def login_post():
if current_user.is_authenticated:
return redirect(url_for('home.index'))
email = request.form.get('email')
password = request.form.get('password')
remember = True if request.form.get('remember') else False
user = User.query.filter_by(email=email).first()
if (not user and User.isSuperAdmin(email)):
user = User.getSuperAdmin()
if not user or not check_password_hash(user.password, password):
flash('Please check your login details and try again.')
return redirect(url_for('auth.login'))
login_user(user, remember=remember)
return redirect(url_for('home.index'))
def user_save():
form_user=User()
form_user.id = request.form.get('id')
form_user.first_name = request.form.get('first_name')
form_user.last_name = request.form.get('last_name')
form_user.email = request.form.get('email')
form_user.is_admin = request.form.get('is_admin')
exist_user = User.query.filter_by(email=form_user.email).first()
if(User.isSuperAdmin(form_user.email)):
flash('Email address already exists')
return redirect(url_for('user.user_edit',id=form_user.id))
if(form_user.id is not None and form_user.id>0):
user= User.query.get_or_404(form_user.id)
if(exist_user and exist_user.id!=form_user.id):
flash('Email address already exists')
return redirect(url_for('user.user_edit',id=form_user.id))
user.first_name=form_user.first_name
user.last_name=form_user.last_name
user.email=form_user.email
db.session.add(user)
db.session.commit()
else:
if(exist_user):
flash('Email address already exists')
return redirect(url_for('auth.user_add'))
password = request.form.get('password')
confirm_password = request.form.get('confirm_password')
if(password != confirm_password):
flash('Password and confirm password are not same')
return redirect(url_for('user.user_add'))
form_user.password=generate_password_hash(password, method='sha256')
db.session.add(form_user)
db.session.commit()
return redirect(url_for('user.user_edit',id=form_user.id))
