from flask import Blueprint from flask import render_template, redirect, request, session, flash from controllers.database.user import UserController from models.users.user import User from models.users.customer import Customer from models.users.seller import Seller from hashlib import sha512 # Blueprint to append user endpoints to blueprint = Blueprint("users", __name__) ### LOGIN FUNCTIONALITY # Function responsible for delivering the Login page for the site @blueprint.route('/login') def display_login(): return render_template('index.html', content="login.html") # Function responsible for handling logins to the site @blueprint.post('/login') def login(): database = UserController() user = database.read(request.form['username']) error = None # No user found if user == None: error = "No user found with the username " + request.form['username'] flash(error) return redirect("/login") # Incorrect Password if sha512(request.form['password'].encode()).hexdigest() != user.password: error = "Incorrect Password" flash(error) return redirect("/login") session['user_id'] = user.id return redirect("/") ### SIGNUP FUNCTIONALITY # Function responsible for delivering the Signup page for the site @blueprint.route('/signup') def display_signup(): return render_template('index.html', content="signup.html") # Function responsible for handling signups to the site @blueprint.post('/signup') def signup(): database = UserController() # User already exists if database.read(request.form['username']) != None: error = "User, " + request.form['username'] + " already exists" flash(error) return redirect("/signup") # Signup as Seller or Customer if request.form.get('seller'): user = Seller( request.form['username'], sha512(request.form['password'].encode()).hexdigest(), # Hashed as soon as it is recieved on the backend request.form['firstname'], request.form['lastname'], request.form['email'], "123" ) else: user = Customer( request.form['username'], sha512(request.form['password'].encode()).hexdigest(), # Hashed as soon as it is recieved on the backend request.form['firstname'], request.form['lastname'], request.form['email'], "123" ) database.create(user) # Code 307 Preserves the original request (POST) return redirect("/login", code=307) ### SIGN OUT FUNCTIONALITY # Function responsible for handling logouts from the site @blueprint.route('/logout') def logout(): # Clear the current user from the session if they are logged in session.pop('user_id', None) return redirect("/")