def user_home():
if 'user_logged' not in request.cookies:
return redirect(url_for('login'))
return modify30DayLoginCookie(
request,
render_template('user_home.html',
uname=request.cookies['user_logged'],
page_subname="Home",
subnav_menu_item_id='subnav-home'))
def user_oceans(default='default_browse'):
if 'user_logged' not in request.cookies:
return redirect(url_for('login'))
default = default.split('_')
valid_defaults = ['browse']
if default[0] != 'default' or default[
1] not in valid_defaults: # default not correctly supplied
abort(404)
return modify30DayLoginCookie(
request,
render_template('user_oceans.html',
uname=request.cookies['user_logged'],
default=default[1],
page_subname="Oceans",
subnav_menu_item_id='subnav-oceans'))
def signup_processing():
if request.referrer not in [url_for('signup', _external=True)]:
abort(403)
# get form data
username = request.form['username']
password = request.form['password']
conn = mysql.connector.connect(user='******', host='localhost', database='Ocean')
cursor = conn.cursor()
# hash the password
hasher = hashlib.sha256()
hasher.update(password.encode('utf-8'))
# no need to check for collisions, because form would not have been submitted if there was one
cursor.execute("INSERT INTO Users (UserName, Pass, Salt) VALUES (%s, %s, %s)",
[username, hasher.hexdigest(), datetime.utcnow()])
conn.commit()
cursor.close()
conn.close()
redir = redirect(url_for('user_site.user_home'))
return modify30DayLoginCookie(request, redir, user=username, addIfNotExists=True) # log the user in and send them home
def login_processing():
if request.referrer not in [url_for('login', _external=True), url_for('login', failed="failed", _external=True)]:
abort(403)
username = request.form['username']
rawpswd = request.form['password']
# User: DCC Pawssword: DCCInfinity
# get MySQL cursor and desired login data
conn = mysql.connector.connect(user='******', host='localhost', database='Ocean')
cursor = conn.cursor(buffered = True)
cursor.execute("SELECT Pass, Salt FROM Users WHERE UserName=%s", [username])
if cursor.rowcount == 0:
cursor.close()
conn.close()
return redirect(url_for('login', failed = 'failed')) # no such username
user = cursor.fetchone()
password = user[0]
salt = user[1]
hasher = hashlib.sha256()
hasher.update(rawpswd.encode('utf-8'))
hasher.update(salt.encode('utf-8'))
encpswd = hasher.hexdigest()
# check password
if password == encpswd: # login successful
cursor.close()
conn.close()
redir = redirect(url_for('user_site.user_home'))
return modify30DayLoginCookie(request, redir, user=username, addIfNotExists=True) # add cookie here
else: # login failed
cursor.close()
conn.close()
return redirect(url_for('login', failed = 'failed'))
def logout():
# erase any cookies regardless of who is logged in
redir = redirect(url_for('login'))
return modify30DayLoginCookie(
request, redir, add=False
) # the redirect takes the place of the rendered template here
def learn_more():
return modify30DayLoginCookie(
request,
render_template('learn_more.html', nav_menu_item_id="nav-learn-more"))
def index():
from aux_functions import cleanUserLoginKeyTable
cleanUserLoginKeyTable()
return modify30DayLoginCookie(
request, render_template('index.html', nav_menu_item_id=None))