def verified():
obj_dao = Dao()
obj_vo = loginVo()
obj_vo.user_email = request.form.get('user_email')
obj_vo.user_password = request.form.get('user_password')
result, data, identify = obj_dao.login(obj_vo)
if "admin_name" in data:
if result == 1 and identify == "admin":
return render_template('content/admin/adminHome.html',
data=data['admin_name'])
else:
if result == 1 and identify == "wholesaler":
main = data['user_full_name']
return render_template('content/wholesaler/wholesalerHome.html',
data=main)
elif result == 1 and identify == "retailer":
main = data['user_full_name']
return render_template('content/retailer/retailerHome.html',
data=main)
elif result == 0 and data == "none" and identify == "invalid":
flash("Invalid crendtial kindly check email or password...")
return redirect(url_for('reroute'))
def auth_login():
if request.method == 'POST':
uname = str(request.form['username'])
pw = str(request.form['password'])
quser = User.query.filter_by(username = uname).first()
if( quser != None ):
pw_hash = hashpw(pw, quser.password)
if( pw_hash == quser.password ):
login_user(quser)
else:
flash('Invalid Username or password', 'Error')
else:
flash('Invalid Username or password', 'Error')
return default_view()
def auth_register():
error = None
# #############################################################
# TODO: Add form input validation and sanitize everything and
# add bcrypt support
if request.method == 'POST':
uname = str(request.form['username'])
pw = str(request.form['password'])
pw2 = str(request.form['password2'])
email = str(request.form['email'])
unc_email = str(request.form['uncc_email'])
fname = str(request.form['firstname'])
lname = str(request.form['lastname'])
nick = str(request.form['nickname'])
degree_prog = int(request.form['degree_program'])
if len(uname) < 5:
flash('Username is too short: must be longer than five characters', 'Error')
return render_template('register.html',
error=error,
degrees=app.config['DEGREE_PROGRAMS'])
quser = User.query.filter_by(username = uname).first()
qemail = User.query.filter_by(uncc_email = unc_email).first()
if (quser is None) and (qemail is None):
if pw == pw2: # basic password validation
# generate password hash
passwd = hashpw(pw, gensalt())
usr = User(uname, passwd, email)
usr.set_fullname(fname,lname)
usr.set_uncc_email(unc_email)
usr.set_nickname(nick)
usr.set_degree_program(degree_prog)
db.session.add(usr)
db.session.commit()
flash('User created: You may now login.', 'Message')
return default_view()
else:
flash('Passwords do not math', 'Error')
else:
flash('Username or Email already in use.', 'Error')
return default_view('user/register.html')
def user_update_submit():
error = None
usr = current_user
fname = request.form.get('firstname', None)
lname = request.form.get('lastname', None)
nname = request.form.get('nickname', None)
dprog = request.form.get('degree_program', None)
uemai = request.form.get('uncc_email', None)
email = request.form.get('email', None)
cpass = request.form.get('curpassword', None)
pass1 = request.form.get('newpassword', None)
pass2 = request.form.get('newpassword2', None)
if not fname is None:
usr.set_fullname(str(fname), str(lname))
usr.set_nickname(str(nname))
usr.set_degree_program(int(dprog))
if not uemai is None:
usr.set_uncc_email(uemai)
usr.set_email(email)
if not cpass is None:
pw_hash = hashpw(cpass, usr.password)
if pw_hash == usr.password:
if pass1 == pass2:
usr.password = hashpw(pass1, usr.password)
else:
flash("Passwords Fail to Match", "Error")
else:
flash("Invalid Current Password", "Error")
if error is None:
base_app.db.session.commit()
return render_template('user/update_user.html', error = error, user = current_user)
