def add_instructor():
if current_user.is_admin:
message = ''
if request.method == 'GET':
form = InstructorForm(is_active=True)
return render_template('edit_instructor.html',
title="Create Instructor",
form=form,
message=message)
else:
form = InstructorForm()
if form.validate_on_submit():
instr = Instructor()
instr.first_name = form.first_name.data
instr.last_name = form.last_name.data
instr.email = form.email.data
instr.is_active = 1 if form.is_active.data else 0
instr.is_admin = 1 if form.is_admin.data else 0
instr.password_hash = generate_password_hash(
secrets.token_urlsafe(20))
db.session.add(instr)
db.session.commit()
password_reset.new_user(instr)
log.info(
f'New account created for {instr.first_name} {instr.last_name}.'
)
return redirect('admin_panel')
else:
message = 'Enter a valid email address'
else:
return render_template('reset_message.html',
title="Edit user",
body="Not authenticated")
def create_reset_request(user):
token = secrets.token_urlsafe(20)
while token in reset_requests.keys():
token = secrets.token_urlsafe(20)
reset_link = app.config["WEBSITE_LINK"] + url_for('reset_password', token=token)
notifier.send_message(user.email, app.config['COURSE_NAME'] + " Help Hours Password Reset",
render_template('email/reset_password_email.html', reset_link=reset_link),
'html')
expire_time = dt.datetime.utcnow() + dt.timedelta(hours=NUM_HOURS_EXPIRE)
reset_requests[token] = (expire_time, user.id)
log.info(f'{user.first_name} {user.last_name} requested to reset their password.')
def edit_instructor():
if current_user.is_admin:
if 'id' not in request.args:
return render_template('message_error.html',
title="Error",
body="Missing instructor id")
instr = Instructor.query.filter_by(id=request.args['id']).first()
if request.method == 'GET':
if instr is None:
return render_template('message_error.html',
title="Error",
body="Invalid instructor id")
form = InstructorForm(first_name=instr.first_name,
last_name=instr.last_name,
email=instr.email,
is_active=(instr.is_active != 0),
is_admin=(instr.is_admin != 0))
return render_template('edit_instructor.html',
title="Edit Instructor",
form=form,
message='',
id=instr.id)
else:
if 'cancel' in request.form:
return redirect('admin_panel')
form = InstructorForm()
if form.validate_on_submit():
instr.first_name = form.first_name.data
instr.last_name = form.last_name.data
instr.email = form.email.data
instr.is_active = 1 if form.is_active.data else 0
instr.is_admin = 1 if form.is_admin.data else 0
db.session.commit()
log.info(
f'The account for {instr.first_name} {instr.last_name} was updated.'
)
return redirect('admin_panel')
else:
message = 'Enter a valid email address'
return render_template('edit_instructor.html',
title="Edit Instructor",
form=form,
message=message)
else:
return render_template('reset_message.html',
title="Edit user",
body="Not authenticated")
def update_password(token, new_password):
if token in reset_requests.keys():
(expire_time, userid) = reset_requests[token]
del reset_requests[token]
if expire_time > dt.datetime.utcnow():
# Valid token, time not expired
new_hash = generate_password_hash(new_password)
user = Instructor.query.filter_by(id=userid).first()
user.password_hash = new_hash
log.info(f'{user.first_name} {user.last_name} reset their password.')
db.session.commit()
return True
else:
return False
else:
return False
def clear():
if 'token' not in request.form:
return json.dumps({'success': False}), 401, {
'ContentType': 'application/json'
}
expected_token = app.config['CLEAR_TOKEN']
if request.form['token'] != expected_token:
return json.dumps({'success': False}), 401, {
'ContentType': 'application/json'
}
for student in queue_handler.get_students():
routes_helper.remove_helper(student.id)
log.info('Queue was cleared through /clear route')
return json.dumps({'success': True}), 200, {
'ContentType': 'application/json'
}
def close():
global queue_is_open
global CURRENT_DUCK
if 'token' not in request.form:
return json.dumps({'success': False}), 401, {
'ContentType': 'application/json'
}
expected_token = app.config['CLOSE_TOKEN']
if request.form['token'] != expected_token:
return json.dumps({'success': False}), 401, {
'ContentType': 'application/json'
}
queue_is_open = False
CURRENT_DUCK = url_for('static', filename='images/night-duck.png')
log.info('Queue was closed through /close route')
return json.dumps({'success': True}), 200, {
'ContentType': 'application/json'
}
def login():
if current_user.is_authenticated:
return redirect(url_for('view'))
form = LoginForm()
message = ""
if request.method == 'POST':
if form.validate_on_submit():
user = Instructor.query.filter_by(email=form.email.data).first()
if user is None or not user.check_password(form.password.data):
message = "Incorrect email or password"
elif not user.is_active:
message = "This account is inactive"
log.info(f'{user.first_name} {user.last_name} attempted to log in, but account was deactivated.')
else:
login_user(user, remember=False)
log.info(f'{user.first_name} {user.last_name} logged in.')
next_page = request.args.get('next')
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('view')
return redirect(next_page)
else:
message = "Please enter a valid email"
return render_template('login.html', form=form, message=message)
def change_zoom():
message = ""
preset_links = ZoomLink.query.all()
if request.method == 'POST':
if 'cancel' in request.form:
return redirect(url_for('zoom_links'))
new_presets = request.form['preset-links']
try:
new_zoom_links = zoom_helper.parse_links(new_presets)
ZoomLink.query.delete()
for new_link in new_zoom_links:
db.session.add(new_link)
db.session.commit()
log.info(
f'{current_user.first_name} {current_user.last_name} updated the Zoom links.'
)
return redirect(url_for('zoom_links'))
except Exception as e:
message = str(e)
return render_template('edit_preset_links.html',
message=message,
preset_links=preset_links)