def edit():
"""Edit a certain users details in the central server.
The entry with the certain users username is edited in the users table in
the database.
Returns:
Success JSON response if the operation is successful.
Else a failed JSON response is returned with the correct error message.
"""
username = get_jwt_identity()
if users.exists(username=username):
if 'new_address' in request.form:
new_address = request.form['new_address']
if 'new_address' != '':
if servers.exists(address=new_address):
new_id = servers.export_one('id', address=new_address)
users.update({'server_id': new_id}, username=username)
return good_json_response({'new_address': new_address})
else:
return bad_json_response(
'This address does not exist in the database.')
else:
return bad_json_response('Address undefined.')
else:
return bad_json_response('Incorrect form.')
else:
return bad_json_response('No user found with the username ' +
username + '.')
def forgotpassword():
username = request.form['username']
password = request.form['password']
if password is None:
return bad_json_response("Bad request: Missing parameter 'password'.")
new_password = sha256_crypt.encrypt(request.form['password'])
users.update({'password': new_password}, username=username)
return good_json_response('Succes')
def password():
"""Upon entering the old password, a new password can be set.
The old password is verified and the new password is encrypted and updated
in the database.
"""
username = get_jwt_identity()
password = request.form['oldPassword']
if password is None:
return bad_json_response("Bad request: Missing parameter 'password'.")
password_db = users.export('password', username=username)[0]
if not sha256_crypt.verify(password, password_db):
return bad_json_response('Password is incorrect.')
if 'newPassword' in request.form:
new_password = sha256_crypt.encrypt(request.form['newPassword'])
if 'newPassword' != '':
users.update({'password': new_password}, username=username)
return good_json_response('Succes')
def confirm_email(token):
"""Checks if the email verification is successful.
If succesful email_confirmed is set to 1 and user is now able to login.
Returns:
JSON responde based on succes/failure.
"""
try:
# Create the secret key based on our little secret :)
secret = URLSafeTimedSerializer(current_app.config['EMAIL_SECRET'])
# Confirm key is in pool and has not expired yet.
email = secret.loads(token, max_age=3600,
salt=current_app.config['EMAIL_REGISTER_SALT'])
# If user exists update the status 'email_confirmed' to 1.
# The user will now be able to login.
if users.exists(email=email):
users.update({'email_confirmed': 1}, email=email)
# Redirect the user to the login page, trigger
# 'registration complete' process.
return redirect(
get_central_ip() +
'?message=registration_complete')
else:
return bad_json_response('No user with the email ' + email
+ ' exists.')
except SignatureExpired:
message = 'The token has expired, please try registering again.'
return redirect(get_central_ip() + '?message=' + message)
except BadTimeSignature:
message = 'The token did not match. Are you trying to hack FedNet? Q_Q'
return redirect(get_central_ip() + '?message=' + message)
def confirm_forgotpass():
"""Handles password resetting via email.
Returns:
JSON reponse based on succes/failure.
"""
try:
token = request.form['token']
password = request.form['password']
# Create the secret key based on our little secret :)
secret = URLSafeTimedSerializer(current_app.config['EMAIL_SECRET'])
# Confirm key is in pool and has not expired yet.
# Extract email from secret.
email = secret.loads(token, max_age=3600,
salt=current_app.config['EMAIL_FORGOTPASS_SALT'])
# Error if no user with given email is found.
if not users.exists(email=email):
return bad_json_response('No user with the email ' + email
+ ' exists.')
# Encrypt password for storage in database.
password = sha256_crypt.encrypt(request.form['password'])
users.update({'password': password}, email=email)
return good_json_response('Change password succesfull')
except SignatureExpired:
message = 'The token has expired, please try requesting a new password.'
return redirect(get_central_ip() + '?message=' + message)
except BadTimeSignature:
message = (
'The token did not match. Are you trying to hack some user? Q_Q'
)
return redirect(get_central_ip() + '?message=' + message)
def edit():
"""Edit all your personal information and profile picture.
All the correct tables are updated accordingly after an edit has been
submitted.
"""
username = get_jwt_identity()
if 'new_firstname' in request.form:
new_firstname = request.form['new_firstname']
users.update({'firstname': new_firstname}, username=username)
if 'new_lastname' in request.form:
new_lastname = request.form['new_lastname']
users.update({'lastname': new_lastname}, username=username)
if 'file' in request.files:
image_filename = request.files['file'].filename
image = request.files['file'].read()
if image is not 0:
uploads_id = save_file(image, filename=image_filename)
if uploads_id is not False:
users.update({'uploads_id': uploads_id}, username=username)
if 'new_location' in request.form:
new_location = request.form['new_location']
users.update({'location': new_location}, username=username)
if 'new_study' in request.form:
new_study = request.form['new_study']
users.update({'study': new_study}, username=username)
if 'new_bio' in request.form:
new_bio = request.form['new_bio']
users.update({'bio': new_bio}, username=username)
if 'new_password' in request.form:
new_password = sha256_crypt.encrypt(request.form['new_password'])
users.update({'password': new_password}, username=username)
if 'new_relationship_status' in request.form:
new_relationship_status = request.form['new_relationship_status']
users.update({'relationship_status': new_relationship_status},
username=username)
if 'new_phone_number' in request.form:
new_phone_number = request.form['new_phone_number']
users.update({'phone_number': new_phone_number}, username=username)
return good_json_response('success')