Esempio n. 1
0
def signin():

    auth_cookie = request.cookies.get(app.cfg['auth_cookie_name'])
    if (login.check_login(auth_cookie)):
        return redirect("/")

    #
    # try and sign in
    #

    if request.method == 'POST':

        email = request.form['email']
        password = request.form['password']

        #
        # required fields?
        #

        if ((not len(email)) or (not len(password))):
            error = {"error_missing":1}
            return render_template("page_signin.html", error=error)

        #
        # user exists
        #

        ## get the user by email address
        user = users.get_user_by_email(email)

        if (not user):
            error = {"error_nouser":1}
            return render_template("page_signin.html", error=error)

        #
        # user deleted
        #

        if (user['deleted']):
            error = {"error_deleted":1}
            return render_template("page_signin.html", error=error)

        #
        # password matches
        #

        if (not passwords.validate_password_for_user(password, user)):
            error = {"error_password":1}
            return render_template("page_signin.html", error=error)

        #
        # it's all good - sign in
        #

        return login.do_login(user)

    else:
        ### just show the login form
        return render_template("page_signin.html")
Esempio n. 2
0
def signup():

    auth_cookie = request.cookies.get(app.cfg['auth_cookie_name'])
    if (login.check_login(auth_cookie)):
        return redirect("/")

    if request.method == 'POST':

        email = request.form['email']
        password = request.form['password']
        username = request.form['username']

        #
        # all fields are in order?
        #

        if ( (not len(email)) or (not len(password)) or (not len(username))):
            error = {"error_missing":1}
            return render_template("page_signup.html", error=error)

        #
        # email available
        #

        if users.is_email_taken(email):
            error = {"error_email_taken":1}
            return render_template("page_signup.html", error=error)

        #
        # username available
        #

        if users.is_username_taken(username):
            error = {"error_username_taken":1}
            return render_template("page_signup.html", error=error)

        #
        # create account
        #

        user = {"email":email, "password":password, "username":username}
        ret = users.create_user(user)

        if ret:
            user = users.get_user_by_email(ret['email'])
            return login.do_login(user)
        else:
            error = {"error_server":1}
            return render_template("page_signup.html", error=error)

    else:
        ### just show the signup form
        return render_template("page_signup.html")