def login_page():
if current_user != None and current_user.is_authenticated:
if current_user.isAdmin():
return redirect(url_for("main.adminHomepage"))
elif current_user.isManager():
return redirect(url_for("main.managerHomepage"))
return render_template("loginPage.html")
def login_post():
if current_user != None and current_user.is_authenticated:
if current_user.isManager():
return redirect(url_for("main.managerHomepage"))
elif current_user.isAdmin():
return redirect(url_for("main.adminHomepage"))
username = request.form.get('username')
password = request.form.get('password')
remember = True if request.form.get('remember') else False
user = User(username)
# check if user actually exists
# take the user supplied password, hash it, and compare it to the hashed password in database
if user.password == "" or not check_password_hash(user.password, password):
db.db.Logins.update({"ID": user.id}, {"$inc": {"attempts": 1}})
flash('Please check your login details and try again.')
return redirect(
url_for('auth.login')
) # if user doesn't exist or password is wrong, reload the page
if db.db.Logins.find({"ID": user.id}).next()["attempts"] >= 20:
flash("Too many login attempts, contact an administrator")
return redirect(url_for('auth.login'))
# if the above check passes, then we know the user has the right credentials
login_user(user, remember=remember)
if user.isManager():
return redirect(url_for('main.managerHomepage'))
elif user.isAdmin():
return redirect(url_for('main.adminHomepage'))
def login_redirect():
""" Redirect to page based on user role
"""
if current_user.isEngineer():
return redirect(url_for('users.engineer_reports'))
if current_user.isManager():
return redirect(url_for('users.dashboard'))
if current_user.isAdmin():
return redirect(url_for('users.admin_pages'))
return redirect(url_for('users.home'))
def manager_reports():
""" This function generate the report page of the user
:status 200: OK
:status 404: bad request
"""
if not current_user.isManager():
abort(403)
reports = CarReport.query.filter_by(fixed=False).all()
engineers = User.query.order_by(desc(User.id)).filter_by(role=2).all()
return render_template("users/manager/reports.html",
reports=reports,
engineers=engineers)
def dashboard():
""" Redirect to dashboard
"""
if not (current_user.isAdmin() or current_user.isManager()):
abort(403)
line_chart_data = get_line_chart_data()
pie_chart_data = get_pie_chart_data()
bar_chart_data = get_bar_chart_data()
return render_template("users/dashboard.html",
line_chart_labels=line_chart_data['labels'],
line_chart_values=line_chart_data['values'],
pie_chart_labels=pie_chart_data['labels'],
pie_chart_values=pie_chart_data['values'],
bar_chart_labels=bar_chart_data['labels'],
bar_chart_values=bar_chart_data['values'])
def manager_reports_assign():
""" This function will let manager assign task for engineer by sending HTTP POST methods
:param str engineer_id: id of an existing engineering
:status 200: OK
:status 404: bad request
"""
if not current_user.isManager():
abort(403), 503
report = CarReport.query.filter_by(id=request.form['report_id']).first()
if report:
report.fixer_id = request.form['engineer_id']
db.session.commit()
fixer = User.query.filter_by(id=request.form['engineer_id']).first()
# send email to fixer
email = Message("There is a new vehicle with issues reported!",
recipients=[fixer.email])
mail.send(email)
return '', 200
return 'report not exist.', 404
def login_redirect():
if current_user.isEngineer():
return redirect(url_for('users.engineer'))
if current_user.isManager() or current_user.isAdmin():
return redirect(url_for('users.dashboard'))
return redirect(url_for('users.home'))
