def auth_create():
if request.method == "GET":
return render_template("auth/new.html", form=UserForm())
form = UserForm(request.form)
if not form.validate():
return render_template("auth/new.html", form=form)
elif form.password.data != form.re_password.data:
return render_template("auth/new.html",
form=UserForm(),
passwords_dont_match=True)
elif User.query.filter_by(
username=request.form.get("username").lower()).scalar() is None:
u = User(
form.firstname.data, form.surename.data,
form.username.data.lower(),
f_bcrypt.generate_password_hash(form.password.data).decode('utf8'),
form.role.data, True, 0)
db.session().add(u)
db.session().commit()
return redirect(url_for("show_scheduled_tasks"))
return render_template("auth/new.html",
form=UserForm(),
username_taken=True)
def user_confirmupdate(user_id):
user = User.query.get(user_id)
form = UserForm(request.form)
if not form.validate():
return render_template("auth/updateuser.html",
form=form,
user_id=user_id)
alreadyExistsUser = User.query.filter_by(
username=form.username.data).first()
# Tarkistetaan muokkauksessa ettei samannimistä käyttäjää ole, oma olemassaoleva käyttäjätunnus käy
if alreadyExistsUser and current_user != alreadyExistsUser:
form.username.errors.append(
"käyttäjätunnus on jo olemassa, valitse toinen käyttäjätunnus")
return render_template("auth/updateuser.html",
form=form,
user_id=user_id)
# Salasanan salaus
pw_hash = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
user.name = form.name.data
user.username = form.username.data
user.password = pw_hash
db.session().commit()
children = Child.query.filter(Child.account_id == user_id)
return render_template("auth/showuser.html", children=children, user=user)
def users_create():
if request.method == "GET":
return render_template("auth/userform.html", form=UserForm())
form = UserForm(request.form)
if not form.validate():
flash("Please, check your input!", category="warning")
return render_template("auth/userform.html", form=form)
if not form.password.data == form.password_conf.data:
flash("Passwords not equal!", category="warning")
return render_template("auth/userform.html", form=form)
try:
name = form.name.data
username = form.username.data
password = form.password.data
r = form.role.data
u = User(name, username, password)
u.roles.append(Role(name=r))
db.session().add(u)
db.session().commit()
flash("New user account created successfully!", category="success")
return redirect(url_for("index"))
except IntegrityError:
flash("Username already taken!", category="warning")
return render_template("auth/userform.html", form=form)
def auth_new_friseur():
if request.method == "GET":
return render_template("auth/new_friseur.html", form=UserForm())
form = UserForm(request.form)
if not form.validate():
return render_template("auth/new_friseur.html", form=form)
user = User.query.filter_by(username=form.username.data).first()
if user:
flash("Username exists, pick another one", "alert-warning")
return render_template("auth/new_friseur.html", form=form)
# Encrypt password and assign friseur role
password_hash = bcrypt.generate_password_hash(form.password.data)
user = User(form.name.data, form.username.data, password_hash)
user.role = Role.query.get(2)
db.session().add(user)
db.session().flush()
# Add all upcoming work days to friseur
upcoming_work_days = Work_day.upcoming_work_days()
for day in upcoming_work_days:
friseur_work_day = Friseur_work_day(user.id, day.get("id"), 10, 17)
db.session().add(friseur_work_day)
db.session().flush()
db.session().commit()
flash("New friseur with username %s created." % user.username,
"alert-warning")
return redirect(url_for("friseur_index"))
def auth_edit():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/edit.html", form=form, user=current_user)
current_user.username = form.username.data
current_user.password = form.password.data
db.session().commit()
return redirect(url_for("index"))
def auth_register():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/register.html", form=form)
user = User(form.username.data, form.password.data)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for("index"))
def user_modify():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/userpage.html", form=form)
current_user.username = form.username.data
current_user.password = form.password.data
current_user.name = form.username.data
db.session.commit()
return redirect(url_for("user_page"))
def user_change(user_id):
user = User.query.get(user_id)
