def authenticate(self):
form_username = str(request.params.get('username'))
form_password = str(request.params.get('password'))
# Get user data from database
user = Session.query(User).filter(User.name==form_username).first()
if user is None: # User does not exist
return render('/login.mako')
# Wrong password? (MD5 hashes used here)
#if user.password != md5.md5(form_password).hexdigest():
if user.password != form_password:
return "Bad authentication." #render('login.mako')
# Mark user as logged in
session['user'] = form_username
session.save()
if user.name == "admin":
return redirect(url(controller='admin/menu', action='index'))
else:
return redirect(url.current(action='index'))
"""
def get_today_order(self):
o = Session.query(Order).filter(Order.date==datetime.date.today()).first()
if o != None:
c.details = Session.query(OrderDetail).filter(OrderDetail.order_id==o.id)
else:
c.details = None
return render("/today_order.mako")
def index(self):
if 'c' in request.params:
c.category_id = int(request.params['c'])
else:
c.category_id = 1
c.categories = Session.query(Category)
c.authenticated = ('user' in session)
return render("/menu.mako")
def login(self):
return render('/login.mako')
def sign_up(self):
return render('/signup.mako')
def index(self):
return render('/home.mako')
def edit(self):
id = request.params['user_id']
c.user = Session.query(User).filter(User.id==id).first()
return render('/admin/edit_user.mako')
def new(self):
"""GET /banners/new: Form to create a new item"""
# url('new_banner')
return render('/admin/new_user.mako')
def index(self):
users = Session.query(User)
c.users = users
return render("/admin/users.mako")