def login(): if request.method == 'GET': if current_user.is_authenticated: flash("Already logged in!") return redirect(url_for('artefacts')) else: return render_template('login.html') elif request.method == 'POST': new_user = Credentials(request.form['email'], request.form['password']) # Determines if a user with that email exists in the database db_user = email_taken(new_user) if db_user: hash_pw = db_user[3] # Determines if the password has is correct if check_password_hash(hash_pw.tobytes(), new_user.password): new_user = User(db_user) login_user(new_user) flash("Successfully logged in") return redirect('/') else: flash("Incorrect details, try again") return redirect('/login') else: flash("That user doesn't exist!") return redirect('/login')
def register(): if request.method == 'GET': if current_user.is_authenticated: flash("You are already registered") return redirect(url_for('/')) else: return render_template('register.html') elif request.method == 'POST': if request.form['pass'] == request.form['confirm_pass'] and len( request.form['pass']) > 0: new_user = Credentials(request.form['email'], request.form['pass']) user_details = email_taken(new_user) if not user_details: # Creates famly if no referral_code if "new_family" in request.form: family_id = create_family(request.form['surname']) else: family_id = get_family_id(request.form['referral_code']) # Creates new register with hashed password new_register = Register( request.form['first_name'], request.form['surname'], family_id, request.form['email'], request.form['location'], generate_password_hash(request.form['pass'])) register_user(new_register) # Logs in user after adding to database db_user = email_taken(new_user) login_user(User(db_user)) flash('Successfully registered') return redirect('/') else: flash("User already exists") else: flash("Passwords are not the same, or you have missing fields") return redirect(url_for('register'))