def post(self): if 'logout' in request.form: f_session.pop('nickname', None) flash('You have been logged out') return redirect(url_for('index')) form = LogInForm() if form.validate(): u = session.query(User).filter_by(nickname=form.nickname.data).first() if u is not None and u.check_password(form.password.data): f_session['nickname'] = u.nickname msg = 'Wellcome <strong class=badge>{0}</strong>!'.format(u.nickname) flash(msg) return redirect(url_for('index')) else: flash('Wrong nickname or password') return redirect(url_for('index')) return render_template('login.haml', form=form)
def login(): loginForm = LogInForm(request.form) field1 = False field2 = False field3 = False field4 = False if request.method == 'POST' and loginForm.validate(): email = loginForm.email.data # retrieves email from login form emailSplit = email.split("@") # splits email for staff account check domain = emailSplit[1] # gets domain of emaill userDict = {} try: db = shelve.open('storage.db', 'c') except: print("Unable to retrieve storage.db") if domain == "monoqlo.com": # checks if email is company issued try: userDict = db['Staff'] except: print("Error in retrieving Staff from storage.db") for user, object in userDict.items( ): # loops through each key value pair in staffDict if user == emailSplit[ 0]: # since staff objects are stored with eID as key, which is the first half of their email, we check if emailSplit[0] matches the key field1 = True if object.get_password( ) == loginForm.password.data: # if eID matches, this checks password field2 = True session[ "email"] = email # sets session email as given email session["name"] = object.get_fname( ) # sets staff first name in session session["type"] = object.get_type( ) # sets staff account type in session else: print("User account.") try: userDict = db['Users'] except: print("Error in retrieving User from storage.db") finally: for user, object in userDict.items(): if user == email: field3 = True print("1") if object.get_pw() == loginForm.password.data: field4 = True session["useremail"] = email session["username"] = object.get_firstName() if field1 == True and field2 == True: # if staff login passes both email and password, they will be redirected to staffHome print("Successfully logged in!") return redirect(url_for('staffHome')) elif field3 == True and field4 == True: db.close() return redirect(url_for('home')) elif field1 == False and field2 == True or field3 == False and field4 == True: # invalid email entered print("Invalid Email.") elif field1 == True and field2 == False or field3 == True and field4 == False: # invalid password print("Invalid Password.") else: # both fields invalid print("Invalid credentials. Please try again.") return render_template('login.html', form=loginForm)