
if form.username.data == "admin":
new_user.admin = True
db.session().add(new_user)
db.session().commit()
login_user(new_user)
return redirect(url_for("auth_login"))