def register(**params):
if request.method == "GET":
return render_template_with_translations("public/auth/register.html",
**params)
elif request.method == "POST":
email_address = request.form.get("registration-email")
first_name = request.form.get("registration-first-name")
last_name = request.form.get("registration-last-name")
if email_address and first_name and last_name:
success, user, message = User.create(email_address=email_address,
first_name=first_name,
last_name=last_name)
if success:
# send magic login link
locale = get_locale(
) # get the language that the user currently uses on the website
success, message = User.send_magic_login_link(
email_address=email_address, locale=locale)
if success:
return render_template_with_translations(
"public/auth/register_success.html", **params)
else:
return abort(403, description=message)
else:
params["register_error_message"] = message
return render_template_with_translations(
"public/auth/register_error.html", **params)
def reset_password_enter_email(**params):
if request.method == "GET":
return render_template_with_translations(
"public/auth/reset_password_enter_email.html", **params)
elif request.method == "POST":
email_address = request.form.get("reset-password-email")
locale = get_locale(
) # get the language that the user currently uses on the website
success, message = User.password_reset_link_send(
email_address=email_address, locale=locale)
if success:
# Delete the current session cookie (if it exists)
response = make_response(
render_template_with_translations(
"public/auth/reset_password_link_sent.html", **params))
# on localhost don't make the cookie secure and http-only (but on production it should be)
cookie_secure_httponly = False
if not is_local():
cookie_secure_httponly = True
# set the session cookie value to an empty value which effectively "deletes" it
response.set_cookie(key="my-web-app-session",
value="",
secure=cookie_secure_httponly,
httponly=cookie_secure_httponly)
return response
else:
return abort(403, description=message)
def login_password(**params): # Rok: logging with password
if request.method == "GET":
return render_template_with_translations("public/auth/login.html", **params)
elif request.method == "POST":
login_password = request.form.get("login-password")
if User.suspended == login_password: # checking if current logging user is suspended
return "You can't login because you are suspended by administrator."
locale = get_locale() # locale ne vem kako bi ga vključil nazaj; get the language that the user currently uses on the website
success, message = User.login_password(password=login_password)
if success:
return render_template_with_translations("public/auth/login-magic-link-sent.html", **params)
else:
return abort(403, description=message)
def login(**params):
if request.method == "GET":
return render_template_with_translations("public/auth/login.html", **params)
elif request.method == "POST":
email_address = request.form.get("login-email")
if User.suspended == email_address: # Rok: checking if current logging user is suspended
return "You can't login because you are suspended by administrator."
locale = get_locale() # get the language that the user currently uses on the website
success, message = User.send_magic_login_link(email_address=email_address, locale=locale)
if success:
return render_template_with_translations("public/auth/login-magic-link-sent.html", **params)
else:
return abort(403, description=message)
def login(**params):
if request.method == "GET":
return render_template_with_translations("public/auth/login.html",
**params)
elif request.method == "POST":
email_address = request.form.get("login-email")
locale = get_locale(
) # get the language that the user currently uses on the website
success, message = User.send_magic_login_link(
email_address=email_address, locale=locale)
if success:
return render_template_with_translations(
"public/auth/login-magic-link-sent.html", **params)
else:
return abort(403, description=message)