def edit_password(username):
if current_user.username != username:
flash('Access unathorized', 'danger')
return redirect(url_for('index'))
user = current_user
form = EditPasswordForm(obj=user)
if form.validate_on_submit():
user = User.authenticate(user.username, form.current_password.data)
if user:
# Hash new password before updating user.password
hashed_pwd = bcrypt.generate_password_hash(form.new_password.data).decode('UTF-8')
user.password = hashed_pwd
db.session.commit()
flash('Password updated!', 'success')
return redirect(url_for('user_bp.edit_profile', username=user.username))
flash('Incorrect password.', 'danger')
return render_template('password.html',
form=form,
btnText='Submit',
cancel='user_bp.edit_profile',
color="#FFF199"
)
def edit_password(self, token):
"""Show form and reset password.
:param str: Password reset token
"""
form = EditPasswordForm()
if form.validate_on_submit():
user = self.find_user_by_token(form.reset_password_token.data)
if user:
# save new password
user.set_password(form.password.data)
# clear token
user.reset_password_token = None
if user.last_sign_in_at is None:
# set last sign in timestamp after required password change
# to mark as password changed
user.last_sign_in_at = datetime.utcnow()
self.user_query().session.commit()
flash("Your password was changed successfully.")
return redirect(url_for('login'))
else:
# invalid reset token
flash("Reset password token is invalid")
return render_template('edit_password.html',
title='Change your password',
form=form)
if token:
# set hidden field
form.reset_password_token.data = token
return render_template('edit_password.html',
title='Change your password',
form=form)
def edit_user_password(user_id):
"""Show & Handle Form to change user password"""
if "id" not in session or user_id != session['id']:
flash('Please login to view.')
return redirect('/login')
form = EditPasswordForm()
user = User.query.get_or_404(user_id)
username = user.username
if request.method == 'POST':
if form.validate_on_submit():
username = username
password = form.new_password.data
user = User.authenticate_new_password(username, password)
db.session.add(user)
db.session.commit()
flash('Password has been updated!', 'success')
return redirect(f"/users/{user.id}/profile")
else:
return render_template('users/edit_password.html', form=form, user=user)
return render_template('users/edit_password.html', form=form, user=user)
def password():
user = User.query.filter_by(id=current_user.id).first()
form = EditPasswordForm()
if form.validate_on_submit():
if user is not None and user.valid_password(form.old_password.data):
user.password = make_hash(form.password.data)
db_session.add(user)
db_session.commit()
flash('Passwort erfolgreich aktualisiert!')
return redirect(url_for('logged_in'))
else:
flash('Passwort nicht aktualisiert! Aktuelles Passwort nicht korrekt!')
return render_template('password.jinja', form=form)
def editPassword(request):
if request.method == "POST":
form = EditPasswordForm(request.POST)
if form.is_valid():
password = form.cleaned_data['password']
user = User.objects.get(username=request.user.username)
user.set_password(password)
user.save()
messages.add_message(request, messages.INFO, 'Your password has been changed')
return HttpResponseRedirect("/yaas/")
else:
form = EditPasswordForm(request.POST)
return render_to_response("editPass.html", {'form': form},context_instance= RequestContext(request))
def edit_password(request):
if request.method == "POST":
form = EditPasswordForm(request.POST)
if form.is_valid():
user = auth.authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['oldPassword']) #@UndefinedVariable
if (not user == None) and user.is_active and user.is_authenticated() :
user.set_password(form.cleaned_data['newPassword'])
user.save()
auth.login(request, user)
return HttpResponse(json.dumps({ 'result':"密码修改成功!"}), content_type="application/json")
else :
return HttpResponse(json.dumps({ 'result':"输入的原密码不正确!"}), content_type="application/json")
else :
return render_to_response('editpwd.html',{'current_app' : current_app, 'current_tab' : request.path
},context_instance=RequestContext(request))
def edit_password(username):
form = EditPasswordForm()
if form.validate_on_submit():
current_password = form.current_password.data
new_password = form.new_password.data
confirm = form.confirm.data
user = User.authenticate(g.user.username, current_password)
if user:
user.update_password(new_password)
return redirect(url_for('show_user', username=username))
else:
form.current_password.errors.append('Invalid password')
return render_template('form.html', form=form)
def edit_password(request):
"""
view untuk fungionalitas perubahan password
"""
if request.POST:
form = EditPasswordForm(request.POST, initial={'user': request.user})
if form.is_valid():
request.user.set_password(request.POST['password1'])
request.user.save()
messages.info(request, _('OK password changed'))
return HttpResponseRedirect(reverse('self_profile'))
else:
form = EditPasswordForm()
return render_to_response('accounts/edit_password.html',
{'form': form},
context_instance=RequestContext(request))
def editPassword(request):
if request.method == "POST":
form = EditPasswordForm(request.POST)
if form.is_valid():
password = form.cleaned_data['password']
user = User.objects.get(username=request.user.username)
user.set_password(password)
user.save()
messages.add_message(request, messages.INFO,
'Your password has been changed')
return HttpResponseRedirect("/yaas/")
else:
form = EditPasswordForm(request.POST)
return render_to_response("editPass.html", {'form': form},
context_instance=RequestContext(request))
def edit_password(request):
form = EditPasswordForm(request.POST or None)
if request.method == 'POST':
if form.is_valid():
current_password = form.cleaned_data['password']
new_password = form.cleaned_data['new_password']
if authenticate(username = request.user.username, password = current_password):
request.user.set_password( new_password )
request.user.save()
update_session_auth_hash( request, request.user )
messages.success(request, 'El password ha sido actualizado')
else:
messages.error(request, 'El password no es el correcta')
context = {'form' : form}
return render(request, 'client/edit_password.html', context)
def edit_password_form(self):
"""Return password reset form with constraints from config."""
