Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import uuid
- import hashlib
- from extensions import db
- from flask import (
- Blueprint,
- request,
- session,
- url_for,
- redirect,
- render_template
- )
- user = Blueprint('user', __name__, template_folder='templates')
- @user.route('/login', methods=['GET', 'POST'])
- def login_route():
- if request.method == 'GET':
- options = {
- 'error': False,
- 'message': ''
- }
- return render_template('login.html', **options)
- else:
- username = request.form.get('username')
- password = request.form.get('password')
- cur = db.cursor()
- cur.execute("SELECT `password` FROM User WHERE `username`=%s;", (username, ))
- result = cur.fetchone()
- # check if user enter valid password
- if result['password'] == get_hash(password, result['password'].split('$')[1]):
- session['username'] = username
- return redirect(url_for('main.main_route'))
- return True
- @user.route('/logout', methods=['POST'])
- def logout_route():
- session.pop('username', None)
- return redirect(url_for('main.main_route'))
- @user.route('/user', methods=['GET'])
- def register_route():
- if 'username' in session:
- return redirect(url_for('user.user_edit_route'))
- options = {
- 'error': False,
- 'message': ''
- }
- return render_template("signup.html", **options)
- @user.route('/user', methods=['POST'])
- def register_post_route():
- new_user = {
- 'username': request.form.get('username'),
- 'firstname': request.form.get('firstname'),
- 'lastname': request.form.get('lastname'),
- 'password1': request.form.get('password1'),
- 'password2': request.form.get('password2'),
- 'email': request.form.get('email')
- }
- if 'username' in session:
- return redirect(url_for('user.user_edit_route'))
- hashed_password = get_hash(new_user['password1'])
- cursor = db.cursor()
- query = "INSERT into User(`username`, `firstname`, `lastname`, `password`, `email`) VALUES(%s, %s, %s, %s, %s);"
- cursor.execute(query, (new_user['username'],
- new_user['firstname'],
- new_user['lastname'],
- hashed_password,
- new_user['email']))
- return redirect(url_for('user.login_route'))
- @user.route('/user/edit', methods=['GET'])
- def user_edit_route():
- # TODO check if session already exists, get user data from database and set it to options
- username = 'username'
- firstname = 'firstname'
- lastname = 'lastname'
- email = 'email'
- options = {
- 'error': False,
- 'message': '',
- 'user': {
- 'username': username,
- 'firstname': firstname,
- 'lastname': lastname,
- 'email': email
- }
- }
- return render_template('user_edit.html', **options)
- @user.route('/user/edit', methods=['POST'])
- def user_edit_post_route():
- options = {
- }
- print request.form
- return render_template('user_edit.html', **options)
- def get_hash(password, salt=None):
- algorithm = 'sha512'
- salt = salt if salt else uuid.uuid4().hex
- hash = hashlib.new(algorithm)
- hash.update(salt + password)
- password_hash = hash.hexdigest()
- return '$'.join([algorithm, salt, password_hash])
Add Comment
Please, Sign In to add comment