def get_current_user():
"""Returns an object of Student or Teacher class, whose credentials are currently saved in session."""
if session['logged_in']:
if session['type'] == 'S':
return Student.get(Student.username == session['username'])
elif session['type'] == 'T':
return Teacher.get(Teacher.username == session['username'])
def teacher_login_():
form = TeacherLoginForm()
if form.validate_on_submit():
try:
teacher = Teacher.get(username=form.username.data)
# adequate salt is stored in the password itself
stored_password = teacher.password.encode('utf-8')
password_to_check = form.password.data.encode('utf-8')
password = hashpw(password_to_check, stored_password)
if password != stored_password:
raise WrongPassword('Wrong password')
except WrongPassword:
flash('Wrong password')
except Teacher.DoesNotExist:
flash('Wrong username or password')
else:
authorize_teacher(teacher)
return redirect(url_for('teacher_profile'))
flash_errors(form)
return render_template('teacher_login.html', form=form)
