def authorize_user():
client_id = int(request.form.get('client_id'))
login = request.form.get('login')
password = request.form.get('password')
state = request.form.get('state', None)
if not db.user_base(login=login):
return redirect(db.client_base[client_id]['redirect_uri'] + '?error=access_denied' + ('' if state is None else '&state=' + state), code=302)
if db.user_base(login=login)[0]['pswd'] != sha256(password.encode('UTF-8')).digest():
return redirect(db.client_base[client_id]['redirect_uri'] + '?error=access_denied' + ('' if state is None else '&state=' + state), code=302)
code=sha256(str(uuid4()).encode('UTF-8')).hexdigest()
db.authorization_code.insert(user_id=db.user_base(login=login)[0]['__id__'],
code=code,
expire_time=datetime.now() + timedelta(minutes=30))
db.authorization_code.commit()
return redirect(db.client_base[client_id]['redirect_uri'] + '?code=' + code + ('' if state is None else '&state=' + state), code=302)
def register_user():
print ('in /registration-post')
##############
login = request.form['login']
if not login:
return render_template('register_failed.html', reason='Empty login not allowed.')
password = request.form['password']
name = request.form['name'] or None
email = request.form['email'] or None
print (login, ' ', name, ' ',password, ' ',email)
if db.user_base(login=login):
return render_template('register_failed.html', reason='User already exists.'.format(login))
db.user_base.insert(login=login,
pswd=sha256(password.encode('UTF-8')).digest(),
name=name,
email=email)
db.user_base.commit()
return render_template('register_successed.html', login=request.form['login'])
