def verified(): obj_dao = Dao() obj_vo = loginVo() obj_vo.user_email = request.form.get('user_email') obj_vo.user_password = request.form.get('user_password') result, data, identify = obj_dao.login(obj_vo) if "admin_name" in data: if result == 1 and identify == "admin": return render_template('content/admin/adminHome.html', data=data['admin_name']) else: if result == 1 and identify == "wholesaler": main = data['user_full_name'] return render_template('content/wholesaler/wholesalerHome.html', data=main) elif result == 1 and identify == "retailer": main = data['user_full_name'] return render_template('content/retailer/retailerHome.html', data=main) elif result == 0 and data == "none" and identify == "invalid": flash("Invalid crendtial kindly check email or password...") return redirect(url_for('reroute'))
def auth_login(): if request.method == 'POST': uname = str(request.form['username']) pw = str(request.form['password']) quser = User.query.filter_by(username = uname).first() if( quser != None ): pw_hash = hashpw(pw, quser.password) if( pw_hash == quser.password ): login_user(quser) else: flash('Invalid Username or password', 'Error') else: flash('Invalid Username or password', 'Error') return default_view()
def auth_register(): error = None # ############################################################# # TODO: Add form input validation and sanitize everything and # add bcrypt support if request.method == 'POST': uname = str(request.form['username']) pw = str(request.form['password']) pw2 = str(request.form['password2']) email = str(request.form['email']) unc_email = str(request.form['uncc_email']) fname = str(request.form['firstname']) lname = str(request.form['lastname']) nick = str(request.form['nickname']) degree_prog = int(request.form['degree_program']) if len(uname) < 5: flash('Username is too short: must be longer than five characters', 'Error') return render_template('register.html', error=error, degrees=app.config['DEGREE_PROGRAMS']) quser = User.query.filter_by(username = uname).first() qemail = User.query.filter_by(uncc_email = unc_email).first() if (quser is None) and (qemail is None): if pw == pw2: # basic password validation # generate password hash passwd = hashpw(pw, gensalt()) usr = User(uname, passwd, email) usr.set_fullname(fname,lname) usr.set_uncc_email(unc_email) usr.set_nickname(nick) usr.set_degree_program(degree_prog) db.session.add(usr) db.session.commit() flash('User created: You may now login.', 'Message') return default_view() else: flash('Passwords do not math', 'Error') else: flash('Username or Email already in use.', 'Error') return default_view('user/register.html')
def user_update_submit(): error = None usr = current_user fname = request.form.get('firstname', None) lname = request.form.get('lastname', None) nname = request.form.get('nickname', None) dprog = request.form.get('degree_program', None) uemai = request.form.get('uncc_email', None) email = request.form.get('email', None) cpass = request.form.get('curpassword', None) pass1 = request.form.get('newpassword', None) pass2 = request.form.get('newpassword2', None) if not fname is None: usr.set_fullname(str(fname), str(lname)) usr.set_nickname(str(nname)) usr.set_degree_program(int(dprog)) if not uemai is None: usr.set_uncc_email(uemai) usr.set_email(email) if not cpass is None: pw_hash = hashpw(cpass, usr.password) if pw_hash == usr.password: if pass1 == pass2: usr.password = hashpw(pass1, usr.password) else: flash("Passwords Fail to Match", "Error") else: flash("Invalid Current Password", "Error") if error is None: base_app.db.session.commit() return render_template('user/update_user.html', error = error, user = current_user)