don't allow user to create a password if they already have one
This commit is contained in:
parent
4b8d432449
commit
79cb6ffa54
1 changed files with 8 additions and 2 deletions
8
web.py
8
web.py
|
@ -144,7 +144,8 @@ def do_login():
|
||||||
acct = request.form['acct']
|
acct = request.form['acct']
|
||||||
session['username'] = re.match("^@[^@]*", acct).group(0)
|
session['username'] = re.match("^@[^@]*", acct).group(0)
|
||||||
session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1))
|
session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1))
|
||||||
data = dc.execute("SELECT * FROM data WHERE username LIKE %s AND password LIKE %s", (session['username'], session['instance'])).fetch_one()
|
dc.execute("SELECT * FROM data WHERE username LIKE %s AND password LIKE %s", (session['username'], session['instance']))
|
||||||
|
data = dc.fetchone()
|
||||||
if bcrypt.checkpw(pw_hashed, data['password']):
|
if bcrypt.checkpw(pw_hashed, data['password']):
|
||||||
#password is correct, log the user in
|
#password is correct, log the user in
|
||||||
for item in ['username', 'instance', 'avi', 'secret', 'client_id', 'client_secret', 'cc', 'ccavi']:
|
for item in ['username', 'instance', 'avi', 'secret', 'client_id', 'client_secret', 'cc', 'ccavi']:
|
||||||
|
@ -155,7 +156,12 @@ def do_login():
|
||||||
|
|
||||||
@app.route('/create_password')
|
@app.route('/create_password')
|
||||||
def create_password():
|
def create_password():
|
||||||
|
c.execute("SELECT COUNT(*) FROM data WHERE username LIKE %s AND instance LIKE %s", (session['username'], session['instance']))
|
||||||
|
if c.fetchone()[0] == 0:
|
||||||
return render_template("create_password.html", bg = "background-image:url('{}')".format(session['avi']))
|
return render_template("create_password.html", bg = "background-image:url('{}')".format(session['avi']))
|
||||||
|
else:
|
||||||
|
#user already exists in database, so they already have a password
|
||||||
|
return redirect(url_for('main'))
|
||||||
|
|
||||||
@app.route('/internal/create_account', methods=['POST'])
|
@app.route('/internal/create_account', methods=['POST'])
|
||||||
def create_account():
|
def create_account():
|
||||||
|
|
Loading…
Reference in a new issue