def login_post(): if current_user.is_authenticated: return redirect(url_for('home.index')) email = request.form.get('email') password = request.form.get('password') remember = True if request.form.get('remember') else False user = User.query.filter_by(email=email).first() if (not user and User.isSuperAdmin(email)): user = User.getSuperAdmin() if not user or not check_password_hash(user.password, password): flash('Please check your login details and try again.') return redirect(url_for('auth.login')) login_user(user, remember=remember) return redirect(url_for('home.index'))
def user_save(): form_user=User() form_user.id = request.form.get('id') form_user.first_name = request.form.get('first_name') form_user.last_name = request.form.get('last_name') form_user.email = request.form.get('email') form_user.is_admin = request.form.get('is_admin') exist_user = User.query.filter_by(email=form_user.email).first() if(User.isSuperAdmin(form_user.email)): flash('Email address already exists') return redirect(url_for('user.user_edit',id=form_user.id)) if(form_user.id is not None and form_user.id>0): user= User.query.get_or_404(form_user.id) if(exist_user and exist_user.id!=form_user.id): flash('Email address already exists') return redirect(url_for('user.user_edit',id=form_user.id)) user.first_name=form_user.first_name user.last_name=form_user.last_name user.email=form_user.email db.session.add(user) db.session.commit() else: if(exist_user): flash('Email address already exists') return redirect(url_for('auth.user_add')) password = request.form.get('password') confirm_password = request.form.get('confirm_password') if(password != confirm_password): flash('Password and confirm password are not same') return redirect(url_for('user.user_add')) form_user.password=generate_password_hash(password, method='sha256') db.session.add(form_user) db.session.commit() return redirect(url_for('user.user_edit',id=form_user.id))