Ejemplo n.º 1
0
def admin_login():
    user_check = Users.check_any_exist()
    if not user_check:
        return redirect(url_for("create_account"))
    if "user" in session:
        return redirect(url_for("account", username=session["user"]))

    error = None
    if request.method == "POST":
        token = session.pop('_csrf_token', None)
        if not token or token != request.form.get('_csrf_token'):
            abort(403)
        username = request.form.get("username").strip()
        password = request.form.get("password").strip()
        user = Users.get_user_by_username(username)
        if not user:
            error = "Incorrect Credentials"
            return render_template("login.html", error=error)
        else:
            if not user.check_password(password):
                error = "Incorrect Credentials"
                return render_template("login.html", error=error)
            else:
                session["user"] = user.username
                return redirect(url_for("account", username=user.username))
    return render_template("login.html", error=error)
Ejemplo n.º 2
0
def admin_login():
    user_check = Users.check_any_exist()
    if not user_check:
        return redirect(url_for("create_account"))
    if "user" in session:
        return redirect(url_for("account", username=session["user"]))

    error = None
    if request.method == "POST":
        token = session.pop('_csrf_token', None)
        if not token or token != request.form.get('_csrf_token'):
            abort(403)
        username = request.form.get("username").strip()
        password = request.form.get("password").strip()
        user = Users.get_user_by_username(username)
        if not user:
            error = "Incorrect Credentials"
            return render_template("login.html", error=error)
        else:
            if not user.check_password(password):
                error = "Incorrect Credentials"
                return render_template("login.html", error=error)
            else:
                session["user"] = user.username
                return redirect(url_for("account", username=user.username))
    return render_template("login.html", error=error)
Ejemplo n.º 3
0
def create_account():

    """
    View for creating user account
    - Checks if no users have been created - if yes redirect
    - Gets Credentials from the form
    - Writes data to db
    - Creates user directory in /uploads
    - Logs user in

    """

    error = None
    user_check = Users.check_any_exist()
    if not user_check:
        if request.method == "POST":
            username = request.form.get("username").strip()
            password = request.form.get("password").strip()
            real_name = request.form.get("real_name", None).strip()
            description = request.form.get("description", None).strip()
            if not username or not password:
                error = "All fields are required"
                return render_template("create_account.html", error=error)
            try:
                Users.create_user(username=username,
                                  password=password,
                                  description=description,
                                  real_name=real_name)
            except IOError as e:
                error = "Could not write to database, check if\
                        you have proper access\n or double\
                        check configuration options"
                return render_template("create_account.html", error=error)
            session["user"] = username
            flash("Account created")
            return redirect(url_for("account", username=username))
        else:
            return render_template("create_account.html")
    else:
        return redirect(url_for("index"))
Ejemplo n.º 4
0
def create_account():
    """
    View for creating user account
    - Checks if no users have been created - if yes redirect
    - Gets Credentials from the form
    - Writes data to db
    - Creates user directory in /uploads
    - Logs user in

    """

    error = None
    user_check = Users.check_any_exist()
    if not user_check:
        if request.method == "POST":
            username = request.form.get("username").strip()
            password = request.form.get("password").strip()
            real_name = request.form.get("real_name", None).strip()
            description = request.form.get("description", None).strip()
            if not username or not password:
                error = "All fields are required"
                return render_template("create_account.html", error=error)
            try:
                Users.create_user(username=username,
                                  password=password,
                                  description=description,
                                  real_name=real_name)
            except IOError as e:
                error = "Could not write to database, check if\
                        you have proper access\n or double\
                        check configuration options"

                return render_template("create_account.html", error=error)
            session["user"] = username
            flash("Account created")
            return redirect(url_for("account", username=username))
        else:
            return render_template("create_account.html")
    else:
        return redirect(url_for("index"))
Ejemplo n.º 5
0
    def test_sanity(self):

        with test_database(db, (Users,)):
            self.assertTrue(Users.table_exists())
            self.assertFalse(Users.check_any_exist())
Ejemplo n.º 6
0
    def test_sanity(self):

        with test_database(db, (Users, )):
            self.assertTrue(Users.table_exists())
            self.assertFalse(Users.check_any_exist())