def user(name): try: user = sql.getUser(name) except sql.SQLError: abort(404) tasks = sorted(sql.getTasks(), key=lambda x: (x.categorie, x.points, x.level)) return render_template("main.html", view="user.html", user=user, tasks=tasks, solved=sql.getSolved(user.login))
def me(): if not "login" in session: return redirect(url_for("login")) try: user = sql.getUser(session["login"]) except sql.SQLError: abort(404) if request.method == "POST": doPost(user) user = sql.getUser(session["login"]) maxpoints = sql.getMaxPoints() try: percents = int(user.points / float(maxpoints) * 100) except ZeroDivisionError: percents = 0 medals = json.loads(user.medals) if user.medals is not None else None csrf_token = uuid.uuid4() session["csrf_token"] = csrf_token return render_template( "main.html", view="me.html", user=user, percents=percents, medals=medals, csrf_token=csrf_token )
def admin_user(): if not "admin" in session or not session["admin"]: abort(404) login = request.args.get("login", None) try: user = sql.getUser(login) except sql.SQLError: flash("No such user", "danger") return redirect(url_for('admin')) if request.method == 'POST': ret = doPost(user) if ret: return ret user = sql.getUser(login) tasks = sorted(sql.getTasks(), key=(lambda x : (x.categorie, x.points, x.level))) medals = json.loads(user.medals) if user.medals is not None else None csrf_token = uuid.uuid4() session['csrf_token'] = csrf_token return render_template("main.html", view="admin_user.html", user=user, tasks=tasks, solved=sql.getSolved(user.login), medals=medals, csrf_token=csrf_token)
def login(): if request.method == 'POST': try: username = request.form.get("username", None) password = request.form.get("password", None) user = sql.getUser(username) if bcrypt.hashpw(str(password), str(user.password)) == user.password: session["login"] = user.login session["points"] = user.points session["admin"] = user.isadmin flash("Login successful", "success") return redirect(url_for('mainindex')) else: raise sql.SQLError except sql.SQLError: flash("Login Failure", "error") return render_template("main.html", view="login.html")
def admin_adduser(): if not "admin" in session or not session["admin"]: abort(404) login = request.args.get("login", None) or request.form.get("login", None) if not login: flash("Login is missing", "danger") return redirect(url_for('admin')) try: user = sql.getUser(login) return redirect(url_for("admin_user", login=login)) except sql.SQLError: pass if request.method == 'POST': if doPost(login): return redirect(url_for("admin_user", login=login)) csrf_token = uuid.uuid4() session['csrf_token'] = csrf_token return render_template("main.html", view="admin_adduser.html", user=login, csrf_token=csrf_token)