예제 #1
0
def login():
    if 'username' in session:
        flash('You are already logged in.')
        return redirect(url_for('home'))

    form = LoginForm(request.form)
    if request.method == 'POST' and form.validate():
        user = db.retrieve_user_by_username(form.username.data)

        if not user:
            form.username.errors.append('Username not found')
            return render_template('login.html', form=form, title='Login')

        if not db.is_activated(form.username.data):
            flash('This account is not activated, please verify your email by opening activation link that we sent you')
            return render_template('login.html', form=form, title='Login')

        if not user.is_password_correct(form.password.data):
            form.password.errors.append('Wrong password, please try again...')
            return render_template('login.html', form=form, title='Login')

        #  username and password are correct, create a session
        session['username'] = user.username
        session['acc_type'] = user.acc_type

        #  record ip address and timestamp
        db.insert_log(Log(user.username, request.remote_addr))

        return redirect(url_for('profile'))

    return render_template('login.html', form=form, title='Login')
예제 #2
0
def register():
    if 'username' in session:
        flash('You cannot register while you are logged in, please log out first.')
        return redirect(url_for('home'))

    form = RegistrationForm(request.form)
    if request.method == 'POST' and form.validate():
        username_exist = db.retrieve_user_by_username(form.username.data)
        email_exist = db.retrieve_user_by_email(form.email.data)

        if username_exist:
            form.username.errors.append('Username already taken')

        if email_exist:
            form.email.errors.append('Email already used')

        if username_exist or email_exist:
            return render_template('register.html',
                                   form=form,
                                   title='Sign Up')

        #  load data from form and create User object
        user = User(form.username.data,
                    form.email.data,
                    User.generate_hash(form.password.data),
                    form.acc_type.data)

        #  save user to database
        db.insert_user(user)

        #  generate 5 digits activation code and save it inside db
        activation_code = str(random.randint(10000, 99999))
        db.insert_token(user.username, activation_code)

        #  generate activation link, activation code is encoded as URL parameter
        activation_link = url_for('activate', _external=True, username=user.username)
        activation_link += "?activation_code=" + activation_code

        #  generate template for confirmation email
        email_msg = render_template('email/verify_email.html',
                                    username=user.username,
                                    activation_code=activation_code,
                                    activation_link=activation_link)

        #  send email
        send_email(recipient=user.email, subject='Account Activation', template=email_msg)

        flash('Thanks for registering, check your email inbox for instructions on how to activate your account')
        return redirect(url_for('home'))

    return render_template('register.html',
                           form=form,
                           title='Sign Up')