def register(username, passwd): if re.search(disallowed_chars, username) or len(username) > 20 or get_user(username): raise Forbidden user = User(username, passwd) session.commit() return user
def login(request): type = request.form.get('do') token = request.form.get('token') username = request.form.get('user') passwd = request.form.get('pw') if not (username and passwd and type and token) or not is_valid_token( type, token): return serve_text('') user = get_user(username) if type == 'reg' and user is None: user = register(username, passwd) if user and user.is_valid_pw(passwd): request.login(username) todo = request.form.get('reason') if not todo: response = serve_text('ok') else: response = exec_todo(request, user, todo) #remember user for n hours hours = 24 * (30 if request.form.get('rem') == 'on' else 1) request.session.save_cookie(response, expires=cookie_expires(hours), max_age=cookie_lifespan(hours)) return response return serve_text('')
def login_form(request): username = request.form.get('username') password = request.form.get('passwd') user = get_user(username) if user and user.is_valid_pw(password): request.login(username) return redirect(url_for('index')) flashMsg = 'Invalid credentials.' return serve_response('login.html', flashMsg=flashMsg)
def user_exists(request): name = request.args.get('name') if not name: raise Forbidden user = get_user(name) if user is not None: return serve_text('username taken.') else: return serve_text('')
def register_form(request): # getting and checking input username = request.form.get('username', None) pw1 = request.form.get('passwd', None) pw2 = request.form.get('passwd2', None) if not (username and pw1 and pw2): return serve_response('login.html', flashMsg='All fields are required.') if ' ' in username: return serve_response('login.html', flashMsg='Username cannot contain spaces.') if get_user(username): return serve_response('login.html', flashMsg='Username exists! Please choose another username.') if pw1 != pw2: return serve_response('login.html', flashMsg='Passwords don\'t match.') # create user user = User(username, pw1) session.commit() return login_form(request)
def register_form(request): # getting and checking input username = request.form.get('username', None) pw1 = request.form.get('passwd', None) pw2 = request.form.get('passwd2', None) if not (username and pw1 and pw2): return serve_response('login.html', flashMsg='All fields are required.') if ' ' in username: return serve_response('login.html', flashMsg='Username cannot contain spaces.') if get_user(username): return serve_response( 'login.html', flashMsg='Username exists! Please choose another username.') if pw1 != pw2: return serve_response('login.html', flashMsg='Passwords don\'t match.') # create user user = User(username, pw1) session.commit() return login_form(request)
def login(request): type = request.form.get('do') token = request.form.get('token') username = request.form.get('user') passwd = request.form.get('pw') if not (username and passwd and type and token) or not is_valid_token(type, token): return serve_text('') user = get_user(username) if type == 'reg' and user is None: user = register(username, passwd) if user and user.is_valid_pw(passwd): request.login(username) todo = request.form.get('reason') if not todo: response = serve_text('ok') else: response = exec_todo(request, user, todo) #remember user for n hours hours = 24 * (30 if request.form.get('rem') == 'on' else 1) request.session.save_cookie(response, expires=cookie_expires(hours), max_age=cookie_lifespan(hours)) return response return serve_text('')
def register(username, passwd): if re.search(disallowed_chars, username) or len(username)>20 or get_user(username): raise Forbidden user = User(username, passwd) session.commit() return user