def authorize_user(): client_id = int(request.form.get('client_id')) login = request.form.get('login') password = request.form.get('password') state = request.form.get('state', None) if not db.user_base(login=login): return redirect(db.client_base[client_id]['redirect_uri'] + '?error=access_denied' + ('' if state is None else '&state=' + state), code=302) if db.user_base(login=login)[0]['pswd'] != sha256(password.encode('UTF-8')).digest(): return redirect(db.client_base[client_id]['redirect_uri'] + '?error=access_denied' + ('' if state is None else '&state=' + state), code=302) code=sha256(str(uuid4()).encode('UTF-8')).hexdigest() db.authorization_code.insert(user_id=db.user_base(login=login)[0]['__id__'], code=code, expire_time=datetime.now() + timedelta(minutes=30)) db.authorization_code.commit() return redirect(db.client_base[client_id]['redirect_uri'] + '?code=' + code + ('' if state is None else '&state=' + state), code=302)
def register_user(): print ('in /registration-post') ############## login = request.form['login'] if not login: return render_template('register_failed.html', reason='Empty login not allowed.') password = request.form['password'] name = request.form['name'] or None email = request.form['email'] or None print (login, ' ', name, ' ',password, ' ',email) if db.user_base(login=login): return render_template('register_failed.html', reason='User already exists.'.format(login)) db.user_base.insert(login=login, pswd=sha256(password.encode('UTF-8')).digest(), name=name, email=email) db.user_base.commit() return render_template('register_successed.html', login=request.form['login'])