def create_user(request):
email = request.POST['email']
password = request.POST['password']
repassword = request.POST['repassword']
first_name = request.POST['first_name']
last_name = request.POST['last_name']
mobile = request.POST['mobile']
address = request.POST['address']
country = request.POST['country']
currency = request.POST['currency']
virtual_currency = request.POST['virtual_currency']
error_messages = []
error_messages.extend(UserHelper.validate_email(email))
error_messages.extend(UserHelper.validate_password(password, repassword))
error_messages.extend(UserHelper.validate_first_name(first_name))
error_messages.extend(UserHelper.validate_last_name(last_name))
error_messages.extend(UserHelper.validate_mobile(mobile))
error_messages.extend(UserHelper.validate_address(address))
error_messages.extend(UserHelper.validate_country(country))
error_messages.extend(UserHelper.validate_currency(currency))
error_messages.extend(UserHelper.validate_amount(virtual_currency))
if error_messages:
return error_messages
cursor = connection.cursor()
user = cursor.execute("SELECT id FROM user_credential where email =" +
"'" + email + "'")
# check whether email exists
if not user:
# create user credentials
insert = UserCredential(email=email,
password=Helper.password_encrypt(password))
insert.save()
# get newly created user id
user_id = UserCredential.objects.filter(email=email)
user_id = user_id.get().id
# save user general details
new_user = UserById(id=user_id,
email=email,
address=address,
country=country,
currency=currency,
fname=first_name,
lname=last_name,
mobile=mobile,
vcurrency=virtual_currency,
created_date=datetime.now())
new_user.save()
Helper.store_state_value(user_id, StatKeys.BALANCE.value,
virtual_currency, 'subtract')
def validate_current_password(password, email):
if not password:
return ["Current password cannot be empty"]
password = Helper.password_encrypt(password)
q = f"SELECT * FROM user_credential WHERE email = '{email}'"
cursor = connection.cursor()
result = cursor.execute(q)
if result[0]['password'] != password:
return ["Current password is invalid please reenter"]
return []
def login(request):
data = {}
ac = Authentication(request)
# if user is logged in redirect to account page
if ac.is_user_logged_in():
return redirect('/account')
if request.method == "POST":
email = request.POST['email']
password = request.POST['password']
error_messages = validate_login_inputs(email, password)
if not error_messages:
# encrypt user enter password in the login page to check with db password
password_encrypted = Helper.password_encrypt(password)
cursor = connection.cursor()
# check whether user exists in the DB
user = cursor.execute(
"SELECT * FROM user_credential where email =" + "'" + email +
"' ")
if user and user[0]['password'] == Helper.password_encrypt(
password):
# get loged user details
q = f"SELECT * FROM user_by_id where id = {user[0]['id']}"
user = cursor.execute(q)
# create user session and store user id
ac.save_user_session(str(user[0]['id']))
return redirect('/account')
error_messages.append("Invalid email or password")
data["error_messages"] = error_messages
return render(request, 'login.html', data)
def update_password(request, user_id):
crrpassword = request.POST['crrpassword']
password = request.POST['password']
repassword = request.POST['repassword']
error_message = []
user_data = Helper.get_user_by_id(user_id)
error_message.extend(
validate_current_password(crrpassword, user_data['email']))
error_message.extend(validate_new_password(password, repassword))
if error_message:
return error_message
new_pass = Helper.password_encrypt(password)
q = UserCredential(email=user_data['email'], password=new_pass)
q.update()