def user_home(): if 'user_logged' not in request.cookies: return redirect(url_for('login')) return modify30DayLoginCookie( request, render_template('user_home.html', uname=request.cookies['user_logged'], page_subname="Home", subnav_menu_item_id='subnav-home'))
def user_oceans(default='default_browse'): if 'user_logged' not in request.cookies: return redirect(url_for('login')) default = default.split('_') valid_defaults = ['browse'] if default[0] != 'default' or default[ 1] not in valid_defaults: # default not correctly supplied abort(404) return modify30DayLoginCookie( request, render_template('user_oceans.html', uname=request.cookies['user_logged'], default=default[1], page_subname="Oceans", subnav_menu_item_id='subnav-oceans'))
def signup_processing(): if request.referrer not in [url_for('signup', _external=True)]: abort(403) # get form data username = request.form['username'] password = request.form['password'] conn = mysql.connector.connect(user='******', host='localhost', database='Ocean') cursor = conn.cursor() # hash the password hasher = hashlib.sha256() hasher.update(password.encode('utf-8')) # no need to check for collisions, because form would not have been submitted if there was one cursor.execute("INSERT INTO Users (UserName, Pass, Salt) VALUES (%s, %s, %s)", [username, hasher.hexdigest(), datetime.utcnow()]) conn.commit() cursor.close() conn.close() redir = redirect(url_for('user_site.user_home')) return modify30DayLoginCookie(request, redir, user=username, addIfNotExists=True) # log the user in and send them home
def login_processing(): if request.referrer not in [url_for('login', _external=True), url_for('login', failed="failed", _external=True)]: abort(403) username = request.form['username'] rawpswd = request.form['password'] # User: DCC Pawssword: DCCInfinity # get MySQL cursor and desired login data conn = mysql.connector.connect(user='******', host='localhost', database='Ocean') cursor = conn.cursor(buffered = True) cursor.execute("SELECT Pass, Salt FROM Users WHERE UserName=%s", [username]) if cursor.rowcount == 0: cursor.close() conn.close() return redirect(url_for('login', failed = 'failed')) # no such username user = cursor.fetchone() password = user[0] salt = user[1] hasher = hashlib.sha256() hasher.update(rawpswd.encode('utf-8')) hasher.update(salt.encode('utf-8')) encpswd = hasher.hexdigest() # check password if password == encpswd: # login successful cursor.close() conn.close() redir = redirect(url_for('user_site.user_home')) return modify30DayLoginCookie(request, redir, user=username, addIfNotExists=True) # add cookie here else: # login failed cursor.close() conn.close() return redirect(url_for('login', failed = 'failed'))
def logout(): # erase any cookies regardless of who is logged in redir = redirect(url_for('login')) return modify30DayLoginCookie( request, redir, add=False ) # the redirect takes the place of the rendered template here
def learn_more(): return modify30DayLoginCookie( request, render_template('learn_more.html', nav_menu_item_id="nav-learn-more"))
def index(): from aux_functions import cleanUserLoginKeyTable cleanUserLoginKeyTable() return modify30DayLoginCookie( request, render_template('index.html', nav_menu_item_id=None))