def signup():
def check_email(email):
cur = g.db.execute('select 1 from user where email=?', [email])
row = cur.fetchone()
return True if row else False
error = None
if request.method == 'POST':
username = request.form['username']
email = request.form['email']
raw_password = request.form['password']
raw_password2 = request.form['password2']
if get_user_id(username):
error = 'username exists!'
elif check_email(email):
error = 'email exists!'
elif raw_password != raw_password2:
error = '2 password dont match'
else:
salt = gen_salt()
salted_pwd = salt + '.' + hash_password(username, raw_password,
salt)
g.db.execute('''insert into user(username, salted_pwd, email)
values(?,?,?)''', [username, salted_pwd, email])
g.db.commit()
return redirect(url_for('signin'))
return render_template('signup.html', error=error)
def before_request():
g.db = connect_db()
g.user = None
if 'username' in session:
g.user = {'user_id' : get_user_id(session['username']),
'username' : session['username']}
