lynnesbian/curious-greg
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

don't allow user to create a password if they already have one

Browse source
This commit is contained in:
Lynne Megido 2018-11-12 12:51:01 +10:00
parent 4b8d432449
commit 79cb6ffa54
Signed by: lynnesbian
GPG key ID: FB7B970303ACE499
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
web.py
View file

@ -144,7 +144,8 @@ def do_login():
acct = request.form['acct']
session['username'] = re.match("^@[^@]*", acct).group(0)
session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1))
data = dc.execute("SELECT * FROM data WHERE username LIKE %s AND password LIKE %s", (session['username'], session['instance'])).fetch_one()
dc.execute("SELECT * FROM data WHERE username LIKE %s AND password LIKE %s", (session['username'], session['instance']))
data = dc.fetchone()
if bcrypt.checkpw(pw_hashed, data['password']):
#password is correct, log the user in
for item in ['username', 'instance', 'avi', 'secret', 'client_id', 'client_secret', 'cc', 'ccavi']:
@ -155,7 +156,12 @@ def do_login():
@app.route('/create_password')
def create_password():
c.execute("SELECT COUNT(*) FROM data WHERE username LIKE %s AND instance LIKE %s", (session['username'], session['instance']))
if c.fetchone()[0] == 0:
return render_template("create_password.html", bg = "background-image:url('{}')".format(session['avi']))
else:
#user already exists in database, so they already have a password
return redirect(url_for('main'))
@app.route('/internal/create_account', methods=['POST'])
def create_account():