Beispiel #1
0
def register():
    if request.method == "POST":
        username = request.form["username"]
        password = request.form["password"]
        db = get_db()
        error = None

        if not username:
            error = "Username required"
        if not password:
            error = "Password required"
        elif (db.execute("SELECT id FROM user WHERE username = ?",
                         (username, )).fetchone() is not None):
            error = "User {0} is already registered.".format(username)

        if error is None:
            db.execute(
                "INSERT INTO user (username, password, is_admin) VALUES (?, ?, ?)",
                (username, generate_password_hash(password), False))
            print()
            db.commit()
            return redirect(url_for("auth.login"))

        flash(error)

    return render_template("auth/register.html")
Beispiel #2
0
def load_logged_user():
    user_id = session.get("user_id")

    if user_id is None:
        g.user = None
    else:
        g.user = (get_db().execute("SELECT * FROM user WHERE id = ?",
                                   (user_id, )).fetchone())
Beispiel #3
0
 def _add_user(app, username, password, is_admin):
     with app.app_context():
         db = get_db()
         cursor = db.cursor()
         cursor.execute(
             "INSERT INTO user (username, password, is_admin) VALUES (?, ?, ?)",
             (username, generate_password_hash(password), is_admin))
         db.commit()
         return cursor.lastrowid
Beispiel #4
0
def login():
    if request.method == "POST":
        username = request.form["username"]
        password = request.form["password"]
        db = get_db()
        error = None
        user = db.execute("SELECT * FROM user WHERE username = ?",
                          (username, )).fetchone()

        if user is None or not check_password_hash(user["password"], password):
            error = "Incorrect username or password"

        if error is None:
            session.clear()
            session["user_id"] = user["id"]
            return redirect(url_for("index.index"))
        flash(error)

    return render_template("auth/login.html")
Beispiel #5
0
def users_list():
    db = get_db()
    users = db.execute("SELECT id, username, is_admin FROM user").fetchall()
    return render_template('admin/users_list.html', users=users)