def admin_login(): user_check = Users.check_any_exist() if not user_check: return redirect(url_for("create_account")) if "user" in session: return redirect(url_for("account", username=session["user"])) error = None if request.method == "POST": token = session.pop('_csrf_token', None) if not token or token != request.form.get('_csrf_token'): abort(403) username = request.form.get("username").strip() password = request.form.get("password").strip() user = Users.get_user_by_username(username) if not user: error = "Incorrect Credentials" return render_template("login.html", error=error) else: if not user.check_password(password): error = "Incorrect Credentials" return render_template("login.html", error=error) else: session["user"] = user.username return redirect(url_for("account", username=user.username)) return render_template("login.html", error=error)
def admin_login(): user_check = Users.check_any_exist() if not user_check: return redirect(url_for("create_account")) if "user" in session: return redirect(url_for("account", username=session["user"])) error = None if request.method == "POST": token = session.pop('_csrf_token', None) if not token or token != request.form.get('_csrf_token'): abort(403) username = request.form.get("username").strip() password = request.form.get("password").strip() user = Users.get_user_by_username(username) if not user: error = "Incorrect Credentials" return render_template("login.html", error=error) else: if not user.check_password(password): error = "Incorrect Credentials" return render_template("login.html", error=error) else: session["user"] = user.username return redirect(url_for("account", username=user.username)) return render_template("login.html", error=error)
def create_account(): """ View for creating user account - Checks if no users have been created - if yes redirect - Gets Credentials from the form - Writes data to db - Creates user directory in /uploads - Logs user in """ error = None user_check = Users.check_any_exist() if not user_check: if request.method == "POST": username = request.form.get("username").strip() password = request.form.get("password").strip() real_name = request.form.get("real_name", None).strip() description = request.form.get("description", None).strip() if not username or not password: error = "All fields are required" return render_template("create_account.html", error=error) try: Users.create_user(username=username, password=password, description=description, real_name=real_name) except IOError as e: error = "Could not write to database, check if\ you have proper access\n or double\ check configuration options" return render_template("create_account.html", error=error) session["user"] = username flash("Account created") return redirect(url_for("account", username=username)) else: return render_template("create_account.html") else: return redirect(url_for("index"))
def create_account(): """ View for creating user account - Checks if no users have been created - if yes redirect - Gets Credentials from the form - Writes data to db - Creates user directory in /uploads - Logs user in """ error = None user_check = Users.check_any_exist() if not user_check: if request.method == "POST": username = request.form.get("username").strip() password = request.form.get("password").strip() real_name = request.form.get("real_name", None).strip() description = request.form.get("description", None).strip() if not username or not password: error = "All fields are required" return render_template("create_account.html", error=error) try: Users.create_user(username=username, password=password, description=description, real_name=real_name) except IOError as e: error = "Could not write to database, check if\ you have proper access\n or double\ check configuration options" return render_template("create_account.html", error=error) session["user"] = username flash("Account created") return redirect(url_for("account", username=username)) else: return render_template("create_account.html") else: return redirect(url_for("index"))
def test_sanity(self): with test_database(db, (Users,)): self.assertTrue(Users.table_exists()) self.assertFalse(Users.check_any_exist())
def test_sanity(self): with test_database(db, (Users, )): self.assertTrue(Users.table_exists()) self.assertFalse(Users.check_any_exist())