Exemplo n.º 1
0
def user_login(request):
    if request.form["username"] == "admin" and request.form["password"] == ADMIN_PASSWORD:
        request.client_session["user_id"] = -1
        return user_profile(request, -1)
    user = (
        session.query(User)
        .filter(User.username == request.form["username"])
        .filter(User.password == hash_password(request.form["password"]))
        .one()
    )
    request.client_session["user_id"] = user.id
    return render_json(user.to_api_dict())
Exemplo n.º 2
0
def create_user(request):
    try:
        u = session.query(User).filter(User.username == request.form["username"]).one()
        logging.debug("Not creating user %s, username already in use." % request.form["username"])
        return DuplicateError
    except NoResultFound:
        pass
    u = User(
        request.form["username"],
        request.form["fullname"],
        hash_password(request.form["password"]),
        request.form["editor"] == "true",
        request.form["superuser"] == "true",
    )
    # handle query errors and return a valid response
    session.add(u)
    session.commit()
    u = session.query(User).filter(User.username == request.form["username"]).one()
    return render_json(u.to_api_dict())