from pyramid.httpexceptions import HTTPFound from pyramid.security import remember, forget from pyramid.view import view_config from ordr.models import User @view_config( context='ordr.resources.RootResource', permission='view', ) def welcome(context, request): next = 'orders' if request.user else 'login' redirect_to = request.resource_url(context, next) return HTTPFound(redirect_to) @view_config( context='ordr.resources.RootResource', name='faq', permission='view', renderer='ordr:templates/pages/faq.jinja2' ) def faq(context, request): return {} @view_config( context='ordr.resources.RootResource', name='login', request_method='GET', permission='view', renderer='ordr:templates/pages/login.jinja2', ) def login(context, request): return {'loginerror': False} @view_config( context='ordr.resources.RootResource', name='login', request_method='POST', permission='view', renderer='ordr:templates/pages/login.jinja2', ) def check_login(context, request): username = request.POST.get('username') password = request.POST.get('password') user = ( request.dbsession .query(User) .filter_by(username=username) .first() ) if user and user.is_active and user.check_password(password): headers = remember(request, user.id) return HTTPFound(request.resource_url(request.root), headers=headers) return {'loginerror': True} @view_config( context='ordr.resources.RootResource', name='logout', permission='view' ) def logout(context, request): ''' log out of an user ''' headers = forget(request) return HTTPFound(request.resource_url(request.root), headers=headers)