def signin(): if request.method == 'POST': username = request.form.get('username') password = request.form.get('password') user = get_user(username) # Check that a user matching the username exists, and that the password matches if user is not None and checkpw(password.encode('utf-8'), user['password']): session['user_id'] = user['id'] return redirect(url_for('dashboard')) flash('Invalid username or password') return render_template('signin.html')
def signup(): if request.method == 'POST': username = request.form.get('username') password = request.form.get('password') if username and password: user = get_user(username) # Check that this username is not taken if not user: # Hash the password when inserting a new user insert_user(username, hashpw(password.encode('utf-8'), gensalt())) return redirect(url_for('signin')) flash('Username is taken') return render_template('signup.html')
def signup(): if request.method == 'POST': username = request.form.get('username') password = request.form.get('password') if username and password: user = get_user(username) # Check that this username is not taken if not user: # Hash the password when inserting a new user insert_user(username, generate_password_hash(password)) flash('Signup successful, please signin now.') return redirect(url_for('signin')) flash('Username is taken') return render_template('signup.html')
def is_loggedin(): user_id = session.get('user_id') user = get_user(user_id=user_id) return user is not None