def login(): error = None try: if flask.request.method == 'POST': user_name = str(flask.request.form[Cfg.username_field]) password = str(flask.request.form[Cfg.password_field]) dl = DataLayer() user_id = dl.validate_user(user_name, password) # DB will return negative number codes if user credentials are invalid if user_id == Cfg.invalid_password: error = 'Invalid password' return flask.render_template('login.html', error = error) elif user_id == Cfg.no_user_exists: error = 'No user record exists for {!s}. Would you like to register?'.format(user_name) return flask.render_template('login.html', error = error) else: # User is valid; DB returned a real User ID flask.session[Cfg.logged_in] = True flask.session[Cfg.current_user_name] = user_name user_id = int(user_id) flask.session[Cfg.current_user_id] = user_id flask.flash('You were logged in') # User hasn't requested a specific page; redirect them to site index if not flask.session.get(Cfg.requested_page_id): low_page_id = dl.get_lowest_page_id() flask.session[Cfg.requested_page_id] = low_page_id app.logger.info('lowest page id: {!s}'.format(low_page_id)) session_id = dl.start_user_session(user_id, low_page_id) flask.session[Cfg.current_session_id] = session_id app.logger.info('user_id: {!s}, requested_page_id: {!s}, session_id: {!s}'\ .format(user_id, low_page_id, session_id)) return flask.redirect(flask.url_for('index')) # Take the user where they want to go else: requested_page_id = int(flask.session[Cfg.requested_page_id]) session_id = dl.start_user_session(user_id, requested_page_id) flask.session[Cfg.current_session_id] = session_id app.logger.info('user_id: {!s}, requested_page_id {!s}'.format(user_id, requested_page_id)) return dl.get_requested_page(requested_page_id) else: return flask.render_template('login.html') except Exception: stat_code = 500 ld = Cfg().log_detail.format(flask.request.url, flask.request.method, stat_code) app.logger.exception(ld) return flask.render_template('login.html', error = error)
def register_user(): try: if flask.request.method == 'POST': user_name = str(flask.request.form[Cfg.username_field]) password = str(flask.request.form[Cfg.password_field]) dl = DataLayer() user_id = dl.create_user(user_name, password) # DB will return an error code if the user name is not available, # otherwise, record the new session ID and route user to site index #! TODO: there's a bug here -- index may not necessarily be the page with the lowest ID !# if not user_id == Cfg.user_already_exists: low_page_id = dl.get_lowest_page_id() flask.session[Cfg.requested_page_id] = low_page_id app.logger.info('lowest page id: {!s}'.format(low_page_id)) session_id = dl.start_user_session(user_id, low_page_id) flask.session[Cfg.current_session_id] = session_id flask.session[Cfg.current_user_name] = user_name flask.session[Cfg.current_user_id] = user_id flask.session[Cfg.logged_in] = True app.logger.info('user_id: {!s}, requested_page_id: {!s}, session_id: {!s}'\ .format(user_id, low_page_id, session_id)) return flask.redirect(flask.url_for('index')) else: return flask.render_template('register.html', error = 'A user with the name "{!s}" already exists. Please choose \ another username and try again.'.format(user_name)) else: return flask.render_template('register.html') except Exception: stat_code = 500 ld = Cfg().log_detail.format(flask.request.url, flask.request.method, stat_code) app.logger.exception(ld)