def adminRegister():
# code must be matched to register
adminCode = "100"
if request.method == "POST":
# Form validation
if request.form.get("adminCode") != adminCode:
msg = "You didn't enter an admin code."
return render_template("error.html", msg=msg)
elif not request.form.get("email"):
msg = "You didn't enter an email."
return render_template("error.html", msg=msg)
elif not request.form.get("password"):
msg = "You didn't enter a password."
return render_template("error.html", msg=msg)
elif not request.form.get("confirmPassword"):
msg = "You didn't confirm your password."
return render_template("error.html", msg=msg)
elif not passwordValid(request.form.get("password")):
msg = "Password must contain at least 1 letter,1 number, and be at least 8 characters long."
return render_template("error.html", msg=msg)
elif request.form.get("password") != request.form.get(
"confirmPassword"):
msg = "Passwords did not match."
return render_template("error.html", msg=msg)
elif request.form.get("adminCode") != adminCode:
msg = "Invalid admin code."
return render_template("error.html", msg=msg)
# Query database for username
rows = db.execute(adminLogin, email=request.form.get("email"))
# Ensure username doesn't exist, add to database if it doesn't
if len(rows) > 0:
msg = "That email is already in use."
return render_template("error.html", msg=msg)
else:
email = request.form.get("email").lower()
pwdHash = generate_password_hash(request.form.get("password"),
method='pbkdf2:sha1',
salt_length=8)
db.execute(newAdmin, email=email, pwdHash=pwdHash)
msg = "Congrats! You are now registered as an admin! You may now log in."
return render_template("admin-login.html")
# User reached route via GET (as by clicking a link or via redirect)
else:
return render_template("admin-register.html")
def myProfile():
if 'admin' in session.keys():
return redirect("/admin")\
if request.method == "POST":
if request.form.get("editType") == "info":
if not request.form.get("fName"):
msg = "You didn't enter a first name."
return render_template("error.html", msg=msg)
elif not request.form.get("lName"):
msg = "You didn't enter a last name."
return render_template("error.html", msg=msg)
elif not request.form.get("email"):
msg = "You didn't enter an email."
return render_template("error.html", msg=msg)
else:
db.execute(editProfileInfo,
fName=request.form.get("fName"),
lName=request.form.get("lName"),
email=request.form.get("email"),
userID=session["user_id"])
msg = "Profile succesfully updated."
return render_template("confirmation.html", msg=msg)
elif request.form.get("editType") == "pass":
if not request.form.get("oldPassword"):
msg = "You didn't enter your old password."
return render_template("error.html", msg=msg)
elif not request.form.get("newPassword"):
msg = "You didn't enter a new password."
return render_template("error.html", msg=msg)
elif not request.form.get("confirmPassword"):
msg = "You didn't confirm your password."
return render_template("error.html", msg=msg)
elif not passwordValid(request.form.get("newPassword")):
msg = "Password must contain at least 1 letter,1 number, and be at least 8 characters long."
return render_template("error.html", msg=msg)
elif request.form.get("newPassword") != request.form.get(
"confirmPassword"):
msg = "Passwords didn't match!"
return render_template("error.html", msg=msg)
else:
pwdHash = generate_password_hash(
request.form.get("newPassword"),
method='pbkdf2:sha1',
salt_length=8)
db.execute(editPassword,
pwdHash=pwdHash,
userID=session["user_id"])
msg = "Password updated."
return render_template("confirmation.html", msg=msg)
else:
return redirect("/myProfile")
else:
user = db.execute(userQry, userID=session["user_id"])
return render_template("editProfile.html", user=user[0])
def register():
if 'admin' in session.keys():
return redirect("/admin")
"""Register user"""
if request.method == "POST":
# Form validation
if not request.form.get("email"):
msg = "You didn't enter an email."
return render_template("error.html", msg=msg)
elif not request.form.get("password"):
msg = "You didn't enter a password."
return render_template("error.html", msg=msg)
elif not request.form.get("confirmPassword"):
msg = "You didn't confirm your password."
return render_template("error.html", msg=msg)
elif not passwordValid(request.form.get("password")):
msg = "Password must contain at least 1 letter,1 number, and be at least 8 characters long."
return render_template("error.html", msg=msg)
elif request.form.get("password") != request.form.get(
"confirmPassword"):
msg = "Passwords did not match."
return render_template("error.html", msg=msg)
elif not request.form.get("fName"):
msg = "You didn't enter a first name."
return render_template("error.html", msg=msg)
elif not request.form.get("lName"):
msg = "You didn't enter a last name."
return render_template("error.html", msg=msg)
# Query database for username
rows = db.execute(userLogin, email=request.form.get("email"))
# Ensure username doesn't exist, add to database if it doesn't
if len(rows) > 0:
msg = "That email is already in use."
return render_template("error.html", msg=msg)
else:
email = request.form.get("email").lower()
pwdHash = generate_password_hash(request.form.get("password"),
method='pbkdf2:sha1',
salt_length=8)
fName = request.form.get("fName")
lName = request.form.get("lName")
zipCode = request.form.get("zipCode")
pic = request.form.get("pic")
db.execute(newUser,
email=email,
pwdHash=pwdHash,
fName=fName,
lName=lName,
zipCode=zipCode,
pic=pic)
# Redirect user to log in page
msg = "Congrats! You are now registered! You may now log in."
return render_template("login.html", msg=msg)
# User reached route via GET (as by clicking a link or via redirect)
else:
return render_template("registration.html")