def POST(self):
global session
error = ""
form = loginform()
if not form.validates():
return render.login(form, error)
else:
try:
userinfo = userdb.select('users', where='user=$form.d.username', vars=locals())
userinfo = userinfo[0]
password = userinfo.password
salt = userinfo.salt
hashed_password = hashlib.sha512(form.d.password + salt).hexdigest()
if hashed_password == password:
print session.session_id
session.user = form.d.username
session.codecreated = userinfo.codecreated
session.loggedin = True
print session.session_id
model.set_owner(session.session_id, getuser())
raise web.seeother('/')
else:
form = loginform()
error = "Login is invalid, please try again"
return render.login(form, error)
except:
form = loginform()
error = "Login process failed"
return render.login(form, error)
def POST(self):
form = signupform()
if not form.validates():
return render.signupform(form, "Please provide correct inputs")
else:
try:
userdb.select('users', where='user=$form.d.username', vars=locals())[0]
return render.signupform(form, "Username exists, pick a new one please")
except:
#create a secure password and store it
newsalt = uuid.uuid4().hex
hashed_password = hashlib.sha512(form.d.password + newsalt).hexdigest()
userdb.insert('users', user=form.d.username, password=hashed_password, salt=newsalt, secretcode=str(uuid.uuid4()))
session.user = form.d.username
session.loggedin = True
model.set_owner(session.session_id, getuser())
raise web.seeother('/')
