def POST(self):
db_session = DBSession()
data = web.input()
user = User()
user.id = int(data['ID Number'])
name = ' '.join([data['firstname'], data['middleinitial'], data['lastname']])
position_id = int(data['position'])
user.name = name
user.password = password_to_hash(user.id, data['Password']))
user.position = db_session.query(Position).filter_by(id = position_id).one()
db_session.add(user)
db_session.commit()
if user.position in ['Counselor', 'Head Counselor']:
db_session = DBSession()
counselor = Counselor()
counselor.id = user.id
counselor.nickname = data['Nickname']
counselor.address = data['City Address']
counselor.telno = data['telephone']
counselor.celno = data['cellphone']
counselor.email = data['email']
db_session.add(counselor)
db_session.commit()
return render.message(user, ' '.join(['user', name, 'created!']))
def POST(self):
data = web.input()
try:
name = int(data['username'])
except ValueError:
return render.login("Please enter a number as the username.")
else:
password_hash = password_to_hash(name, data['password'])
db_session = DBSession()
db_session.expire_on_commit = False
user = db_session.query(User).join(User.position).options(joinedload(User.position)).\
options(joinedload('position.allowed_pages')).\
filter(User.id==name).filter(User.password==password_hash).first()
if user:
session.user = user
raise web.seeother('/main')
else:
return render.login('Username or password is incorrect.')
