def handle_set_password(form):
one = form.password.data
two = form.password2.data
if one != two:
flash("Passwords do not much", "danger")
return
addAuditLog(AuditSeverity.USER, current_user, "Changed their password",
url_for("users.profile", username=current_user.username))
current_user.password = make_flask_login_password(form.password.data)
if hasattr(form, "email"):
newEmail = nonEmptyOrNone(form.email.data)
if newEmail and newEmail != current_user.email:
if EmailSubscription.query.filter_by(email=form.email.data,
blacklisted=True).count() > 0:
flash(
"That email address has been unsubscribed/blacklisted, and cannot be used",
"danger")
return
token = randomString(32)
ver = UserEmailVerification()
ver.user = current_user
ver.token = token
ver.email = newEmail
db.session.add(ver)
db.session.commit()
flash("Your password has been changed successfully.", "success")
return redirect(url_for("homepage.home"))
def handle_register(form):
user_by_name = User.query.filter(
or_(User.username == form.username.data,
User.username == form.display_name.data,
User.display_name == form.display_name.data,
User.forums_username == form.username.data,
User.github_username == form.username.data)).first()
if user_by_name:
if user_by_name.rank == UserRank.NOT_JOINED and user_by_name.forums_username:
flash(
"An account already exists for that username but hasn't been claimed yet.",
"danger")
return redirect(
url_for("users.claim_forums",
username=user_by_name.forums_username))
else:
flash(
"That username/display name is already in use, please choose another.",
"danger")
return
user_by_email = User.query.filter_by(email=form.email.data).first()
if user_by_email:
send_anon_email.delay(
form.email.data, "Email already in use",
"We were unable to create the account as the email is already in use by {}. Try a different email address."
.format(user_by_email.display_name))
flash("Check your email address to verify your account", "success")
return redirect(url_for("homepage.home"))
elif EmailSubscription.query.filter_by(email=form.email.data,
blacklisted=True).count() > 0:
flash(
"That email address has been unsubscribed/blacklisted, and cannot be used",
"danger")
return
user = User(form.username.data, False, form.email.data,
make_flask_login_password(form.password.data))
user.notification_preferences = UserNotificationPreferences(user)
if form.display_name.data:
user.display_name = form.display_name.data
db.session.add(user)
addAuditLog(AuditSeverity.USER, user,
"Registered with email, display name=" + user.display_name,
url_for("users.profile", username=user.username))
token = randomString(32)
ver = UserEmailVerification()
ver.user = user
ver.token = token
ver.email = form.email.data
db.session.add(ver)
db.session.commit()
send_verify_email.delay(form.email.data, token)
flash("Check your email address to verify your account", "success")
return redirect(url_for("homepage.home"))
