def POST(self): db_session = DBSession() data = web.input() user = User() user.id = int(data['ID Number']) name = ' '.join([data['firstname'], data['middleinitial'], data['lastname']]) position_id = int(data['position']) user.name = name user.password = password_to_hash(user.id, data['Password'])) user.position = db_session.query(Position).filter_by(id = position_id).one() db_session.add(user) db_session.commit() if user.position in ['Counselor', 'Head Counselor']: db_session = DBSession() counselor = Counselor() counselor.id = user.id counselor.nickname = data['Nickname'] counselor.address = data['City Address'] counselor.telno = data['telephone'] counselor.celno = data['cellphone'] counselor.email = data['email'] db_session.add(counselor) db_session.commit() return render.message(user, ' '.join(['user', name, 'created!']))
def POST(self): data = web.input() try: name = int(data['username']) except ValueError: return render.login("Please enter a number as the username.") else: password_hash = password_to_hash(name, data['password']) db_session = DBSession() db_session.expire_on_commit = False user = db_session.query(User).join(User.position).options(joinedload(User.position)).\ options(joinedload('position.allowed_pages')).\ filter(User.id==name).filter(User.password==password_hash).first() if user: session.user = user raise web.seeother('/main') else: return render.login('Username or password is incorrect.')