Beispiel #1
0
def register():
    if current_user.is_authenticated:
        return redirect(url_for('features.index'))

    form = RegistrationForm()
    if form.validate_on_submit():

        msg = Message('Thanks for Registering!',
                      sender='*****@*****.**',
                      recipients=[str(form.email.data)])
        msg.body = "Hi there! Thanks for registering to Cat Wiki!\n\nYour username is: " + str(
            form.username.data
        ) + "\n\nThank you for using our website, we hope you have an excellent day!"
        mail.send(msg)
        session['new_username'] = form.username.data

        hashed = bcrypt.generate_password_hash(
            form.password.data).decode("utf-8")

        user = User(username=form.username.data,
                    email=form.email.data,
                    password=hashed)
        user.save()
        return redirect(url_for('users.tfa'))

    return render_template('register.html', title='Register', form=form)
Beispiel #2
0
def account():
    username_form = UpdateUsernameForm()
    password_form = UpdatePasswordForm()
    profile_pic_form = UpdateProfilePicForm()

    if password_form.validate_on_submit():
        hashed = bcrypt.generate_password_hash(
            password_form.new_password.data).decode("utf-8")

        msg = Message('Password Change',
                      sender='*****@*****.**',
                      recipients=[str(temp.email)])
        msg.body = "Your password has been updated! Please reply to this e-mail if you did not request this change."
        mail.send(msg)

        current_user.modify(password=hashed)
        current_user.save()

        return redirect(url_for('users.account'))

    if username_form.validate_on_submit():
        temp = User.objects(username=current_user.username).first()
        current_user.username = username_form.username.data

        msg = Message('Username Change',
                      sender='*****@*****.**',
                      recipients=[str(temp.email)])
        msg.body = "Your username has been updated!\nYour new username is: " + str(
            username_form.username.data)
        mail.send(msg)

        current_user.modify(username=username_form.username.data)
        current_user.save()

        return redirect(url_for('users.account'))

    if profile_pic_form.validate_on_submit():
        img = profile_pic_form.propic.data
        filename = secure_filename(img.filename)

        if current_user.profile_pic.get() is None:
            current_user.profile_pic.put(img.stream, content_type='images/png')
        else:
            current_user.profile_pic.replace(img.stream,
                                             content_type='images/png')
        current_user.save()

        return redirect(url_for('users.account'))

    image = images(current_user.username)

    return render_template("account.html",
                           title="Account",
                           username_form=username_form,
                           password_form=password_form,
                           profile_pic_form=profile_pic_form,
                           image=image)
Beispiel #3
0
def login():
    if current_user.is_authenticated:
        return redirect(url_for('features.index'))

    form = LoginForm()
    if form.validate_on_submit():
        user = User.objects(username=form.username.data).first()
        if user is not None and bcrypt.check_password_hash(
                user.password, form.password.data):
            login_user(user)
            return redirect(url_for('users.account'))
        else:
            flash('Login failed. Check your username and/or password')
            return redirect(url_for('users.login'))

    return render_template('login.html', title='Login', form=form)
Beispiel #4
0
def user_detail(username):
    user = User.objects(username=username).first()
    reviews = Review.objects(commenter=user)
    pim = CatImage.objects(commenter=user)
    image = images(username)

    proposed = {}
    for p in pim:
        bytes_im = io.BytesIO(p['im'].read())
        img = base64.b64encode(bytes_im.getvalue()).decode()
        proposed[p['cat_name']] = img
    return render_template('user_detail.html',
                           username=username,
                           reviews=reviews,
                           image=image,
                           pim=proposed)
Beispiel #5
0
def qr_code():
    if 'new_username' not in session:
        return redirect(url_for('users.register'))

    user = User.objects(username=session['new_username']).first()
    session.pop('new_username')

    uri = pyotp.totp.TOTP(user.otp_secret).provisioning_uri(
        name=user.username, issuer_name='CMSC388J-2FA')
    img = qrcode.make(uri, image_factory=qrcode.image.svg.SvgPathImage)
    stream = BytesIO()
    img.save(stream)

    headers = {
        'Content-Type': 'image/svg+xml',
        'Cache-Control': 'no-cache, no-store, must-revalidate',
        'Pragma': 'no-cache',
        'Expires':
        '0'  # Expire immediately, so browser has to reverify everytime
    }

    return stream.getvalue(), headers
Beispiel #6
0
def images(username):
    user = User.objects(username=username).first()
    bytes_im = io.BytesIO(user.profile_pic.read())
    image = base64.b64encode(bytes_im.getvalue()).decode()
    return image