def login():
"""
This page allows user to login to see his/her patients or to upload new patient data.
"""
if request.method == "POST":
username = request.form["login"]
password = request.form["password"]
user = User.login(username, password, SESSION)
error = None
if isinstance(user, basestring):
error = user
if VERBOSE:
print error
else:
session["username"] = user.name
if "admin" in user.role:
session["admin"] = True
else:
session["admin"] = False
if VERBOSE:
print "You were successfully logged in"
return redirect(url_for("index"))
if VERBOSE:
print session["username"]
return render_template("login_modern.html", error=error)
return render_template("login_modern.html")
def getCurrentUser():
"""
Gets the current user logged into the session.
"""
if "username" not in session:
return None
return User.findUser(session["username"], SESSION)
def getUser(redirect_dest="index"):
user, redirect_return = None, None
if "username" not in session:
flash("You requested a restricted access page. Please login.")
if VERBOSE:
print "You requested a restricted access page. Please login."
redirect(url_for("login"))
redirect_return = redirect(url_for("login"))
else:
user = User.findUser(session["username"], SESSION)
return user, redirect_return
def newuser():
message = ""
if request.method == "POST":
username = request.form["login"]
password = request.form["password"]
password_confirmation = request.form["passwordconfirmation"]
role = request.form["role"]
if password != password_confirmation:
message = "error: password and password confirmation don't match"
else:
user = User.newUser(username, role, password, SESSION)
if user == None:
message = "error: username already in use"
else:
session["username"] = user.name
if "admin" in user.role:
session["admin"] = True
else:
session["admin"] = False
return redirect(url_for("index"))
return render_template("newuser_modern.html", error=message)
def getUser(self):
user = User.findUser("Jane", SESSION)
if user ==None:
user = User("Jane", "user", "password")
return user
