def login():
if current_user.is_authenticated:
return redirect(url_for('routes.index'))
form = LoginForm()
print(form.errors)
if form.is_submitted():
print("submitted")
print(form.errors)
print('Estoy acá1')
if request.method == 'POST' and form.validate():
print(12341232134)
user = User.query.filter_by(username=form.username.data).first()
print(user)
if user and checkph(user.hash_password, form.password.data):
# https://flask-login.readthedocs.io/en/latest/
login_user(user, remember=form.remember.data)
# Sirve para redirigir a lo que el valor de next
# este seteado, por ejemplo ?next=aboutus
next = request.args.get("next")
# if not is_safe_url(next):
# if not (next):
# print("tu url no es safe: {}".format(next))
# return abort(400)
# else:
return redirect(next or url_for('routes.index'))
else:
flash("Login failed. Check your e-mail and password", "danger")
msg = request.args.get('msg')
return render_template('auth/login.html', form=form, msg=msg)
def ingresar():
if (request.method == 'GET'):
if 'nombre' in session:
return render_template('index.html')
else:
return render_template('login.html')
else:
nombre = request.form['username']
contrasena = request.form['pass']
session['nombre'] = nombre
hash_contrasena = genph(contrasena)
usuario = mysql.query_db(
"select nombre, contrasena, rol from users where nombre =%s",
[nombre])
print('usuario:', usuario)
if (len(usuario) != 0):
print(usuario
) #diccionario [{'nombre': 'admin', 'contrasena': 'admin'}]
for row in usuario:
username = row['nombre']
password = row['contrasena']
rol = row['rol']
print(username, password, rol)
if (checkph(hash_contrasena, password)):
if rol == 'Administrador':
return redirect(url_for('busqueda_adm', usr=username))
else:
return redirect(url_for('busqueda', usr=username))
else:
# Flask("La contraseña es incorrecta", "alert-warning")
return render_template("login.html")
else:
return render_template("login.html")
def delete_comment(id=None):
form = DeleteCommentForm()
post_id = request.args.get("id")
if form.validate_on_submit():
comment = Comment.query.get(id)
if checkph(comment.hash_password, form.password.data):
post = Post.query.get(post_id)
post.total_comments -= 1
db.session.delete(comment)
db.session.commit()
return redirect(url_for('routes.view', id=post_id))
# Ahora debería guardar el catalogo del negocio en la db
else:
return redirect(
url_for('routes.output', msg="""Contraseña errónea, bro."""))
return render_template('user/delete.html', form=form)
def login():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
userList = getQuery(
"SELECT * FROM users WHERE nameUser = '******'".format(
Markup.escape(username)))
if (len(userList) > 0):
hashPass = userList[0][3]
if (checkph(hashPass, password)):
session["username"] = username
session["id"] = userList[0][0]
return jsonify(message="Ta bien", code=0)
else:
return jsonify(message="No ta bien", code=2)
else:
return jsonify(message="No ta bien", code=1)
def delete(id=None):
form = DeleteForm()
print(form.errors)
if form.is_submitted():
print("submitted")
print(form.errors)
print('Estoy acá1')
if form.validate_on_submit():
post = Post.query.get(id)
if checkph(post.hash_password, form.password.data) \
or (current_user.is_authenticated and current_user.admin == 1):
db.session.delete(post)
db.session.commit()
else:
return redirect(
url_for('routes.output', msg="""Contraseña errónea, bro."""))
return redirect(url_for('routes.index'))
# Ahora debería guardar el catalogo del negocio en la db
return render_template('user/delete.html', form=form)
def verif_clave(self, password):
return checkph(self.hash_clave, password)
def verif_clave(
self, clave
): #comparar la clave pasada como argumento con el hash del usuario
return checkph(self.hash_clave, clave)