def setup():
try:
g.session.query(User).first()
except OperationalError:
if request.method == "POST":
try:
MainBase.metadata.create_all(g.engine_main)
except OperationalError as error:
app.logger.error(error)
else:
u = User(email=request.form['email'],
password=hash_password(request.form['password'], app.secret_key),
name_first=request.form['name_first'],
name_last=request.form['name_last'],
level=99)
g.session.add(u)
g.session.commit()
try:
os.mkdir(app.config['FD_INDEX_PATH'])
except FileExistsError as error:
app.logger.warning(error)
return redirect(url_for('login'))
return render_template("setup.html")
else:
flash("Setup already complete.", "warning")
return redirect(url_for('databases'))
def users():
form = UserForm()
if form.validate_on_submit():
u = User(email=form.email.data,
password=hash_password(form.password.data, app.secret_key),
level=form.level.data)
g.session.add(u)
g.session.commit()
return render_template("users.html", form=form, users=g.session.query(User).all())
def login():
form = LoginForm()
if form.validate_on_submit():
try:
u = g.session.query(User).filter_by(email=form.email.data).one()
except NoResultFound:
flash("Invalid user.", "error")
return render_template("login.html")
if hash_password(form.password.data, app.secret_key) == u.password:
session['email'] = u.email
session['level'] = u.level
return redirect(url_for('index'))
return render_template("login.html", form=form)
