def admin_register(): if request.method == 'POST': fname = request.form['fname'] lname = request.form['lname'] email = request.form['email'] password = request.form['password'] confirmpass = request.form['confirmpass'] # check if password and confirm password match if password != confirmpass: flash('Passwords do not match', 'danger') return redirect(url_for('admin_register')) elif (Admin.check_admin_exist(email)): flash('Email already in use', 'danger') return redirect(url_for('admin_register')) else: # hash the password hashedpass = bcrypt.generate_password_hash(password).decode( 'utf-8') adm = Admin(firstname=fname, lastname=lname, email=email, password=hashedpass) adm.insert_record() flash('Admin successfully created', 'success') return redirect(url_for('admin_register')) return render_template('adminregister.html')
def admin(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] # check if the email exists, then validate the password if Admin.check_admin_exist(email): if Admin.validate_password(email=email, password=password): # set the admin session session['admin'] = email session['aid'] = Admin.get_admin_id(email) return redirect(url_for('home')) else: flash('Invalid Credentials', 'danger') return redirect(url_for('admin')) else: flash('Invalid Credentials', 'danger') return redirect(url_for('admin')) return render_template('admin.html')