form = UserForm(obj=user)
if not form.validate():
return render_template("auth/change.html",
user=user,
form=form,
user_error="")
return render_template("auth/change.html", user=user, form=form)
def users_create():
form = UserForm(request.form)
if not form.validate():
return render_template("users/new.html", form=form)
user = User(form.name.data, form.username.data, form.password.data,
form.job.data)
db.session().add(user)
db.session().commit()
return redirect(url_for("users_index"))
def change_user_form(user_id):
user = User.query.get(user_id)
form = UserForm(obj=user) # the form is prefilled with data
if not form.validate():
return render_template("auth/change.html", form=form, user=user)
user.name = form.name.data
user.password = form.password.data
db.session().commit()
return redirect(url_for("admintools"))
def auth_create():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/new.html", form=form)
pw_hash = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
u = User(form.name.data, form.username.data, pw_hash, "NORMAL")
db.session().add(u)
db.session().commit()
return redirect(url_for("auth_login"))
def auth_uppdate(auth_id):
user = User.query.get(auth_id)
form = UserForm(request.form)
#validoinnit
print(form)
if not form.validate():
return render_template("auth/modify.html", user=user, form=form)
user.name = form.name.data
user.username = form.username.data
user.password = form.password.data
user.role = form.role.data
db.session().commit()
return redirect(url_for("auth_index"))
def user_edit():
id = request.args.get("user_id")
user = User.query.get(id)
form = UserForm(obj=user)
if request.method == 'POST' and form.validate():
role = Role.query.filter_by(name=form.role.data).first()
if not role:
role = Role(form.role.data)
db.session().add(role)
user.roles.clear()
user.roles.append(role)
form.populate_obj(user)
db.session().commit()
return redirect(url_for("books_index"))
return render_template('auth/edit.html', form=form)
def auth_register():
if request.method == "GET":
return render_template("auth/new_user.html", form=UserForm())
form = UserForm(request.form)
if not form.validate():
return render_template("auth/new_user.html", form=form)
user = User(form.name.data, form.username.data, form.password.data)
user.role = Role.query.get(1)
db.session().add(user)
db.session().commit()
return redirect(url_for("auth_login"))
def auth_signup():
if request.method == "GET":
return render_template("auth/signup.html", form=UserForm())
else:
form = UserForm(request.form)
if not form.validate():
return render_template("auth/signup.html", form=form)
else:
user = User(username=form.username.data,
name=form.name.data,
password=form.password.data)
db.session.add(user)
db.session.commit()
return render_template("auth/login.html",
form=LoginForm(),
success="Account created.")
def users_create():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/userform.html", form=form)
u = User(form.name.data, form.e_mail.data, form.address.data,
form.username.data, form.password.data)
role = Role.query.filter_by(name=form.role.data).first()
if not role:
role = Role(form.role.data)
db.session().add(role)
u.roles.append(role)
db.session().add(u)
db.session().commit()
return redirect(url_for("books_index"))
def users_create():
form = UserForm(request.form)
form.permission_id.choices = [(permission.id, permission.name) for permission in Permission.query.all()]
if not form.validate():
return render_template("auth/new.html", form=form)
user = User(form.username.data)
user.first_name = form.first_name.data
user.last_name = form.last_name.data
user.password = form.password.data
user.permission_id = form.permission_id.data
if User.query.filter_by(username=form.username.data).count() > 0:
return render_template("auth/new.html", form=form, error = "Tunnus on jo käytössä. Valitse uusi käyttäjätunnus.")
db.session().add(user)
db.session().commit()
return redirect(url_for("users_index"))
def users_create():
form = UserForm(request.form)
if request.method == "GET":
return render_template("auth/newuser.html", form=form)
form = UserForm(request.form)
if not form.validate():
return render_template("auth/newuser.html", form=form)
#validoidaan samannimiset käyttäjänimet,jos löytyy render lomake uusiks ja error
if User.query.filter_by(username=form.username.data).first():
return render_template(
"auth/newuser.html",
form=form,
same_error="Samanniminen käyttäjänimi on jo arkistossa!")
