def admin_login():
"""
logs admins in the session and redirects to their own interface
"""
if current_user.is_anonymous:
pass
else:
if current_user.is_admin:
return redirect(url_for("admin_page"))
form = AdminLoginForm()
if form.validate_on_submit():
nickname = form.data["username"]
user = get_user(user_id=nickname)
if user is not None:
password = form.data["password"]
if hasher.verify(password, user.password):
i_am_in = login_user(user, force=True, fresh=False)
if i_am_in:
flash("You have logged in.")
next_page = request.args.get("next", url_for("admin_page"))
return redirect(next_page)
flash("Invalid credentials.")
return render_template("admin_login.html",
title='Sign In as Admin',
form=form)
def adminlogin():
form = AdminLoginForm()
if form.validate_on_submit():
if form.admin_id.data == '090078601' and form.password.data == 'niggachu':
flash('Welcome Admin', 'success')
return redirect('/admin')
else:
flash('Login Unsuccessful. Please check Admin ID or password', 'danger')
return render_template('adminlogin.html', form=form)
def admin_login():
form = AdminLoginForm()
if form.validate_on_submit():
# temporary 'test'/'test'
if form.login.data == 'test' and form.pswd.data == 'test':
authorize_admin()
return redirect(url_for('homepage'))
else:
flash('NOPE')
flash_errors(form)
return render_template('admin_login.html', form=form)
def admin_login():
form = AdminLoginForm()
if form.validate_on_submit():
admin = Admin.query.filter_by(username=form.username.data).first()
if admin and admin.check_password(password=form.password.data):
login_user(admin)
next_page = request.args.get('next')
return redirect(next_page or url_for("web_admin.view_users"))
flash("Invalid username and password")
return redirect(url_for("web_admin.admin_login"))
return render_template("user_login.html", form=form)
def admin_login_page():
admin_form = AdminLoginForm()
if admin_form.validate_on_submit():
username = admin_form.username.data
password = admin_form.password.data
if password == 'pass':
session['logged_in'] = True
session['role'] = 'admin'
return redirect(url_for('admin_ui.admin_page', username=username))
return render_template('roles/admin/admin_login_page.html',
form=admin_form)
def login():
#在template文件夹下创建auth文件夹
form = AdminLoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None and user.verify_password(form.password.data):
#成功
login_user(user, form.remember_me.data)
if user.role.id == 1:
return redirect(url_for('admin.post'))
else:
return redirect(url_for('main.index'))
return render_template('auth/login.html', form=form), 200
def login():
errors = None
form = AdminLoginForm(request.form)
if request.method == 'POST' and form.validate():
admin = get_admin(g.db, form.email.data)
if valid_login(admin, form.email.data, form.password.data):
login_user(admin)
return redirect(url_for('hunts'))
flash('Invalid email and password combination')
else:
errors = form.errors
return make_response(render_template(
'homepage.html', form=form, display_login_link=True))
def adminlogin():
form = AdminLoginForm()
if form.validate_on_submit():
if request.method == 'POST':
name1 = form.name.data
pass1 = form.password.data
if name1 == "admin" and pass1 == "admin":
session['user'] = True
return redirect(url_for('adminprofile'))
else:
flash('Invalid username or password', 'danger')
return redirect(url_for('adminlogin'))
return render_template('adminlogin.html', form=form)
def login():
#在template文件夹下创建auth文件夹
form = AdminLoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username = form.username.data).first()
if user is not None and user.verify_password(form.password.data):
#成功
login_user(user,form.remember_me.data)
if user.role.id == 1:
return redirect(url_for('admin.post'))
else:
return redirect(url_for('main.index'))
return render_template('auth/login.html',form = form),200
def login():
