def user_roles(user_id): admin_id = 1 #Role.get_id_by_name('Administrador') teacher_id = 2 #Role.get_id_by_name('Docente') preceptor_id = 3 #Role.get_id_by_name('Preceptor') is_admin = 0 is_teacher = 0 is_preceptor = 0 if User.has_role(user_id, admin_id): is_admin = 1 if User.has_role(user_id, teacher_id): is_teacher = 1 if User.has_role(user_id, preceptor_id): is_preceptor = 1 response = {} response['is_admin'] = is_admin response['is_teacher'] = is_teacher response['is_preceptor'] = is_preceptor return response
def authenticate(): form = LoginForm() if form.validate_on_submit(): params = request.form user = User.find_by_user(params["username"]) if ( user and user["activo"] == 1 and bcrypt.check_password_hash(user["password"], params["password"]) ): config = siteconfig.get_config() modo_mantenimiento = config["modo_mantenimiento"] if modo_mantenimiento == 1 and ( not User.has_role(params["username"], "administrador") ): flash("Sitio en mantenimiento", "error") else: session["user"] = user["username"] flash("La sesión se inició correctamente", "success") return redirect(url_for("user_dashboard")) elif user and user["activo"] == 0: flash("Su cuenta está bloqueada", "error") else: flash("Usuario o clave incorrecto", "error") # TODO: Mensajes de error else: if len(form.errors) == 2: flash("Complete los campos para poder loguearse", "error") else: error_msg = "".join(list(form.errors.values())[0]).strip("'[]") flash(error_msg, "error") return redirect(url_for("auth_login"))
def has_role(role_name, session): username = session.get("user") role = User.has_role(username, role_name) return role