Example #1
0
File: login.py Project: hit9/zhiz
def do_login():
    if request.method == 'POST':
        passwd = request.form['passwd']

        if passwd:
            hashed_passwd = md5(passwd).hexdigest()  # md5(passwd)
            hashed_passwd_from_db = Admin.getone().passwd

            if hashed_passwd == hashed_passwd_from_db:
                session[SESSION_KEY] = 1
                flashx.success('Logged in successfully')
                return redirect(url_for('admin'))
            else:
                flashx.error('Incorrect password')
        else:
            flashx.warning('Empty input')
    return redirect(url_for('login'))
Example #2
0
def update_password():
    password_now = request.form['password_now']
    password_new = request.form['password_new']
    password_new_repeat = request.form['password_new_repeat']

    if password_now and password_new and password_new_repeat:
        if password_new_repeat != password_new:
            flashx.warning('The two new passwords do not match')
        else:
            admin = Admin.getone()

            hashed_passwd_now = md5(password_now).hexdigest()

            if hashed_passwd_now != admin.passwd:
                flashx.warning('Incorrect password')
            else:
                admin.passwd = md5(password_new).hexdigest()
                admin.save()
                flashx.success('Save password successfully, please login again')
                return redirect(url_for('logout'))
    else:
        flashx.warning('Empty input!')
    return redirect(url_for('password'))