def add():
error = None
if request.method == 'POST':
uname = request.form.get("name")
password = request.form.get("password")
confirm = request.form.get("confirm")
mail = request.form.get("mail")
group = request.form.get("group")
user = User(current_app)
userdata = user.check(uname)
if not uname or not mail or not password:
return render_template("user/add.html", error=u"请填写所有选项")
if password != confirm:
return render_template("user/add.html", error=u"两次密码不匹配")
if len(userdata) == 0:
if password:
#valide
salt = createSalt()
password = md5(md5(password).hexdigest() + salt).hexdigest()
uid = user.add(username=uname, passwd=password, email=mail, permissions=group, salt=salt, createtime=int(time.time()))
if uid > 0:
return redirect(url_for('users.index'))
else:
error = u"添加失败"
else:
error = u"密码不能为空"
else:
error = u"用户已经存在"
return render_template("user/add.html", error=error)
def login():
error = None
if request.method == 'POST':
user = User(current_app)
username = request.form['name']
password = request.form['password']
userdata = user.check(username)
if len(userdata) > 0:
userdata = userdata[0]
salt = userdata["salt"]
password = md5(md5(password).hexdigest() + salt).hexdigest()
if userdata["passwd"] == password:
session['uid'] = userdata["uid"]
session['username'] = userdata["username"]
user.edit(uid=userdata["uid"], lastlogintime=int(time.time()))
return redirect(url_for('home.index'))
else:
error = u'用户名或者密码错误'
else:
error = u'没有找到此用户'
error = (request.args.get("error") is not None) and request.args.get("error") or error
return render_template('login.html', error=error)