def register():
"""Register user"""
# If GET render register template
if request.method == "GET":
return render_template("register.html")
else:
# Check if username exist
us_name = db.execute("SELECT * FROM users WHERE username = :username",
username=request.form.get("username"))
if len(us_name) > 0:
return apology("Username already exists", 403)
elif not password_check(request.form.get("password")):
# Password function check
return apology("check your password", 403)
# Insert new user in table
register_user = db.execute(
"INSERT INTO users (username,hash) VALUES(:username,:hash)",
username=request.form.get("username"),
hash=generate_password_hash(request.form.get("password")))
# Login that user
new_user = db.execute("SELECT * FROM users WHERE username = :username",
username=request.form.get("username"))
session["user_id"] = new_user[0]["id"]
return redirect("/")
def register():
#Register users
#return apology("TODO")
if request.method == "GET":
return render_template("register.html")
else:
us_name = db.execute(
"SELECT * FROM dim_users WHERE username = :username",
username=request.form.get("username"))
if len(us_name) > 0:
return apology("Username already exists", 403)
elif not password_check(request.form.get("password")):
return apology("check your password", 403)
alias_name = db.execute("SELECT * FROM dim_users WHERE alias = :alias",
alias=request.form.get("alias"))
if len(alias_name) > 0:
return apology("Alias already exists", 403)
register_user = db.execute(
"INSERT INTO dim_users (username,hash) VALUES(:username,:hash)",
username=request.form.get("username"),
hash=generate_password_hash(request.form.get("password")))
new_user = db.execute(
"SELECT * FROM dim_users WHERE username = :username",
username=request.form.get("username"))
session["user_id"] = new_user[0]["id"]
return redirect("/")
def register():
"""Register user"""
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
confirmation = request.form.get("confirmation")
passwd = password
# check username was submitted
if not username:
return apology("must provide username", 400)
# check password was submitted
elif not password:
return apology("must provide password", 400)
# check confirmation password was submitted
elif not request.form.get("confirmation"):
return apology("re-type ur password", 400)
# check Password match with Confirmation
elif not request.form.get("password") == request.form.get(
"confirmation"):
return apology("passwords are not the same", 400)
elif (password_check(passwd)):
return apology(
"have at least one number,upper,lower,special symbol,and min 6 long",
400)
#check exist username
exist = db.execute("SELECT * FROM users WHERE username = :username",
username=request.form.get("username"))
if exist:
return apology("username already exist!", 400)
else:
pass
# insert to database
result = db.execute(
"INSERT INTO users (username, hash) VALUES (:username, :hash)",
username=request.form.get("username"),
hash=generate_password_hash(request.form.get("password")))
#session
session["user_id"] = result
# redirect main root
return redirect("/")
else:
return render_template("register.html")
def register():
"""Register user"""
# User reached route via POST (as by submitting a form via POST)
if request.method == "POST":
# Ensure username was submitted
if not request.form.get("username"):
return apology("must provide username", 400)
# Ensure password was submitted
elif not request.form.get("password"):
return apology("must provide password", 400)
# Ensure password confirmation was submitted
elif not request.form.get("confirmation"):
return apology("must provide password confirmation", 400)
# Ensure password and confirmation match
elif request.form.get("confirmation") != request.form.get("password"):
return apology("password and confirmation must match", 400)
# Check password quality
elif password_check(request.form.get("password")) == False:
return apology("password is too weak", 400)
# generate hash for entered password
passwordHash = generate_password_hash(request.form.get("password"))
# try to add user to db
result = db.execute(
"INSERT INTO users (username, hash) VALUES (:username, :passwordHash)",
username=request.form.get("username"),
passwordHash=passwordHash)
# check status of user insertion
if not result:
return apology("User already exist")
# Query database for id
rows = db.execute("SELECT * FROM users WHERE username = :username",
username=request.form.get("username"))
# Remember which user has logged in
session["user_id"] = rows[0]["id"]
# Redirect user to home page
return redirect("/")
# User reached route via GET (as by clicking a link or via redirect)
else:
return render_template("register.html")
