def signout(): auth_cookie = request.cookies.get(app.cfg['auth_cookie_name']) if not login.check_login(auth_cookie): return redirect("/") # # crumb key # crumb_key = "logout" crumb_input = crumb.generate(crumb_key) # # sign out # if request.method == 'POST': post_crumb = request.form['crumb'] if not crumb.check(post_crumb, app.cfg['crypto_crumb_secret']): return redirect("/") return login.do_logout() else: return render_template("page_signout.html", crumb_input=crumb_input)
def signin(): auth_cookie = request.cookies.get(app.cfg['auth_cookie_name']) if (login.check_login(auth_cookie)): return redirect("/") # # try and sign in # if request.method == 'POST': email = request.form['email'] password = request.form['password'] # # required fields? # if ((not len(email)) or (not len(password))): error = {"error_missing":1} return render_template("page_signin.html", error=error) # # user exists # ## get the user by email address user = users.get_user_by_email(email) if (not user): error = {"error_nouser":1} return render_template("page_signin.html", error=error) # # user deleted # if (user['deleted']): error = {"error_deleted":1} return render_template("page_signin.html", error=error) # # password matches # if (not passwords.validate_password_for_user(password, user)): error = {"error_password":1} return render_template("page_signin.html", error=error) # # it's all good - sign in # return login.do_login(user) else: ### just show the login form return render_template("page_signin.html")
def signup(): auth_cookie = request.cookies.get(app.cfg['auth_cookie_name']) if (login.check_login(auth_cookie)): return redirect("/") if request.method == 'POST': email = request.form['email'] password = request.form['password'] username = request.form['username'] # # all fields are in order? # if ( (not len(email)) or (not len(password)) or (not len(username))): error = {"error_missing":1} return render_template("page_signup.html", error=error) # # email available # if users.is_email_taken(email): error = {"error_email_taken":1} return render_template("page_signup.html", error=error) # # username available # if users.is_username_taken(username): error = {"error_username_taken":1} return render_template("page_signup.html", error=error) # # create account # user = {"email":email, "password":password, "username":username} ret = users.create_user(user) if ret: user = users.get_user_by_email(ret['email']) return login.do_login(user) else: error = {"error_server":1} return render_template("page_signup.html", error=error) else: ### just show the signup form return render_template("page_signup.html")
def init(): app.cfg['script_name'] = request.path app.cfg['User-Agent'] = request.headers.get('User-Agent') auth_cookie = request.cookies.get(app.cfg['auth_cookie_name']) login.check_login(auth_cookie)