def post(self): """ POST method for the /signup action. Validates the inputs and redirects the user to the welcome page if validations are ok. If not, render the signup page, keeping the username and email values, and show error messages. """ input_username = self.request.get("username") input_password = self.request.get("password") input_verify = self.request.get("verify") input_email = self.request.get("email") params = dict(username=input_username, email=input_email) valid_username = verify_username(input_username) valid_password = verify_password(input_password) valid_email = verify_email(input_email) match = verify_match(input_password, input_verify) error = False if not valid_username: params["invalid_username"] = "******" error = True else: if User.by_name(input_username): params["invalid_username"] = "******" error = True if not valid_password: params["invalid_password"] = "******" error = True if not match: params["not_match"] = "Your password didn't match." error = True if not valid_email: params["invalid_email"] = "That's not a valid email." error = True if error: self.render("signup.html", **params) else: encrypted_password = utils.make_pw_hash(input_username, input_password) user = User(username=input_username, pw_hash=encrypted_password, email=input_email) user.put() self.set_secure_cookie("user_id", str(user.key().id())) self.redirect("/welcome")
def post(self): """ POST method for the /login action. Verifies the user's input, check if an user exists with the credentials provided and redirects to the welcome page if yes, stay in the same page and show errors if no. """ input_username = self.request.get("username") input_password = self.request.get("password") params = dict(username=input_username) error = False if not input_username: params["invalid_username"] = "******" error = True if not input_password: params["invalid_password"] = "******" error = True if error: self.render("login.html", **params) return user = User.by_name(input_username) if user: if utils.check_valid_pw(user.username, input_password, user.pw_hash): self.login(user) self.redirect("/welcome") return else: params["invalid_username"] = "******" self.render("login.html", **params) return else: params["invalid_username"] = "******" self.render("login.html", **params)