errors = None
form = AdminLoginForm(request.form)
if request.method == 'POST' and form.validate():
admin = get_admin(g.db, form.email.data)
if valid_login(admin, form.email.data, form.password.data):
login_user(admin)
return redirect(url_for('hunts'))
flash('Invalid email and password combination')
else:
errors = form.errors
return make_response(
render_template('homepage.html', form=form, display_login_link=True))
def adminlogin():
form=AdminLoginForm()
if form.validate_on_submit():
reg_password = engine.execute("select Password from Admin_Tab where Name = :a",{'a':form.name.data})
for row in reg_password:
reg_details=row
print(reg_details)
if bcrypt.check_password_hash(reg_details[0] , form.password.data) :
flash('Login successful.', 'success')
current_user = form.name.data
return redirect(url_for('profile',current_user= current_user,Type_of_User="******"))
else:
flash('Login Unsuccessful. Please check EnrollNo and password', 'danger')
return render_template('adminlogin.html',title='adminLogin', form=form)
def adminlogin():
form = AdminLoginForm()
if form.validate_on_submit():
user = Admin.query.filter_by(email=form.email.data).first()
if user.check_password(form.password.data) and user is not None:
login_user(user)
next = request.args.get('next')
if next == None or not next[0] == '/':
next = url_for('welcome_admin')
global admin
admin = True
return redirect(next)
return render_template('adminlogin.html', form=form, admin=admin)
def login(request):
from forms import AdminLoginForm
if request.method == 'POST':
post = request.POST.copy()
admin_form = AdminLoginForm(post)
if admin_form.is_valid():
usuario = auth.authenticate(username=post['usuario'], password=post['password'])
if usuario is not None:
if usuario.is_staff():
auth.login(request, usuario)
else:
admin_form = AdminLoginForm()
return 'admin.html', { 'admin': admin_form }
def admin_login(request):
if request.method == 'POST':
form = AdminLoginForm(request.POST)
if form.is_valid():
data = form.cleaned_data
username = data["id"]
password = data["password"]
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
return HttpResponseRedirect(reverse("admin"))
form = AdminLoginForm()
return render(request, "scanner/admin_login.html", {"form": form})
def admin_login():
form = AdminLoginForm()
if "admin" in session:
return redirect(url_for("admin"))
if request.method == "POST":
if form.validate() == False:
flash("invalid credentials")
return render_template("admin/login.html", form=form)
else:
session["admin"] = form.email.data
flash("Anda sudah berhasil masuk, selamat!", category="info")
return redirect(request.args.get("next") or url_for("admin"))
elif request.method == "GET":
return render_template("/admin/login.html", form=form)
def login():
if current_user.is_authenticated:
flash('Already logged in', 'info')
return redirect(url_for('landing_page'))
cur = conn.cursor()
form = AdminLoginForm()
if form.validate_on_submit():
cpf = form.cpf.data
input_password = form.password.data
cur.execute(f"""SELECT administrator.cpf, person_name, admin_password
FROM administrator, person
WHERE administrator.cpf = '{cpf}'
AND administrator.cpf = person.cpf;""")
query_results = cur.fetchall()
conn.commit()
cur.close()
if len(query_results) == 0:
flash(f'Invalid CPF', 'error')
else:
cpf, name, password = query_results[0]
if input_password == password:
login_user(admin(cpf, name, password))
flash(f'You are logged as admin', 'success')
return redirect(url_for('landing_page'))
else:
flash(f'Wrong password', 'error')
else:
if form.errors:
errors = list(form.errors.keys())
error = errors[0]
flash(f'Error in {error}: {form.errors[error][0]}', 'error')
return render_template('login.html', form=form)
def admin(request):
unconfirmedSongVideos = Video.objects.filter(
is_confirmed__exact=False
).prefetch_related(
'songs', 'songs__composers', 'songs__styles', 'groups'
