def adduser():
if not session.get("login_in"):
flash("Please login Admin account to add user")
return redirect(url_for("index"))
if request.method == "GET":
tip = "Add A New User"
return render_template("user.html", status=True, data=None, tip=tip)
elif request.method == "POST":
uname = request.form.get("username", "").strip()
pw = request.form.get("password", "").strip()
pw1 = request.form.get("password1", "").strip()
if uname.strip() == "":
flash("Please input the valid username")
return render_template("user.html", status=True, data=None, warn=None)
elif not db_handler.check_user_name_valid(uname):
msg = [
'Username: <strong style="color:red"> %s </strong> has beed registered, Please input another!' % uname
]
return render_template("user.html", status=True, data=None, warn=msg)
elif pw != pw1:
msg = ["Two passwords don't identify. Please check it agaion"]
return render_template("user.html", status=True, data=None, warn=msg)
else:
db_handler.save_user(uname, sha1(pw.strip()).hexdigest())
return redirect(url_for("index"))
def login():
if request.method == "POST":
uname = request.form.get("username", "").strip()
pw = request.form.get("password", "").strip()
if uname == "" or db_handler.check_user_name_valid(uname):
flash("Invalid username")
print "Wrong uname: %s" % uname
elif pw == "" or sha1(pw).hexdigest() != db_handler.get_user_passwd(uname):
flash("Invalid password")
print "Wrong pw: %s" % pw
else:
session["login_in"] = True
session["username"] = uname
flash(
"You have logged in. Now you can take care the crash info. Sign out on the top right.Have a fun.. ^_^"
)
return redirect(url_for("show_today"))
return redirect(url_for("index"))