return EditPasswordForm(
self.password_constraints['min_length'],
self.password_constraints['max_length'],
self.password_constraints['constraints'],
self.password_constraints['min_constraints'],
self.password_constraints['constraints_message'],
meta=wft_locales()
)
def change_password():
"""Update profile for current user."""
form = EditPasswordForm(obj=g.user)
if form.validate_on_submit():
user = User.change_password(g.user.username, form.old_password.data,
form.new_password.data, form.confirm.data)
if not user:
flash('Incorrect Password', 'danger')
return redirect(url_for('homepage'))
try:
db.session.commit()
flash('Password successfully changed', 'success')
return redirect(url_for('users_show', user_id=g.user.id))
except (InvalidRequestError, IntegrityError):
db.session.rollback()
flash("Something went wrong. Session rolled back.", 'danger')
return render_template('users/password.html', form=form, user_id=g.user.id)
def edit_password(request):
form = EditPasswordForm(request.POST or None)
if request.method == 'POST':
if form.is_valid():
current_password = form.cleaned_data['password']
new_password = form.cleaned_data['new_password']
if authenticate(username=request.user.username,
password=current_password):
request.user.set_password(new_password)
request.user.save()
# Para que Django no nos saque de la sesión
update_session_auth_hash(request, request.user)
messages.success(request, 'Contraseña actualizada')
else:
messages.error(request,
'No es posible actualizar la contraseña')
context = {'form': form}
return render(request, 'client/edit_password.html', context)
def update_password():
form = EditPasswordForm(obj=g.user)
if form.validate_on_submit():
user = User.change_password(g.user.username,
form.old_password.data,
form.new_password.data,
form.confirm.data)
if not user:
flash('Incorrect Password', 'danger')
return redirect('/')
try:
db.session.commit()
flash('Password successfully changed', 'success')
return redirect("/")
except (InvalidRequestError, IntegrityError):
db.session.rollback()
flash("Something went wrong. Session rolled back.", 'danger')
return render_template('update-password-form.html', form=form, user_id=g.user.id)
def edit_password(request):
if request.method == "POST":
form = EditPasswordForm(request.POST)
if form.is_valid():
user = auth.authenticate(
username=form.cleaned_data['username'],
password=form.cleaned_data['oldPassword']) #@UndefinedVariable
if (not user
== None) and user.is_active and user.is_authenticated():
user.set_password(form.cleaned_data['newPassword'])
user.save()
auth.login(request, user)
return HttpResponse(json.dumps({'result': "密码修改成功!"}),
content_type="application/json")
else:
return HttpResponse(json.dumps({'result': "输入的原密码不正确!"}),
content_type="application/json")
else:
return render_to_response('editpwd.html', {
'current_app': current_app,
'current_tab': request.path
},
context_instance=RequestContext(request))
def require_password_change(self, user, target_url):
"""Show form for required password change.
:param User user: User instance
:param str target_url: URL for redirect
"""
# clear last sign in timestamp and generate reset token
# to mark as requiring password change
user.last_sign_in_at = None
user.reset_password_token = self.generate_token()
self.user_query().session.commit()
# show password reset form
form = EditPasswordForm()
# set hidden field
form.reset_password_token.data = user.reset_password_token
flash("Please choose a new password")
return render_template('edit_password.html',
title='Change your password',
form=form)
