def post(self):
if 'logout' in request.form:
f_session.pop('nickname', None)
flash('You have been logged out')
return redirect(url_for('index'))
form = LogInForm()
if form.validate():
u = session.query(User).filter_by(nickname=form.nickname.data).first()
if u is not None and u.check_password(form.password.data):
f_session['nickname'] = u.nickname
msg = 'Wellcome <strong class=badge>{0}</strong>!'.format(u.nickname)
flash(msg)
return redirect(url_for('index'))
else:
flash('Wrong nickname or password')
return redirect(url_for('index'))
return render_template('login.haml', form=form)
def login():
loginForm = LogInForm(request.form)
field1 = False
field2 = False
field3 = False
field4 = False
if request.method == 'POST' and loginForm.validate():
email = loginForm.email.data # retrieves email from login form
emailSplit = email.split("@") # splits email for staff account check
domain = emailSplit[1] # gets domain of emaill
userDict = {}
try:
db = shelve.open('storage.db', 'c')
except:
print("Unable to retrieve storage.db")
if domain == "monoqlo.com": # checks if email is company issued
try:
userDict = db['Staff']
except:
print("Error in retrieving Staff from storage.db")
for user, object in userDict.items(
): # loops through each key value pair in staffDict
if user == emailSplit[
0]: # since staff objects are stored with eID as key, which is the first half of their email, we check if emailSplit[0] matches the key
field1 = True
if object.get_password(
) == loginForm.password.data: # if eID matches, this checks password
field2 = True
session[
"email"] = email # sets session email as given email
session["name"] = object.get_fname(
) # sets staff first name in session
session["type"] = object.get_type(
) # sets staff account type in session
else:
print("User account.")
try:
userDict = db['Users']
except:
print("Error in retrieving User from storage.db")
finally:
for user, object in userDict.items():
if user == email:
field3 = True
print("1")
if object.get_pw() == loginForm.password.data:
field4 = True
session["useremail"] = email
session["username"] = object.get_firstName()
if field1 == True and field2 == True: # if staff login passes both email and password, they will be redirected to staffHome
print("Successfully logged in!")
return redirect(url_for('staffHome'))
elif field3 == True and field4 == True:
db.close()
return redirect(url_for('home'))
elif field1 == False and field2 == True or field3 == False and field4 == True: # invalid email entered
print("Invalid Email.")
elif field1 == True and field2 == False or field3 == True and field4 == False: # invalid password
print("Invalid Password.")
else: # both fields invalid
print("Invalid credentials. Please try again.")
return render_template('login.html', form=loginForm)
