def main(request):
if not request.method == 'POST':
return render_to_response("users/main.html")
username = request.POST['username']
password = request.POST['password']
try:
user = models.Users.objects.get(username=username)
except models.Users.DoesNotExist:
error = 'Incorrect username or password'
return render_to_response("users/main.html", {'error' : error})
if hashlib.sha224(password + user.salt).hexdigest() != user.password:
return render_to_response("users/main.html", {'error' : 'Incorrect username or password'})
session_id = utils.random_string(20)
models.SessionData.objects.create(
session_id=session_id,
user=user,
)
response = redirect('chat/')
response.set_cookie(key='id', value=session_id)
return response
def registration(request):
if request.method == 'GET':
return render_to_response('users/registration.html')
username = request.POST['username']
password = request.POST['password']
errors = []
errors.extend(utils.validate_username(username))
errors.extend(utils.validate_password(password))
if models.Users.objects.filter(username=username).exists():
errors.append("This user exists")
if errors:
return render_to_response("users/registration.html", {'errors' : errors})
salt = utils.random_string(18)
password = hashlib.sha224(password + salt).hexdigest()
models.Users.objects.create(username=username, password=password, salt=salt)
return HttpResponseRedirect('/')