def password_user(): update_password_form = UpdatePasswordForm() if request.method == 'POST' and update_password_form.validate_on_submit(): user = UserInfo.query.filter_by(id=current_user.id).first() current_password = update_password_form.current_password.data if user.password == get_md5(current_password): user.password = get_md5(update_password_form.password.data) db.session.commit() flash(u'密码修改成功。') else: flash(u'当前密码输入错误。') return render_template('admin/me_passwd.html', form=update_password_form, user=current_user)
def add_user(): add_user_form = AddUserForm() if request.method == 'POST' and add_user_form.validate: user = UserInfo() add_user_form.populate_obj(user) user.password = get_md5(add_user_form.password.data) db.session.add(user) db.session.commit() grade = GradeInfo() grade.user_id = user.id db.session.add(grade) db.session.commit() flash(u'会员 %s 添加成功!' % user.username) return render_template('admin/member_add.html', form=add_user_form)
def login(): user_login_form = UserLoginForm() if request.method == "POST": if user_login_form.validate: username = user_login_form.username.data password = user_login_form.password.data remember = user_login_form.remember_me.data current_login_user = UserInfo.query.filter_by(username=username, status=1).first() if current_login_user: if get_md5(password) == current_login_user.password: login_user(current_login_user, remember=remember) return render_template('vip/index.html') else: flash(u'密码不匹配。') else: flash(u'用户名不存在。') return render_template('vip/login.html', form=user_login_form)
def default(): """默认页""" list_star = StarInfo.query.order_by('star_order desc').limit(4).all() user_login_form = UserLoginForm() if request.method == "POST": # if user_login_form.validate: username = user_login_form.username.data password = user_login_form.password.data remember = user_login_form.remember_me.data current_login_user = UserInfo.query.filter_by(username=username, status=1).first() if current_login_user: if get_md5(password) == current_login_user.password: login_user(current_login_user, remember=remember) # return render_template('admin/default.html') return render_template('admin/index.html') else: flash(u'密码不匹配。') else: flash(u'用户名不存在。') return render_template('web/home.html', star_list=list_star, form=user_login_form, flag="default")
def validate_current_password(self, field): if get_md5(field.data) != current_user.password: raise ValidationError(u'当前密码与用户不匹配,请重新输入。')