).order_by('title')
formattedUnconfirmedVideos = []
for video in unconfirmedSongVideos :
formattedUnconfirmedVideos.append(formattedVideoData(video))
response = render(
request,
'unconfirmed-list.html',
{"data": json.dumps({
"unconfirmed_songs": {
"videos" : {
"items" : formattedUnconfirmedVideos,
"metadata" : rekeyAndFormatVideoData(unconfirmedSongVideos),
},
},
})}
)
if request.COOKIES.get(ADMIN_COOKIE, False):
return response
elif request.method == 'POST':
form = AdminLoginForm(request.POST)
if form.is_valid():
if form.cleaned_data['password'] == ADMIN_PASSWORD:
response.set_cookie(
key=ADMIN_COOKIE,
value=True,
max_age=ADMIN_COOKIE_EXPIRE
)
return response
else:
form = AdminLoginForm()
return render(request, 'admin-login.html', {'form': form})
def admin_login():
form = AdminLoginForm(request.form)
if request.method == 'POST':
if form.validate():
username = form.name.data.title()
password = form.password.data
user = User.query.filter_by(name=username).first()
if current_user.name == username:
if password == 'adminuser':
if user.is_admin is False or user.is_admin is None:
user.is_admin = True
db.session.commit()
login_user(user)
return redirect(url_for('admin'))
else:
# TODO: ERROR MESSAGE
return 'admin password fail'
# TODO: ERROR MESSAGE
return 'please logout and try again'
else:
return 'invalid data, please retry'
name = current_user.name
return render_template('adminLogin.html', form=form, name=name)
def AdLogin():
form=AdminLoginForm()
if request.method=='POST':
adminId=request.form.get("adminId")
password=request.form.get("password")
adIddata=db.execute("SELECT adminId FROM admins WHERE adminId=:adminId",{"adminId":adminId}).fetchone()
passworddata=db.execute("SELECT password FROM admins WHERE adminId=:adminId",{"adminId":adminId}).fetchone()[0]
#for applied
data=db.execute("SELECT jobId,count(jobId) FROM candid GROUP BY jobId;")
fetchData=data.fetchall()
graphdata=[]
for ele in fetchData:
graphdata.append([str(ele[0]),ele[1]])
#for vacancy
data1=db.execute("SELECT jobId,job,noOfVac FROM jobVac;")
fetchData1=data1.fetchall()
graphdata1=[]
for ele in fetchData1:
graphdata1.append(['('+str(ele[0])+')'+ele[1],ele[2]])
#for source
graphdata2=[]
fetchData2=db.execute("SELECT source,count(source) FROM candid GROUP BY source;").fetchall()
for ele in fetchData2:
graphdata2.append([ele[0],ele[1]])
if adIddata is None:
flash("No adminId","danger")
return render_template("adminlogin.html",form=form)
else:
if sha256_crypt.verify(password,passworddata):
session['loggedin']=True
session['admin']=request.form['adminId']
flash("You are now logged in",'success')
return render_template("mainDashboard.html",graphdata=json.dumps(graphdata),graphdata1=json.dumps(graphdata1),graphdata2=json.dumps(graphdata2))
else:
flash("incorrect password","danger")
return render_template("adminlogin.html",form=form)
return render_template('adminlogin.html',title='Login',form=form)
def login(request):
"""
Page for admins to login to for competition management
"""
c = {}
c["messages"] = UserMessages()
c = getAuthValues(request, c)
c["form"] = {'login': AdminLoginForm()}
c.update(csrf(request))
# Checks if the user is submitting the form, or requesting the form
if request.method != "POST":
return render_to_response('AdminConfig/login.html', c)
username = request.POST.get('username')
password = request.POST.get('password')
# TODO: The following line can throw a MultiValueDictKeyError
admin = auth.authenticate(username=username, password=password)
if admin == None:
c["messages"].new_info("Incorrect credentials.", 4321)
return render_to_response('AdminConfig/login.html', c)
# Checks that the submitted form data is valid
auth.login(request, admin)
return HttpResponseRedirect("/admin/home")
def schedule(request):
schedule=[]
today = date.today()
