def post(self):
"""
POST method for the /signup action.
Validates the inputs and redirects the user to the welcome page if
validations are ok.
If not, render the signup page, keeping the username and email values,
and show error messages.
"""
input_username = self.request.get("username")
input_password = self.request.get("password")
input_verify = self.request.get("verify")
input_email = self.request.get("email")
params = dict(username=input_username, email=input_email)
valid_username = verify_username(input_username)
valid_password = verify_password(input_password)
valid_email = verify_email(input_email)
match = verify_match(input_password, input_verify)
error = False
if not valid_username:
params["invalid_username"] = "******"
error = True
else:
if User.by_name(input_username):
params["invalid_username"] = "******"
error = True
if not valid_password:
params["invalid_password"] = "******"
error = True
if not match:
params["not_match"] = "Your password didn't match."
error = True
if not valid_email:
params["invalid_email"] = "That's not a valid email."
error = True
if error:
self.render("signup.html", **params)
else:
encrypted_password = utils.make_pw_hash(input_username,
input_password)
user = User(username=input_username,
pw_hash=encrypted_password,
email=input_email)
user.put()
self.set_secure_cookie("user_id", str(user.key().id()))
self.redirect("/welcome")
def post(self):
"""
POST method for the /login action.
Verifies the user's input, check if an user exists with the
credentials provided and redirects to the welcome page if yes,
stay in the same page and show errors if no.
"""
input_username = self.request.get("username")
input_password = self.request.get("password")
params = dict(username=input_username)
error = False
if not input_username:
params["invalid_username"] = "******"
error = True
if not input_password:
params["invalid_password"] = "******"
error = True
if error:
self.render("login.html", **params)
return
user = User.by_name(input_username)
if user:
if utils.check_valid_pw(user.username, input_password,
user.pw_hash):
self.login(user)
self.redirect("/welcome")
return
else:
params["invalid_username"] = "******"
self.render("login.html", **params)
return
else:
params["invalid_username"] = "******"
self.render("login.html", **params)
