Example #1
0
def add():
    error = None
    if request.method == 'POST':
    	uname = request.form.get("name")
        password = request.form.get("password")
        confirm = request.form.get("confirm")
        mail = request.form.get("mail")
        group = request.form.get("group")
        user = User(current_app)
        userdata = user.check(uname)
        if not uname or not mail or not password:
            return render_template("user/add.html", error=u"请填写所有选项")
        if password != confirm:
            return render_template("user/add.html", error=u"两次密码不匹配")
        if len(userdata) == 0:
            if password:
                #valide
                salt = createSalt()
                password = md5(md5(password).hexdigest() + salt).hexdigest()
                uid = user.add(username=uname, passwd=password, email=mail, permissions=group, salt=salt, createtime=int(time.time()))
                if uid > 0:
                    return redirect(url_for('users.index'))
                else:
                    error = u"添加失败"
            else:
                error = u"密码不能为空"
        else:
            error = u"用户已经存在"
    return render_template("user/add.html", error=error)
Example #2
0
def login():
    error = None
    if request.method == 'POST':
        user = User(current_app)
        username = request.form['name']
        password = request.form['password']
        userdata = user.check(username)
        if len(userdata) > 0:
            userdata = userdata[0]
            salt = userdata["salt"]
            password = md5(md5(password).hexdigest() + salt).hexdigest()
            if userdata["passwd"] == password:
                session['uid'] = userdata["uid"]
                session['username'] = userdata["username"]
                user.edit(uid=userdata["uid"], lastlogintime=int(time.time()))
                return redirect(url_for('home.index'))
            else:
                error = u'用户名或者密码错误'
        else:
            error = u'没有找到此用户'
    error = (request.args.get("error") is not None) and request.args.get("error") or error
    return render_template('login.html', error=error)