def user_roles(user_id):
admin_id = 1 #Role.get_id_by_name('Administrador')
teacher_id = 2 #Role.get_id_by_name('Docente')
preceptor_id = 3 #Role.get_id_by_name('Preceptor')
is_admin = 0
is_teacher = 0
is_preceptor = 0
if User.has_role(user_id, admin_id):
is_admin = 1
if User.has_role(user_id, teacher_id):
is_teacher = 1
if User.has_role(user_id, preceptor_id):
is_preceptor = 1
response = {}
response['is_admin'] = is_admin
response['is_teacher'] = is_teacher
response['is_preceptor'] = is_preceptor
return response
def authenticate():
form = LoginForm()
if form.validate_on_submit():
params = request.form
user = User.find_by_user(params["username"])
if (
user
and user["activo"] == 1
and bcrypt.check_password_hash(user["password"], params["password"])
):
config = siteconfig.get_config()
modo_mantenimiento = config["modo_mantenimiento"]
if modo_mantenimiento == 1 and (
not User.has_role(params["username"], "administrador")
):
flash("Sitio en mantenimiento", "error")
else:
session["user"] = user["username"]
flash("La sesión se inició correctamente", "success")
return redirect(url_for("user_dashboard"))
elif user and user["activo"] == 0:
flash("Su cuenta está bloqueada", "error")
else:
flash("Usuario o clave incorrecto", "error")
# TODO: Mensajes de error
else:
if len(form.errors) == 2:
flash("Complete los campos para poder loguearse", "error")
else:
error_msg = "".join(list(form.errors.values())[0]).strip("'[]")
flash(error_msg, "error")
return redirect(url_for("auth_login"))
def has_role(role_name, session):
username = session.get("user")
role = User.has_role(username, role_name)
return role
