def register_view(self): form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): user = Users() user.username = form.username.data user.email = form.email.data user.roles = ','.join(form.role.data) # we hash the users password to avoid saving it as plaintext in the db, # remove to use plain text: user.password = generate_password_hash(form.password.data) Session.add(user) Session.commit() login.login_user(user) flash('Thanks for registering') return redirect(url_for('.index')) link = '<p>Already have an account? <a href="' + url_for('.login_view') + '">Click here to log in.</a></p>' form_roles = [] roles = Session.query(Role).all() for role in roles: form_roles.append((role.key, role.name)) form.role.choices = form_roles self._template_args['form'] = form self._template_args['link'] = link return super(MyAdminIndexView, self).index()
def register_user(email, name, password, image=_DEFAULT_IMAGE): if not name or not name.strip(): raise APIValueError('name') if not email or not _RE_EMAIL.match(email): raise APIValueError('email') if not password or _RE_SHA1.match(password): raise APIValueError('password') user = yield from Users.find('email=?',[email]) if user: raise APIError('register:failed','email','Email is already used.') uid = next_id() sha1_password = '******' % (uid, password) user = Users(id=uid, name=name, email=email, password=hashlib.sha1(sha1_password.encode('utf-8')).hexdigest(),image=image) yield from user.save() r = aiohttp.web.Response() r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True) user.password = '******' r.content_type = 'application/json' r.body = json.dumps(user, ensure_ascii=False).encode('utf-8') return r