def load_user(id):
if db.exists(id):
user = User()
user.id = id
user.password = db.get_pass(id)
return user
return None
def enroll():
if request.method == 'GET':
return render_template('enroll.html'), 200
else:
username = request.form.get('form-username', default='user')
password = request.form.get('form-password', default='pass')
if db.get_pass(username):
return 'existed'
else:
db.save_user(username, password)
return 'ok'
def login():
if request.method == 'GET':
return render_template('login.html'), 200
else:
username = request.form.get('form-username', default='user')
password = request.form.get('form-password', default='pass')
db_pass = db.get_pass(username)
if not db_pass:
return 'none'
elif db_pass != password:
return 'wrong'
else:
return 'right'
def login():
form = LoginForm()
if form.validate_on_submit():
if db.exists(form.username.data):
pswd = db.get_pass(form.username.data)
if form.password.data == pswd:
user = User()
user.id = form.username.data
user.password = pswd
login_user(user)
return redirect(url_for('dashboard'))
return '<h1>Invalid username or password</h1>'
return render_template('login.html', form=form)
def check_pass(username, password):
return get_pass(username) == hashlib.sha224(password).hexdigest()