Ejemplo n.º 1
0
def email_pane():

    form = EmailUpdateForm(request.form)

    if request.method == 'POST':
        if form.validate():
            if form.update.data:
                if current_user.mail == form.mail.data and current_user.mail_verified:
                    flash("This address is already verified with your account.", category="error")
                    return redirect(url_for('settings.email_pane'))

                current_user.mail = form.mail.data
                current_user.mail_verified = False
                current_user.save()
                send_verification_mail()
                flash('A verification email has been sent.', category='info')
            elif form.resend.data:
                send_verification_mail()
                flash('A verification email has been sent.', category='info')
        else:
            return render_template('settings_email.html', form=form)

        return redirect(url_for('settings.email_pane'))

    form.mail.data = current_user.mail if not form.mail.data else form.mail.data
    return render_template('settings_email.html', settings_panels_structure=settings_panels_structure, form=form, title="Email - Account - Settings")
Ejemplo n.º 2
0
def email_pane():

    form = EmailUpdateForm(request.form)

    if request.method == "POST":
        if form.validate():
            if form.update.data:
                if current_user.mail == form.mail.data and current_user.mail_verified:
                    flash("This address is already verified with your account.", category="error")
                    return redirect(url_for("settings.email_pane"))

                current_user.mail = form.mail.data
                current_user.mail_verified = False
                current_user.save()
                send_verification_mail()
                flash("A verification email has been sent.", category="info")
            elif form.resend.data:
                send_verification_mail()
                flash("A verification email has been sent.", category="info")
        else:
            return render_template("settings_email.html", form=form)

        return redirect(url_for("settings.email_pane"))

    form.mail.data = current_user.mail if not form.mail.data else form.mail.data
    return render_template(
        "settings_email.html",
        settings_panels_structure=settings_panels_structure,
        form=form,
        title="Email - Account - Settings",
    )
Ejemplo n.º 3
0
def tfa_disable():
    form = TOTPDisableForm(request.form)
    if form.validate():
        current_user.tfa = False
        current_user.tfa_method = ''
        current_user.tfa_secret = ''
        current_user.tfa_info = ''
        current_user.save()
    return redirect(url_for('settings.tfa_pane')), 303
Ejemplo n.º 4
0
def tfa_disable():
    form = TOTPDisableForm(request.form)
    if form.validate():
        current_user.tfa = False
        current_user.tfa_method = ''
        current_user.tfa_secret = ''
        current_user.tfa_info = ''
        current_user.save()
    return redirect(url_for('settings.tfa_pane')), 303
Ejemplo n.º 5
0
def reddit_unlink():
    reddit_username = current_user.reddit_username
    if reddit_username is not None:
        if get_flair(reddit_username) is not None:
            r_bot().get_subreddit(subreddit).set_flair(reddit_username)
            flash("Your flair has been unset on /r/%s." % subreddit, category="success")
        current_user.reddit_username = None
        current_user.save()
        flash("Reddit username successfully unlinked.", category="success")
        return redirect(url_for("settings.reddit_pane"))
    else:
        flash("You must have a username linked to do that.", category="alert")
        return redirect(url_for("settings.reddit_pane"))
Ejemplo n.º 6
0
def reddit_unlink():
    reddit_username = current_user.reddit_username
    if reddit_username is not None:
        if get_flair(reddit_username) is not None:
            r_bot().get_subreddit(subreddit).set_flair(reddit_username)
            flash('Your flair has been unset on /r/%s.' % subreddit,
                  category='success')
        current_user.reddit_username = None
        current_user.save()
        flash('Reddit username successfully unlinked.', category='success')
        return redirect(url_for('settings.reddit_pane'))
    else:
        flash('You must have a username linked to do that.', category='alert')
        return redirect(url_for('settings.reddit_pane'))
Ejemplo n.º 7
0
def reddit_link():
    if request.method == "POST":
        state = hashlib.md5(os.urandom(24)).hexdigest()
        link = oauth.get_authorize_url(state, "identity")
        return redirect("%s" % link)
    try:
        oauth.get_access_information(request.args.get("code", ""))
        reddit_username = oauth.get_me().name
        current_user.reddit_username = reddit_username
        current_user.save()
        flash("Reddit username successfully linked.", category="success")
        return redirect(url_for("settings.reddit_pane"))
    except:
        flash("Unable to link your username. Did you make sure to click accept?", category="alert")
        return redirect(url_for("settings.reddit_pane"))
Ejemplo n.º 8
0
def tfa_enable():
    form = TOTPSetupForm(request.form)