while today.weekday() >= 5 or ScheduleDay.objects.filter(date=today).count() > 0 and ScheduleDay.objects.get(date=today).day_off:
today += timedelta(1)
schedule_day = None
if ScheduleDay.objects.filter(date=today).count() > 0:
schedule_day = ScheduleDay.objects.get(date=today)
else:
done = False
one_day = timedelta(1)
today_dt = datetime.combine(today, time())
today_dt -= one_day
new_date = today_dt.date()
days_ellapsed = 0
day = 0
while not done:
if new_date.weekday() < 5 and ScheduleDay.objects.filter(date=new_date).count() == 0:
days_ellapsed += 1
elif new_date.weekday() < 5 and not ScheduleDay.objects.get(date=new_date).day_off:
done = True
day = (ScheduleDay.objects.get(date=new_date).day + days_ellapsed) % 7
new_dt = datetime.combine(new_date, time())
new_dt -= one_day
new_date = new_dt.date()
schedule_day = ScheduleDay(date=today, day_off=False, day=day, schedule="")
schedule_day.save()
print(schedule_day.day)
if (schedule_day.schedule == ""
schedule_day.schedule = master_schedule[schedule_day.day]
s
if len(schedule_day.period_set.all()) == 0:
for i in range(len(schedule_day.schedule)):
period = Period(day=schedule_day, period_number=i, period_letter=schedule_day.schedule[i:i + 1])
period.save()
schedule.append([["Day " + str(schedule_day.day + 1)]])
for period in schedule_day.schedule:
schedule.append([[period]])
return render(request, "scanner/schedule.html", {'schedule_table': schedule})
@not_login_required
def checkin (request):
messages = []
if request.method == 'POST':
form = ScanForm(request.POST)
if form.is_valid():
data = form.cleaned_data
idnum = data["scan"]
if len(Person.objects.filter(id=idnum)) != 0:
person = Person.objects.get(id=idnum)
checkins = Checkin.objects.filter(person=person, completed=False)
if len(checkins) == 0:
messages.append("Successfully checked in " + person.first_name + " " + person.last_name)
new_checkin = Checkin(person=person, checkin=datetime.now(), checkout=datetime.now())
new_checkin.save()
else:
for obj in checkins:
obj.checkout = datetime.now()
obj.completed = True
obj.save()
person.hours += float((obj.checkout - obj.checkin).total_seconds()) / 3600
person.save()
messages.append("Successfully checked out " + person.first_name + " " + person.last_name)
form = ScanForm()
return render(request, "scanner/checkin.html", {"form": form, "messages": messages})
@not_login_required
def scan (request, idnum):
idnum = int(idnum)
if idnum < 10000 or idnum > 20000:
return user(request, idnum)
if idnum > 10000 and idnum < 20000:
return checkout_item(request, idnum)
return render(request, "scanner/item.html", {"idnum": idnum})
@not_login_required
def user (request, idnum):
if len(Person.objects.filter(id=idnum)) == 0:
if request.method == 'POST':
form = NewUserForm(request.POST)
if form.is_valid():
person = form.save(commit=False)
person.id = idnum
person.save()
else:
form = NewUserForm()
return render(request, "scanner/newuser.html", {"idnum": idnum, "form": form})
person = Person.objects.get(id=idnum)
messages = []
if request.method == 'POST':
form = ScanForm(request.POST)
if form.is_valid():
if len(CheckoutItem.objects.filter(id=form.cleaned_data["scan"])) > 0:
item = CheckoutItem.objects.get(id=form.cleaned_data["scan"])
if len(Checkout.objects.filter(person=person, item=item, checked_in=False)) > 0:
for checkout in Checkout.objects.filter(person=person, item=item, checked_in=False):
checkout.checked_in = True
checkout.date_returned = datetime.now()
checkout.save()
messages.append(item.name + " successfully checked in.")
else:
new_checkout = Checkout(person=person, item=CheckoutItem.objects.get(id=form.cleaned_data["scan"]), date_checked_out=datetime.now() , date_due=datetime.now() + timedelta(CheckoutItem.objects.get(id=form.cleaned_data["scan"]).default_checkout_time))
new_checkout.save()
messages.append(item.name + " successfully checked out.")
