def admin_register():
if request.method == 'POST':
fname = request.form['fname']
lname = request.form['lname']
email = request.form['email']
password = request.form['password']
confirmpass = request.form['confirmpass']
# check if password and confirm password match
if password != confirmpass:
flash('Passwords do not match', 'danger')
return redirect(url_for('admin_register'))
elif (Admin.check_admin_exist(email)):
flash('Email already in use', 'danger')
return redirect(url_for('admin_register'))
else:
# hash the password
hashedpass = bcrypt.generate_password_hash(password).decode(
'utf-8')
adm = Admin(firstname=fname,
lastname=lname,
email=email,
password=hashedpass)
adm.insert_record()
flash('Admin successfully created', 'success')
return redirect(url_for('admin_register'))
return render_template('adminregister.html')
def admin():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
# check if the email exists, then validate the password
if Admin.check_admin_exist(email):
if Admin.validate_password(email=email, password=password):
# set the admin session
session['admin'] = email
session['aid'] = Admin.get_admin_id(email)
return redirect(url_for('home'))
else:
flash('Invalid Credentials', 'danger')
return redirect(url_for('admin'))
else:
flash('Invalid Credentials', 'danger')
return redirect(url_for('admin'))
return render_template('admin.html')