t = User(name=form.name.data,
username=form.username.data,
password=form.password.data,
role="USER")
db.session().add(t)
db.session().commit()
return redirect(url_for("auth_login"))
def auth_login():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/login.html", form=form)
user = User.query.filter_by(username=form.username.data).first()
if not user:
return render_template("auth/login.html",
form=form,
error="Incorrect username")
if not bcrypt.check_password_hash(user.pw_hash, form.password.data):
return render_template("auth/login.html",
form=form,
error="Incorrect password")
login_user(user)
return redirect(url_for("index"))
def auth_info():
form = UserForm(request.form)
user = User.query.get(current_user.id)
if not form.validate():
return render_template("auth/information.html",
form=UserForm(),
tasks=Task.find_users_tasks(current_user.id))
if form.name.data:
user.name = form.name.data
if form.username.data:
if not User.unique_username(form.username.data):
user.username = form.username.data
if form.password.data:
user.password = form.password.data
db.session().commit()
return redirect(url_for("auth_information"))
def signup_form():
if request.method == "GET":
return render_template("auth/new.html", form = UserForm())
form = UserForm(request.form)
if not form.validate():
return render_template("auth/new.html", form = form)
found_user = User.query.filter_by(username = form.username.data).first()
if found_user:
return render_template("auth/new.html", form = form,
error = "Username already exists")
if form.password.data != form.repassword.data:
return render_template("auth/new.html", form = form,
error = "Passwords doesn't match")
new_user = User(form.username.data, form.password.data)
db.session.add(new_user)
db.session.commit()
login_user(new_user)
return redirect(url_for("index"))
def auth_register():
if request.method == "GET":
return render_template("auth/new_user.html", form=UserForm())
form = UserForm(request.form)
if not form.validate():
return render_template("auth/new_user.html", form=form)
user = User.query.filter_by(username=form.username.data).first()
if user:
flash("Username exists, pick another one", "alert-warning")
return render_template("auth/new_user.html", form=form)
# Encrypt password
password_hash = bcrypt.generate_password_hash(form.password.data)
user = User(form.name.data, form.username.data, password_hash)
# if this is first user make them an admin
if User.query.count() == 0:
user.role = Role.query.get(3) # admin
flash(
"First user created! User %s has been assigned as administrator." %
user.username)
else:
user.role = Role.query.get(1) # user
flash("New user created. Welcome %s" % user.name, "alert-success")
db.session().add(user)
db.session().commit()
# Log in user
created_user = User.query.filter_by(username=user.username).first()
login_user(created_user)
return redirect(url_for("index"))
def user_edit(user_id):
if request.method == "GET":
user = User.query.get(user_id)
form = UserForm(obj=user)
return render_template("auth/edit_user.html",
form=form,
user_id=user_id)
form = UserForm(request.form)
user = User.query.get(user_id)
if not form.validate():
return render_template("auth/edit_user.html",
form=form,
user_id=user_id)
user.name = form.name.data
user.username = form.username.data
user.password = form.password.data
db.session().commit()
return redirect(url_for("users_all"))
def auth_create():
form = UserForm(request.form)
if request.method == "GET":
return render_template("auth/newuser.html", form=form, user_error="")
if not form.validate():
return render_template("auth/newuser.html", form=form, user_error="")
user = User.query.filter_by(username=form.username.data).first()
if user:
return render_template("auth/newuser.html",
form=form,
user_error="This username is already in use")
if not user:
user = User(form.name.data, form.username.data, form.password.data,
"basicuser")
db.session().add(user)
db.session().commit()
return redirect(url_for("auth_login"))
def create_user():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/signup.html", form=form)
username = form.username.data
user = User.query.filter_by(username=username).first()
if user:
return render_template(
"auth/signup.html",
form=form,
error="Username " + username +
" is already taken. Please select another username.")
pw_hash = bcrypt.generate_password_hash(form.password.data).decode("utf-8")
new_user = User(username, pw_hash, False)
db.session().add(new_user)
db.session().commit()
return redirect(url_for("auth_login"))
def user_create():
form = UserForm(request.form)
if not form.validate():
return render_template("auth/newuser.html", form=form)
# Tarkastetaan onko samanniminen käyttäjä jo olemassa
alreadyExistsUser = User.query.filter_by(
username=form.username.data).first()
if alreadyExistsUser:
form.username.errors.append(
"käyttäjätunnus on jo olemassa, valitse toinen käyttäjätunnus")
return render_template("auth/newuser.html", form=form)
# Salasanan salaus
pw_hash = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
u = User(name=form.name.data,
username=form.username.data,
password=pw_hash,
role="USER")
username = form.username.data
if username == "admin":
u = User(name=form.name.data,
username=form.username.data,
password=pw_hash,
role="ADMIN")
db.session().add(u)
db.session().commit()
flash("Rekisteröinti onnistunut. Uusi käyttäjä käyttäjätunnuksella " +
username + " luotu.",
category="success")
return redirect(url_for("auth_login"))
def new_user():
if request.method == "GET":
return render_template("auth/registration.html", form=LoginForm())
form = UserForm(request.form)
if not form.validate():
return render_template(
"/auth/registration.html",
form=form,
error=
"Username must be between 2 and 50 characters and password must be between 4 and 50 characters."
)
u = User(form.username.data, form.password.data)
if User.query.filter_by(username=form.username.data).first():
return render_template("/auth/registration.html",
form=form,
error="Username taken, try again")
db.session().add(u)
db.session().commit()
return redirect(url_for("tasks_index"))
