def login():
error = None
if request.method == 'POST':
user = User(current_app)
username = request.form['name']
password = request.form['password']
userdata = user.check(username)
if len(userdata) > 0:
userdata = userdata[0]
salt = userdata["salt"]
password = md5(md5(password).hexdigest() + salt).hexdigest()
if userdata["passwd"] == password:
session['uid'] = userdata["uid"]
session['username'] = userdata["username"]
user.edit(uid=userdata["uid"], lastlogintime=int(time.time()))
return redirect(url_for('home.index'))
else:
error = u'用户名或者密码错误'
else:
error = u'没有找到此用户'
error = (request.args.get("error") is not None) and request.args.get("error") or error
return render_template('login.html', error=error)
def view(user_id):
error = None
succ = None
user = User(current_app)
per = user.view(user_id).list()[0]
if request.method == "POST" and request.form.get("do") == "profile":
mail = request.form.get("mail")
group = request.form.get("group")
if mail:
user.edit(user_id, email=mail, permissions=group)
succ = u"您的档案已经更新"
else:
error = u"必须填写电子邮箱"
if request.method == "POST" and request.form.get("do") == "password":
passwd = request.form.get("password")
confirm = request.form.get("confirm")
if passwd == confirm:
salt = per["salt"]
passwd = md5(md5(passwd).hexdigest() + salt).hexdigest()
user.edit(user_id, passwd=passwd)
succ = u"密码修改成功"
else:
error = u"两次输入的密码不匹配"
return render_template("user/view.html", user=per, error=error, succ=succ)