def signup(): def check_email(email): cur = g.db.execute('select 1 from user where email=?', [email]) row = cur.fetchone() return True if row else False error = None if request.method == 'POST': username = request.form['username'] email = request.form['email'] raw_password = request.form['password'] raw_password2 = request.form['password2'] if get_user_id(username): error = 'username exists!' elif check_email(email): error = 'email exists!' elif raw_password != raw_password2: error = '2 password dont match' else: salt = gen_salt() salted_pwd = salt + '.' + hash_password(username, raw_password, salt) g.db.execute('''insert into user(username, salted_pwd, email) values(?,?,?)''', [username, salted_pwd, email]) g.db.commit() return redirect(url_for('signin')) return render_template('signup.html', error=error)
def before_request(): g.db = connect_db() g.user = None if 'username' in session: g.user = {'user_id' : get_user_id(session['username']), 'username' : session['username']}