    if request.method == "GET":
        # generate a new secret
        secret = ''
        rand = random.SystemRandom()
        for i in range(30):
            secret += chr(rand.getrandbits(8))
        session['tfa-new-method'] = 'TOTP'
        session['tfa-new-secret'] = base64.b32encode(secret)
    elif request.method == "POST" and form.validate():
        method = session.get('tfa-new-method', None)
        if method == 'TOTP':
            # check code
            key = binascii.hexlify(base64.b32decode(session['tfa-new-secret']))
            ok, drift = accept_totp(format='dec6',
                                    key=key,
                                    response=form.code.data)
            if not ok:
                form.errors['tfa'] = ['Verification error, please try again.']
            else:
                current_user.tfa = True
                current_user.tfa_method = 'TOTP'
                current_user.tfa_secret = session['tfa-new-secret']
                current_user.tfa_info['drift'] = drift
                current_user.save()
                del session['tfa-new-method']
                del session['tfa-new-secret']
                flash('Two-Factor Authentication enabled', category='success')
                return redirect(url_for('settings.tfa_pane')), 303
        else:
            abort(401)
    else:
        abort(403)

    text = session['tfa-new-secret']
    readable = ' '.join(text[i:i + 4] for i in range(0, len(text), 4))

    return render_template(
        'settings_tfa_enable.html',
        settings_panels_structure=settings_panels_structure,
        secret=readable,
        form=form,
        title="TFA - Account - Settings",
        totp_url=_totp_url(secret=session['tfa-new-secret']))
Ejemplo n.º 9
0
def reddit_link():
    if request.method == 'POST':
        state = hashlib.md5(os.urandom(24)).hexdigest()
        link = oauth.get_authorize_url(state, 'identity')
        return redirect("%s" % link)
    try:
        oauth.get_access_information(request.args.get('code', ''))
        reddit_username = oauth.get_me().name
        current_user.reddit_username = reddit_username
        current_user.save()
        flash('Reddit username successfully linked.', category='success')
        return redirect(url_for('settings.reddit_pane'))
    except:
        flash(
            'Unable to link your username. Did you make sure to click accept?',
            category='alert')
        return redirect(url_for('settings.reddit_pane'))
Ejemplo n.º 10
0
def tfa_enable():
    form = TOTPSetupForm(request.form)

    if request.method == "GET":
        # generate a new secret
        secret = ''
        rand = random.SystemRandom()
        for i in range(30):
            secret += chr(rand.getrandbits(8))
        session['tfa-new-method'] = 'TOTP'
        session['tfa-new-secret'] = base64.b32encode(secret)
    elif request.method == "POST" and form.validate():
        method = session.get('tfa-new-method', None)
        if method == 'TOTP':
            # check code
            key = binascii.hexlify(base64.b32decode(session['tfa-new-secret']))
            ok, drift = accept_totp(format='dec6', key=key, response=form.code.data)
            if not ok:
                form.errors['tfa'] = ['Verification error, please try again.']
            else:
                current_user.tfa = True
                current_user.tfa_method = 'TOTP'
                current_user.tfa_secret = session['tfa-new-secret']
                current_user.tfa_info['drift'] = drift
                current_user.save()
                del session['tfa-new-method']
                del session['tfa-new-secret']
                flash('Two-Factor Authentication enabled', category='success')
                return redirect(url_for('settings.tfa_pane')), 303
        else:
            abort(401)
    else:
        abort(403)

    text = session['tfa-new-secret']
    readable = ' '.join(text[i:i + 4] for i in range(0, len(text), 4))

    return render_template('settings_tfa_enable.html',
                           settings_panels_structure=settings_panels_structure,
                           secret=readable, form=form, title="TFA - Account - Settings",
                           totp_url=_totp_url(secret=session['tfa-new-secret']))