def changePassword():
# User reached route via POST (as by submitting a form via POST)
if request.method == "POST":
# validate input fields
if not request.form.get("old_password"):
return apology("old password missing", 400)
elif not request.form.get("new_password"):
return apology("new password missing", 400)
elif not request.form.get("confirmation"):
return apology("confirmation missing", 400)
else:
# Query database for current password
rows = db.execute("SELECT * FROM users WHERE id = :userid",
userid=session["user_id"])
# validate password for correctnew
if not check_password_hash(rows[0]["hash"],
request.form.get("old_password")):
return apology("old password not match", 403)
elif request.form.get("new_password") != request.form.get(
"confirmation"):
return apology("new password and comfirmation must match", 403)
elif request.form.get("new_password") == request.form.get(
"old_password"):
return apology("new password same as old", 403)
elif password_check(request.form.get("new_password")) == False:
return apology("new password too weak")
else:
# update password in database
passwordHash = generate_password_hash(
request.form.get("new_password"))
result = db.execute(
"UPDATE users SET hash = :passwordHash WHERE id = :userid",
passwordHash=passwordHash,
userid=session["user_id"])
flash("Password changed!")
return redirect("/")
else:
return render_template("change_password.html")
def signup():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
confirm_password = request.form['confirm_password']
password_error = password_check(password)
confirm_password_error = confirm_password_check(confirm_password, password)
user_name_error = user_name_check(username)
errors = [user_name_error, confirm_password_error, password_error]
for error in errors:
if error != "":
return render_template('signup.html',user_name_error = user_name_error, confirm_password_error = confirm_password_error, password_error = password_error, username = session.get('username', ''))
existing_user = User.query.filter_by( username = username).first()
if not existing_user:
new_user = User(username,password)
db.session.add(new_user)
db.session.commit()
return redirect('/newpost')
else:
user_name_error = 'Unable to create your account, that username is already in use!'
return render_template('signup.html', user_name_error = user_name_error, username = session.get('username', ''))
return render_template('signup.html', username = session.get('username', ''))
def register():
"""Register user"""
# Forget any user_id
session.clear()
# User reached route via POST (as by submitting a form via POST)
if request.method == "POST":
# Ensure full name was submitted
if not request.form.get("fullname"):
return apology("must provide full name", 400)
# Ensure username was submitted
elif not request.form.get("username"):
return apology("must provide username", 400)
# Ensure password was submitted
elif not request.form.get("password"):
return apology("must provide password", 400)
# Ensure password confirmation was submitted
elif not request.form.get("confirmation"):
return apology("must confirm password", 400)
# Ensure type was submitted
elif not request.form.get("account_type"):
return apology("must provide type", 400)
# Check if password and the password confirmation are the same
elif request.form.get("password") != request.form.get("confirmation"):
return apology("Passwords don't match", 400)
# Check if password meets requirements
elif not password_check(request.form.get("password")):
return apology("Password must contain at least 8 characters, one number, and one capital letter", 400)
# Hash and encrypt password
hash = generate_password_hash(request.form.get("password"))
# Add everything to database
result = db.execute("INSERT INTO users (fullname, username, account_type, hash) VALUES(:fullname, :username, :account_type, :hash)",
fullname = request.form.get("fullname"),username=request.form.get("username"),account_type=request.form.get("account_type"), hash=hash)
# Check if username already exists
if not result:
return apology("Username already exists", 400)
# Log in user automatically
session["user_id"] = result
# Redirect user to home page
if request.form.get("account_type") == "Instructor":
classes = db.execute("SELECT * FROM classes WHERE instructor_id = :userid", userid=session["user_id"])
return render_template("i_home.html", classes=classes)
else:
classes = db.execute("SELECT * FROM registrations WHERE student_id = :userid", userid=session["user_id"])
return render_template("s_home.html", classes=classes)
# User reached route via GET (as by clicking a link or via redirect)
else:
return render_template("register.html")