def register(): """Register user""" # If GET render register template if request.method == "GET": return render_template("register.html") else: # Check if username exist us_name = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username")) if len(us_name) > 0: return apology("Username already exists", 403) elif not password_check(request.form.get("password")): # Password function check return apology("check your password", 403) # Insert new user in table register_user = db.execute( "INSERT INTO users (username,hash) VALUES(:username,:hash)", username=request.form.get("username"), hash=generate_password_hash(request.form.get("password"))) # Login that user new_user = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username")) session["user_id"] = new_user[0]["id"] return redirect("/")
def register(): #Register users #return apology("TODO") if request.method == "GET": return render_template("register.html") else: us_name = db.execute( "SELECT * FROM dim_users WHERE username = :username", username=request.form.get("username")) if len(us_name) > 0: return apology("Username already exists", 403) elif not password_check(request.form.get("password")): return apology("check your password", 403) alias_name = db.execute("SELECT * FROM dim_users WHERE alias = :alias", alias=request.form.get("alias")) if len(alias_name) > 0: return apology("Alias already exists", 403) register_user = db.execute( "INSERT INTO dim_users (username,hash) VALUES(:username,:hash)", username=request.form.get("username"), hash=generate_password_hash(request.form.get("password"))) new_user = db.execute( "SELECT * FROM dim_users WHERE username = :username", username=request.form.get("username")) session["user_id"] = new_user[0]["id"] return redirect("/")
def register(): """Register user""" if request.method == "POST": username = request.form.get("username") password = request.form.get("password") confirmation = request.form.get("confirmation") passwd = password # check username was submitted if not username: return apology("must provide username", 400) # check password was submitted elif not password: return apology("must provide password", 400) # check confirmation password was submitted elif not request.form.get("confirmation"): return apology("re-type ur password", 400) # check Password match with Confirmation elif not request.form.get("password") == request.form.get( "confirmation"): return apology("passwords are not the same", 400) elif (password_check(passwd)): return apology( "have at least one number,upper,lower,special symbol,and min 6 long", 400) #check exist username exist = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username")) if exist: return apology("username already exist!", 400) else: pass # insert to database result = db.execute( "INSERT INTO users (username, hash) VALUES (:username, :hash)", username=request.form.get("username"), hash=generate_password_hash(request.form.get("password"))) #session session["user_id"] = result # redirect main root return redirect("/") else: return render_template("register.html")
def register(): """Register user""" # User reached route via POST (as by submitting a form via POST) if request.method == "POST": # Ensure username was submitted if not request.form.get("username"): return apology("must provide username", 400) # Ensure password was submitted elif not request.form.get("password"): return apology("must provide password", 400) # Ensure password confirmation was submitted elif not request.form.get("confirmation"): return apology("must provide password confirmation", 400) # Ensure password and confirmation match elif request.form.get("confirmation") != request.form.get("password"): return apology("password and confirmation must match", 400) # Check password quality elif password_check(request.form.get("password")) == False: return apology("password is too weak", 400) # generate hash for entered password passwordHash = generate_password_hash(request.form.get("password")) # try to add user to db result = db.execute( "INSERT INTO users (username, hash) VALUES (:username, :passwordHash)", username=request.form.get("username"), passwordHash=passwordHash) # check status of user insertion if not result: return apology("User already exist") # Query database for id rows = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username")) # Remember which user has logged in session["user_id"] = rows[0]["id"] # Redirect user to home page return redirect("/") # User reached route via GET (as by clicking a link or via redirect) else: return render_template("register.html")
def changePassword(): # User reached route via POST (as by submitting a form via POST) if request.method == "POST": # validate input fields if not request.form.get("old_password"): return apology("old password missing", 400) elif not request.form.get("new_password"): return apology("new password missing", 400) elif not request.form.get("confirmation"): return apology("confirmation missing", 400) else: # Query database for current password rows = db.execute("SELECT * FROM users WHERE id = :userid", userid=session["user_id"]) # validate password for correctnew if not check_password_hash(rows[0]["hash"], request.form.get("old_password")): return apology("old password not match", 403) elif request.form.get("new_password") != request.form.get( "confirmation"): return apology("new password and comfirmation must match", 403) elif request.form.get("new_password") == request.form.get( "old_password"): return apology("new password same as old", 403) elif password_check(request.form.get("new_password")) == False: return apology("new password too weak") else: # update password in database passwordHash = generate_password_hash( request.form.get("new_password")) result = db.execute( "UPDATE users SET hash = :passwordHash WHERE id = :userid", passwordHash=passwordHash, userid=session["user_id"]) flash("Password changed!") return redirect("/") else: return render_template("change_password.html")
def signup(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] confirm_password = request.form['confirm_password'] password_error = password_check(password) confirm_password_error = confirm_password_check(confirm_password, password) user_name_error = user_name_check(username) errors = [user_name_error, confirm_password_error, password_error] for error in errors: if error != "": return render_template('signup.html',user_name_error = user_name_error, confirm_password_error = confirm_password_error, password_error = password_error, username = session.get('username', '')) existing_user = User.query.filter_by( username = username).first() if not existing_user: new_user = User(username,password) db.session.add(new_user) db.session.commit() return redirect('/newpost') else: user_name_error = 'Unable to create your account, that username is already in use!' return render_template('signup.html', user_name_error = user_name_error, username = session.get('username', '')) return render_template('signup.html', username = session.get('username', ''))
def register(): """Register user""" # Forget any user_id session.clear() # User reached route via POST (as by submitting a form via POST) if request.method == "POST": # Ensure full name was submitted if not request.form.get("fullname"): return apology("must provide full name", 400) # Ensure username was submitted elif not request.form.get("username"): return apology("must provide username", 400) # Ensure password was submitted elif not request.form.get("password"): return apology("must provide password", 400) # Ensure password confirmation was submitted elif not request.form.get("confirmation"): return apology("must confirm password", 400) # Ensure type was submitted elif not request.form.get("account_type"): return apology("must provide type", 400) # Check if password and the password confirmation are the same elif request.form.get("password") != request.form.get("confirmation"): return apology("Passwords don't match", 400) # Check if password meets requirements elif not password_check(request.form.get("password")): return apology("Password must contain at least 8 characters, one number, and one capital letter", 400) # Hash and encrypt password hash = generate_password_hash(request.form.get("password")) # Add everything to database result = db.execute("INSERT INTO users (fullname, username, account_type, hash) VALUES(:fullname, :username, :account_type, :hash)", fullname = request.form.get("fullname"),username=request.form.get("username"),account_type=request.form.get("account_type"), hash=hash) # Check if username already exists if not result: return apology("Username already exists", 400) # Log in user automatically session["user_id"] = result # Redirect user to home page if request.form.get("account_type") == "Instructor": classes = db.execute("SELECT * FROM classes WHERE instructor_id = :userid", userid=session["user_id"]) return render_template("i_home.html", classes=classes) else: classes = db.execute("SELECT * FROM registrations WHERE student_id = :userid", userid=session["user_id"]) return render_template("s_home.html", classes=classes) # User reached route via GET (as by clicking a link or via redirect) else: return render_template("register.html")