Esempio n. 1
0
def login():
    userf = UserForm()
    admin = AdminForm()

    if userf.validate_on_submit():

        comand = userf.comand_name.data
        username = userf.username.data
        password = userf.password.data
        db_sess = db_session.create_session()
        team = db_sess.query(Teams).filter(Teams.name == comand).filter(
            Teams.name != 'Admins').first()

        if team and check_password_hash(team.password_hash, password):
            users = db_sess.query(
                User.username).filter(User.team == team.name).all()
            users_names = [x[0] for x in users]

            if username in users_names:
                login_user(
                    db_sess.query(User).filter(User.team == team.name).filter(
                        User.username == username).first())
                return redirect("/user")

            else:
                if len(users) < 6:
                    us = User()
                    us.username = username
                    us.team = comand
                    db_sess.add(us)
                    db_sess.commit()
                    login_user(us)
                    return redirect("/user")

                else:
                    return render_template('login.html',
                                           form=userf,
                                           adm_form=admin)
        return render_template('login.html', form=userf, adm_form=admin)

    if admin.validate_on_submit():

        name = admin.ad_username.data
        password = admin.ad_password.data
        db_sess = db_session.create_session()
        admins = db_sess.query(User).filter(User.username == name).filter(
            User.role == 1).first()
        team = db_sess.query(Teams).filter(Teams.name == 'Admins').first()

        if admins and check_password_hash(team.password_hash, password):
            login_user(admins)
            return redirect('/admin')

        else:
            return render_template('login.html', form=userf, adm_form=admin)
    return render_template('login.html',
                           title='Авторизация',
                           form=userf,
                           adm_form=admin)
Esempio n. 2
0
def join():
    """
    Register user with given credentials if user with that username doesnt exist
    Otherwise redirect on /join page again
    :return:
    """
    title = 'Join us'
    session = db_session.create_session()
    # Registration form
    form = forms.RegistrationForm()
    if form.validate_on_submit():
        # Creating Database Session
        session = db_session.create_session()

        # checking if user already registered
        if session.query(User).filter(
                User.username == form.username.data).all():
            session.close()
            logger.info(
                f'user with username {form.username.data} already registered, redirecting on /join with'
                f' the flash')
            flash('User with this username already registered',
                  'alert alert-danger')
            return render_template('join.html', form=form)

        # User object for database
        user = User()

        # Hashing password here
        password_hash = hashlib.new('md5',
                                    bytes(form.password.data, encoding='utf8'))
        # Filling database with user data
        user.username = form.username.data
        # Here we use not password but its hash
        user.hashed_password = password_hash.hexdigest()
        user.reg_ip = request.remote_addr
        user.last_ip = request.remote_addr

        # Adding user to database
        session.merge(user)
        # Commiting changes
        session.commit()
        session.close()
        logger.info(
            f'User {form.username.data} with IP {request.remote_addr} just registered, redirecting on /index'
        )
        flash('Your account has been created and now you are able to log in',
              'alert alert-primary')
        return redirect(url_for('index'))
    session.close()
    return render_template('join.html', title=title, form=form)
Esempio n. 3
0
def store(request):

    # if form.is_valid():
    if request.POST:
        role = request.POST.get('role')
        if role == 'p':
            form1 = Publisher()
        elif role == 'a':
            form1 = Advertiser()

        form1.name = request.POST.get('name')
        form1.contact = request.POST.get('contact_number')
        form1.email = request.POST.get('email')
        form1.avatar = request.FILES['image']

        form1.company_name = request.POST.get('company_name')
        form1.company_address = request.POST.get('company_address')
        form1.state = request.POST.get('state')
        form1.city = request.POST.get('city')
        created_at = datetime.datetime.now()
        form1.save()

        if role == 'p':
            record = Publisher.objects.all().order_by('-id')[0]
        elif role == 'a':
            record = Advertiser.objects.all().order_by('-id')[0]

        form_user = User()
        form_user.username = request.POST.get('username')
        form_user.password = request.POST.get('password')
        created_at = datetime.datetime.now()
        form_user.role = request.POST.get('role')
        form_user.uid = form1.id
        form_user.save()
        # instance = form.save(commit=False)
        # instance.save()
        # form = ImageUploadForm(request.POST, request.FILES)
        # if form.is_valid():
        #     if role == 'p':
        #         m = Publisher()
        #     elif role == 'a':
        #         m = Advertiser()
        #
        #     m.avatar = form.cleaned_data['image']
        #     m.save()

    return render(request, 'navigation.html')