def login():
userf = UserForm()
admin = AdminForm()
if userf.validate_on_submit():
comand = userf.comand_name.data
username = userf.username.data
password = userf.password.data
db_sess = db_session.create_session()
team = db_sess.query(Teams).filter(Teams.name == comand).filter(
Teams.name != 'Admins').first()
if team and check_password_hash(team.password_hash, password):
users = db_sess.query(
User.username).filter(User.team == team.name).all()
users_names = [x[0] for x in users]
if username in users_names:
login_user(
db_sess.query(User).filter(User.team == team.name).filter(
User.username == username).first())
return redirect("/user")
else:
if len(users) < 6:
us = User()
us.username = username
us.team = comand
db_sess.add(us)
db_sess.commit()
login_user(us)
return redirect("/user")
else:
return render_template('login.html',
form=userf,
adm_form=admin)
return render_template('login.html', form=userf, adm_form=admin)
if admin.validate_on_submit():
name = admin.ad_username.data
password = admin.ad_password.data
db_sess = db_session.create_session()
admins = db_sess.query(User).filter(User.username == name).filter(
User.role == 1).first()
team = db_sess.query(Teams).filter(Teams.name == 'Admins').first()
if admins and check_password_hash(team.password_hash, password):
login_user(admins)
return redirect('/admin')
else:
return render_template('login.html', form=userf, adm_form=admin)
return render_template('login.html',
title='Авторизация',
form=userf,
adm_form=admin)
def join():
"""
Register user with given credentials if user with that username doesnt exist
Otherwise redirect on /join page again
:return:
"""
title = 'Join us'
session = db_session.create_session()
# Registration form
form = forms.RegistrationForm()
if form.validate_on_submit():
# Creating Database Session
session = db_session.create_session()
# checking if user already registered
if session.query(User).filter(
User.username == form.username.data).all():
session.close()
logger.info(
f'user with username {form.username.data} already registered, redirecting on /join with'
f' the flash')
flash('User with this username already registered',
'alert alert-danger')
return render_template('join.html', form=form)
# User object for database
user = User()
# Hashing password here
password_hash = hashlib.new('md5',
bytes(form.password.data, encoding='utf8'))
# Filling database with user data
user.username = form.username.data
# Here we use not password but its hash
user.hashed_password = password_hash.hexdigest()
user.reg_ip = request.remote_addr
user.last_ip = request.remote_addr
# Adding user to database
session.merge(user)
# Commiting changes
session.commit()
session.close()
logger.info(
f'User {form.username.data} with IP {request.remote_addr} just registered, redirecting on /index'
)
flash('Your account has been created and now you are able to log in',
'alert alert-primary')
return redirect(url_for('index'))
session.close()
return render_template('join.html', title=title, form=form)
def store(request):
# if form.is_valid():
if request.POST:
role = request.POST.get('role')
if role == 'p':
form1 = Publisher()
elif role == 'a':
form1 = Advertiser()
form1.name = request.POST.get('name')
form1.contact = request.POST.get('contact_number')
form1.email = request.POST.get('email')
form1.avatar = request.FILES['image']
form1.company_name = request.POST.get('company_name')
form1.company_address = request.POST.get('company_address')
form1.state = request.POST.get('state')
form1.city = request.POST.get('city')
created_at = datetime.datetime.now()
form1.save()
if role == 'p':
record = Publisher.objects.all().order_by('-id')[0]
elif role == 'a':
record = Advertiser.objects.all().order_by('-id')[0]
form_user = User()
form_user.username = request.POST.get('username')
form_user.password = request.POST.get('password')
created_at = datetime.datetime.now()
form_user.role = request.POST.get('role')
form_user.uid = form1.id
form_user.save()
# instance = form.save(commit=False)
# instance.save()
# form = ImageUploadForm(request.POST, request.FILES)
# if form.is_valid():
# if role == 'p':
# m = Publisher()
# elif role == 'a':
# m = Advertiser()
#
# m.avatar = form.cleaned_data['image']
# m.save()
return render(request, 'navigation.html')
