def delete(): if request.method == 'POST': password = request.form.get('del-password') passResults = fetchOneFromDB( "SELECT Pass FROM Customers WHERE Email = '{0}'".format( session['email'])) user = Customer(str(session['email'])) try: if check_password_hash(str(passResults[0]), password): session.pop('email', default=None) commitToDB("EXEC sp_DeleteCustomer @CustomerId = {0}".format( user.id)) flash('Account deleted successfully', category='success') return redirect(url_for('views.home')) else: flash('Invalid password', category='error') except: return redirect(url_for('auth.myaccount')) try: if session['email']: return render_template("delete.html") except: return render_template("login.html")
def customer_create(request): if request.method == 'POST': form = CreateCustomerForm(request.POST) if form.is_valid(): customer = Customer(login=form.cleaned_data['login'], password=form.cleaned_data['password']) customer.save() request.session['customer_id'] = customer.pk request.session['customer_name'] = customer.login messages.success(request, "Votre compte a bien été créé") return redirect("customer_account") return render(request, "customer_create.html", {'form': form, 'nav_id':'customer'}) else: form = CreateCustomerForm() return render(request, "customer_create.html", {'form': form, 'nav_id':'customer'})
def myaccount(): custId = fetchOneFromDB( "SELECT CustomerId FROM Customers WHERE Email = '{0}'".format( session['email'])) nOrders = fetchOneFromDB( "SELECT COUNT (*) FROM Orders WHERE CustomerId = {0}".format( int(custId[0])))[0] print(nOrders) if request.method == 'POST': updFirstName = request.form.get('upd-firstName') updLastName = request.form.get('upd-lastName') updAddrLine1 = request.form.get('upd-addrline1') updAddrLine2 = request.form.get('upd-addrline2') updCity = request.form.get('upd-city') updEircode = request.form.get('upd-eircode') updlist = [ updFirstName, updLastName, updAddrLine1, updAddrLine2, updCity, updEircode ] if updFirstName == '' or updLastName == '' or updAddrLine1 == '' or updAddrLine2 == '' or updCity == '' or updEircode == '': flash('All fields are required', category='error') else: commitToDB( "EXEC sp_UpdateCustomer @FirstName = \"{0}\", @LastName = \"{1}\", @AddrLine1 = \"{2}\", @AddrLine2 = \"{3}\", @City = \"{4}\", @Eircode = \"{5}\", @Email = '{6}'" .format(updFirstName, updLastName, updAddrLine1, updAddrLine2, updCity, updEircode, session['email'])) #commitToDB("EXEC sp_UpdateCustomer @FirstName = '{0}', @LastName = '{1}', @AddrLine1 = '{2}', @AddrLine2 = '{3}', @City = '{4}', @Eircode = '{5}', @Email = '{6}'".format(updFirstName,updLastName,updAddrLine1,updAddrLine2,updCity,updEircode,session['email'])) flash('Account info updated successfully', category='success') try: if session['email'] != None: return render_template("myaccount.html", user=Customer(str(session['email'])), orders=Order(str(session['email'])), nOrd=nOrders) except: flash('You must login to access this page', category="error") return redirect(url_for('auth.login'))
def register(request): """Handles the creation of a new user for authentication Method arguments: request -- The full HTTP request object """ # A boolean value for telling the template whether the registration was successful. # Set to False initially. Code changes value to True when registration succeeds. registered = False # Create a new user by invoking the `create_user` helper method # on Django's built-in User model if request.method == 'POST': user_form = UserForm(data=request.POST) if user_form.is_valid(): # Save the user's form data to the database. user = user_form.save() # Now we hash the password with the set_password method. # Once hashed, we can update the user object. user.set_password(user.password) user.save() #Saves customer once user created customer = Customer(user_id=user.id) customer.save() # Update our variable to tell the template registration was successful. registered = True return login_user(request) elif request.method == 'GET': user_form = UserForm() template_name = 'register.html' return render(request, template_name, {'user_form': user_form})
def test_fetch_Customer(self): result = Customer(self.email) self.assertEqual(result.id, 10)