def create_user(self, username, password, perm_level): salt = getsalt() passhash = createhash(salt,password) if perm_level == "Admin": db.session.add(User(username, salt, passhash, perm_level, 1)) else: db.session.add(User(username, salt, passhash, perm_level, 0)) db.session.commit()
def init_db(): 'Initializes the SQL tables using SqlAlchemy\'s declarative system.' # import the ORM classes from app.dbmodels import User, CarFeatures, Car, CarPics, \ CustomerInfo, OrderInfo, ServiceInfo # create the SQL tables db.create_all() # create an administrator account if User.query.filter_by(uname="admin").first() == None: salt = getsalt() passhash = createhash(salt,"Mko0!") admin = User("admin", salt, passhash, "Admin", 1) db.session.add(admin) db.session.commit()
def register(): # TODO: Add template logic for trying to register an existing user if request.method == 'POST': if validate_table(register_form, request.form): username = request.form['username_register'] email = request.form['email'] password = request.form['password_register'] confirm = request.form['confirm'] if username == "" or email == "" or \ password == "" or confirm == "": return redirect(url_for('login')) if password != confirm: # Add template logic for invalid registration. return redirect(url_for('login')) user_exists = User.query.filter( User.uname == username ).scalar() if user_exists is None: salt = getsalt() passhash = createhash(salt, password) new_user = User(username, email, salt, passhash) db.session.add(new_user) db.session.commit() return render_template( 'index.html', message='Registration successful' ) else: message = 'Error account already exists' return render_template( 'index.html', message=message ) else: return redirect(url_for('login')) else: return render_template('login.html')
def register(): 'Register the user by adding an entry to the User table.' # redirect signed in user to home page (already register) if 'username' in session: return redirect(url_for("home")) # user has submitted a registration form if request.method == "POST": if validate_table(accountreg_ft, request.form): # extract form entries username = request.form[accountreg_ft[0]] password = request.form[accountreg_ft[1]] verified = request.form[accountreg_ft[2]] status = 0x0000 # validate registration if not 5 <= len(username) <= 25: status += 0x0002 # username must be 5 - 25 characters long if set(username) - chars: status += 0x0004 # username must contain only letters and digits if not 5 <= len(password) <= 25: status += 0x0008 # password must be 5 - 25 characters long if len(set(password) & set(digit)) < 1: status += 0x0010 # must contain digit character if len(set(password) & set(upper)) < 1: status += 0x0020 # must contain capital character if len(set(password) & set(speci)) < 1: status += 0x0040 # must contain special character if password != verified: status += 0x0080 # password is not verified if User.query.filter_by(uname=username).first() != None: status += 0x0100 # username already exist # create the user if it does not exist if not status: salt = getsalt() passhash = createhash(salt,password) newuser = User(username, salt, passhash, "Guest", 0) db.session.add(newuser) db.session.commit() return redirect(url_for("login", message="Registration successful, please sign in!")) # report password does not match elif status & 0x0080: return redirect(url_for("register", message = "Unable to verified password, please re-enter password.")) # report username already exist elif status & 0x0100: return redirect(url_for("register", message = "{} has already been taken, please choose another username.".format(username))) # report validation error else: return redirect(url_for("register", message = "Invalid username or password, please re-read the registration form rules.")) # present user with initial registration return render_template('accounttemps/register.html')