def check_registration(request):
"""
Takes a POST request object and determines if all the fields are valid
so that the user can register.
:returns 1 if all the fields are valid, -2 if username exists and -1 if fields are not valid.
If returned 1 this function also adds the user to the database.
"""
username = str(request.POST['username'])
firstname = str(request.POST['firstname'])
lastname = str(request.POST['lastname'])
email = str(request.POST['email'])
password = str(request.POST['password'])
# using argon2 hashing for password
password = ph().hash(password)
address1 = str(request.POST['address1'])
address2 = str(request.POST['address2'])
city = str(request.POST['city'])
country = str(request.POST['country'])
phone = str(request.POST['phone'])
# check if the lens are valid
if len(username) > 512 or len(firstname) > 512 or len(
lastname) > 512 or len(email) > 128:
return -1
if len(password) > 512 or len(address1) > 512 or len(
address2) > 512 or len(city) > 128:
return -1
if len(country) > 128 or len(phone) > 30:
return -1
# check if this username already exists
result = conn.cursor()
result.execute(
"SELECT USER_NAME FROM ROKOMARIADMIN.CUSTOMER WHERE USER_NAME= :mybv",
mybv=username)
cnt = result.fetchone()
if cnt is not None:
# print("Already ache")
return -2
# get the maximum id till now
result.execute("SELECT MAX(USER_ID) FROM ROKOMARIADMIN.CUSTOMER")
# add 1 to the
new_id = 1
try:
new_id = result.fetchone()[0] + 1
except:
pass
result.execute(
"INSERT INTO ROKOMARIADMIN.CUSTOMER (USER_ID,USER_NAME,FIRST_NAME,LAST_NAME,EMAIL,PASSWORD) VALUES(:p,:q,:r,:s,:t,:u)",
[new_id, username, firstname, lastname, email, password])
result.execute(
"INSERT INTO ROKOMARIADMIN.ADDRESS_DETAIL (USER_ID,ADDRESS_1,ADDRESS_2,CITY,COUNTRY,PHONE) VALUES(:p,:q,:r,:s,:t,:u)",
[new_id, address1, address2, city, country, phone])
# committing to database
conn.commit()
return 1
def check_login(request):
"""
Takes a POST request object and determines if the user can login
:returns user_id if the user can login, -1 otherwise
"""
username = str(request.POST['username'])
password = str(request.POST['password'])
result = conn.cursor()
result.execute(
"SELECT USER_ID, USER_NAME,PASSWORD FROM ROKOMARIADMIN.CUSTOMER WHERE USER_NAME= :mybv",
mybv=username)
cnt = result.fetchone()
# username pai ni
if cnt is None:
return -1
try:
ph().verify(cnt[2], password)
return cnt[0]
except:
return -1
def verify_password(self, hash, password):
try:
return ph().verify(hash, password)
except:
return False
def hash_password(self, password):
return ph().hash(password)