Example #1
0
def login():
    # Check if user already logged in
    if ('username' in session):
        return redirect('/')
    # Check if post method selected therfore need to login the user
    if request.method == "POST":
        # Connect to database and check if user exists
        con = sqlite3.connect(current_app.config['DB_NAME'])
        sqlQuryLogin = "******"
        sqlRes = con.execute(sqlQuryLogin, (request.form["username"], ))
        record = sqlRes.fetchone()

        # Check if user exists
        if (record != None):

            # Create user object for current selected username
            usrLogin = User(record[0],
                            record[1],
                            record[2],
                            decryptPassword(record[3]),
                            record[4],
                            record[5],
                            record[6],
                            record[8],
                            email=record[9])

            # Check if password is correct and user is not banned
            if (usrLogin.validatePassword(request.form["password"])):
                # Check if user banned
                if (not usrLogin.getIsBanned()):
                    # Check if the user is admin or not
                    if (record[7] == 1):
                        session['admin'] = True

                    # Save user name in session
                    session['username'] = usrLogin.getUsername()
                    massage = "Logged in successfuly!"

                    return redirect('/')
                # The user banned
                else:
                    massage = "Your user is banned!"
            # The password is incorrect
            else:
                massage = "Wrong password entered!"
        else:
            massage = "Wrong username entered!"

        # Close the connection to DB
        con.close()

        return render_template('login.html', massage=massage)
    # Get method mean open the page
    else:
        return render_template('login.html',
                               massage="Please fill the login form!")
Example #2
0
 def test_banned_user(self):
     username = "******"
     password = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1, 1)
     assert (usr.getIsBanned() == 1)
Example #3
0
    def test_ban_user(self):
        username = "******"
        usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1, 1)

        assert usr.getIsBanned() == 1
Example #4
0
 def test_show_approved_files(self):
     username = "******"
     password = "******"
     usr = User(username, "aaa", "aaa", "Aa123456!", 1, 1, 1, 1)
     assert (usr.getIsBanned() == 1)