else:
messages.append("That item is not in the database.")
form = ScanForm()
return render(request, "scanner/user.html", {"person": person, "form": form, "checkouts": Checkout.objects.filter(person=person, checked_in=False), "messages": messages})
@not_login_required
def checkout_item (request, idnum):
if len(CheckoutItem.objects.filter(id=idnum)) == 0:
if request.method == 'POST':
form = NewItemForm(request.POST)
if form.is_valid():
item = form.save(commit=False)
item.id = idnum
item.save()
else:
form = NewItemForm()
return render(request, "scanner/newitem.html", {"idnum": idnum, "form": form})
else:
form = NewItemForm()
return render(request, "scanner/newitem.html", {"idnum": idnum, "form": form})
return render(request, "scanner/item.html", {"item": CheckoutItem.objects.get(id=idnum)})
@not_login_required
def checkout(request, personid, itemid):
return render(request, "scanner/item.html", {"item": CheckoutItem.objects.get(id=itemid)})
@login_required
def admin(request):
person = request.user.leadershipmember
return render(request, "scanner/admin.html", {"person": person})
@not_login_required
def admin_login(request):
if request.method == 'POST':
form = AdminLoginForm(request.POST)
if form.is_valid():
data = form.cleaned_data
username = data["id"]
password = data["password"]
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
return HttpResponseRedirect(reverse("admin"))
form = AdminLoginForm()
return render(request, "scanner/admin_login.html", {"form": form})
@login_required
def admin_add_leadership(request):
if not request.user.leadershipmember.can_add_leadership_members:
return HttpResponseRedirect(reverse("admin"))
if request.method == 'POST':
form = NewLeadershipMemberForm(request.POST)
if form.is_valid():
data = form.cleaned_data
person = Person.objects.get(id=data["id"])
if len(User.objects.filter(username=data["id"])) == 0:
print(data["password"])
user = User.objects.create_user(data["id"], data["email"], data["password"])
user.save()
user = User.objects.get(username=data["id"])
leadershipmember = LeadershipMember(first_name=person.first_name, last_name=person.last_name, id=person.id, hours=person.hours, periods=data["periods"], user=user)
person.delete()
leadershipmember.save()
return HttpResponseRedirect(reverse("admin"))
form = NewLeadershipMemberForm()
return render(request, "scanner/admin_add_leadership.html", {"form": form})
@login_required
def admin_change_permissions(request):
if not request.user.leadershipmember.can_change_leadership_permissions:
return HttpResponseRedirect(reverse("admin"))
leadershipmembers = LeadershipMember.objects.exclude(id=request.user.leadershipmember.id)
return render(request, "scanner/admin_change_permissions.html", {'leadershipmembers': leadershipmembers})
@login_required
def admin_edit_info(request):
if request.method == 'POST':
form = LeadershipEditInfoForm(request.POST, instance=request.user.leadershipmember)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse("admin"))
form = LeadershipEditInfoForm(instance=request.user.leadershipmember)
return render(request, "scanner/admin_edit_info.html", {"form": form})
@login_required
def admin_change_user_permissions(request, id):
if not request.user.leadershipmember.can_change_leadership_permissions:
return HttpResponseRedirect(reverse("admin"))
if request.method == 'POST':
form = ChangePermissionsForm(request.POST)
if form.is_valid():
print("1")
data = form.cleaned_data
lm = LeadershipMember.objects.get(id=id)
lm.can_add_leadership_members = data["can_add_leadership_members"]
lm.can_change_leadership_permissions = data["can_change_leadership_permissions"]
lm.save()
return HttpResponseRedirect(reverse("admin change permissions"))
person = request.user.leadershipmember
form = ChangePermissionsForm(instance=LeadershipMember.objects.get(id=id))
return render(request, "scanner/admin_change_user_permissions.html", {"form": form, "person": person, "id": id})
def admin_login(request):
if request.method == 'POST':
form = AdminLoginForm(request.POST)
if form.is_valid():
