def post(self): user_name = cgi.escape(self.request.get('username'), quote=True) user_pass = cgi.escape(self.request.get('password'), quote=True) user_vpass = cgi.escape(self.request.get('vpassword'), quote=True) user_email = cgi.escape(self.request.get('email'), quote=True) username_err = "" password_err = "" vpassword_err = "" email_err = "" if not (valid_username(user_name) and valid_password(user_pass) and valid_vpassword(user_pass, user_vpass) and valid_email(user_email)): if len(user_name) == 0: username_err = "please type in a username" elif not valid_username(user_name): username_err = "invalid username" if not valid_password(user_pass): password_err = "invalid password" if not valid_vpassword(user_pass, user_vpass): vpassword_err = "the passwords don't match" if not valid_email(user_email): email_err = "invalid email address" self.write_form("Sign me up!", "sign me up", "", user_name, user_email, username_err, password_err, vpassword_err, email_err) else: self.redirect("/welcome?user_name=" + user_name)
def register(): if request.method == "GET": return render_template("register.html") else: username = request.form.get("username") password = generate_password_hash(request.form.get("password")) if username == "" or not username.isalnum(): return apology("must provide valid username", 400) elif len( db.execute("SELECT * FROM users WHERE username = :username", username=username)) != 0: return apology("username already exists", 400) elif not request.form.get("password") or not check_password_hash( password, request.form.get("confirmation")): return apology("invalid password or passwords don't match", 400) elif not valid_password(request.form.get("password")): return apology( "Password must contain 6 to 12 characters, one letter, one numeric digit and no special digits", 400) else: db.execute( "INSERT INTO users (username, hash) VALUES (:username, :hash_)", username=username, hash_=password) session["user_id"] = db.execute( "SELECT * FROM users WHERE username = :username", username=username)[0]["id"] flash('Registered!') return redirect("/")
def signup(): """ Creates a new User """ data = request.get_json() # make sure all required data is present message = {} success = '' username = data['username'] password = data['password'] email = data['email'] # check for missing data if username == '': message['error_username'] = "******" success = False if password == '': message['error_password'] = "******" success = False if email == '': message['error_email'] = "email is required" success = False if success is False: message['success'] = False return jsonify(errors=message), 200 # check for valid data if not helpers.valid_username(str(username)): message['error_username'] = "******" success = False if helpers.user_by_name(username) is not None: message['error_username'] = "******" success = False if not helpers.valid_password(password): message['error_password'] = "******" success = False if not helpers.valid_email(email): message['error_email'] = "Email is not valid" success = False if helpers.user_by_email(str(email)) is not None: message['error_email'] = "Email already in use" if success is False: message['success'] = False return jsonify(errors=message), 200 # hash the password for db storage pw_hash = helpers.make_pw_hash(username, password) # create new instance of user new_user = User(username, email, pw_hash) db_session.add(new_user) db_session.commit() db_session.refresh(new_user) message['success'] = True message['user'] = new_user.serialize return jsonify(message), 201
def post(self): username = self.request.get("username") valid_username = helpers.valid_username(username) password = helpers.valid_password(self.request.get("psw")) verify_password = helpers.valid_verifypsw(self.request.get("psw"), self.request.get("vpsw")) email = self.request.get("email") valid_email = helpers.valid_email(email) if not (valid_username): self.write_form("Please enter valid username", username, email) elif not (password): self.write_form("Please enter valid password", username, email) elif not (verify_password): self.write_form("Passwords do not match", username, email) else: self.response.out.write("Welcome, %s!" %username)
def post(self): name = self.request.get("name") email = self.request.get("email") pass1 = self.request.get("pass1") pass2 = self.request.get("pass2") messages = {} if not helpers.valid_username(name): messages['error_name'] = "Enter a valid name" if not helpers.valid_email(email): messages['error_email'] = "That's not a valid email" if not helpers.valid_password(pass1): messages['error_pass1'] = "Enter a valid password" if pass1 != pass2: messages['error_pass2'] = "password doesn't match" if len(messages): self.render("signup.html", **messages) else: self.render('signup.html', register="true")
def password(): if request.method == "GET": return render_template("password.html") else: old_password = db.execute("SELECT hash FROM users WHERE id = ?", session.get("user_id"))[0]["hash"] if not check_password_hash(old_password, request.form.get("old_password")): return apology("Old password incorrect", 400) elif not valid_password(request.form.get("new_password")): return apology( "Password must contain 6 to 12 characters, one letter, one numeric digit and no special digits", 400) elif request.form.get("new_password") != request.form.get( "confirmation"): return apology("Password and confirm password don't match", 400) else: db.execute( "UPDATE users SET hash = ? WHERE id = ?", generate_password_hash(request.form.get("new_password")), session.get("user_id")) flash('Password Changed!') return redirect("/")