|
|
|
from pyramid.httpexceptions import HTTPFound
|
|
|
|
from pyramid.security import remember, forget
|
|
|
|
from pyramid.view import view_config
|
|
|
|
|
|
|
|
from ordr.models import User
|
|
|
|
|
|
|
|
|
|
|
|
@view_config(
|
|
|
|
context='ordr.resources.RootResource',
|
|
|
|
permission='view',
|
|
|
|
)
|
|
|
|
def welcome(context, request):
|
|
|
|
next = 'orders' if request.user else 'login'
|
|
|
|
redirect_to = request.resource_url(context, next)
|
|
|
|
return HTTPFound(redirect_to)
|
|
|
|
|
|
|
|
|
|
|
|
@view_config(
|
|
|
|
context='ordr.resources.RootResource',
|
|
|
|
name='faq',
|
|
|
|
permission='view',
|
|
|
|
renderer='ordr:templates/pages/faq.jinja2'
|
|
|
|
)
|
|
|
|
def faq(context, request):
|
|
|
|
return {}
|
|
|
|
|
|
|
|
|
|
|
|
@view_config(
|
|
|
|
context='ordr.resources.RootResource',
|
|
|
|
name='login',
|
|
|
|
request_method='GET',
|
|
|
|
permission='view',
|
|
|
|
renderer='ordr:templates/pages/login.jinja2',
|
|
|
|
)
|
|
|
|
def login(context, request):
|
|
|
|
return {'loginerror': False}
|
|
|
|
|
|
|
|
|
|
|
|
@view_config(
|
|
|
|
context='ordr.resources.RootResource',
|
|
|
|
name='login',
|
|
|
|
request_method='POST',
|
|
|
|
permission='view',
|
|
|
|
renderer='ordr:templates/pages/login.jinja2',
|
|
|
|
)
|
|
|
|
def check_login(context, request):
|
|
|
|
username = request.POST.get('username')
|
|
|
|
password = request.POST.get('password')
|
|
|
|
user = (
|
|
|
|
request.dbsession
|
|
|
|
.query(User)
|
|
|
|
.filter_by(username=username)
|
|
|
|
.first()
|
|
|
|
)
|
|
|
|
if user and user.is_active and user.check_password(password):
|
|
|
|
headers = remember(request, user.id)
|
|
|
|
return HTTPFound(request.resource_url(request.root), headers=headers)
|
|
|
|
return {'loginerror': True}
|
|
|
|
|
|
|
|
|
|
|
|
@view_config(
|
|
|
|
context='ordr.resources.RootResource',
|
|
|
|
name='logout',
|
|
|
|
permission='view'
|
|
|
|
)
|
|
|
|
def logout(context, request):
|
|
|
|
''' log out of an user '''
|
|
|
|
headers = forget(request)
|
|
|
|
return HTTPFound(request.resource_url(request.root), headers=headers)
|