def dashboard(u):
"""
Display an overview of all the user's projects with summary
statistics.
"""
u = User.by_username(u)
if not u:
# No such user exists.
return abort(404)
is_owner = (g.user and g.user.id == u.id)
# Get all projects by decending creation date.
projects = (
u.projects
.order_by(False)
.order_by(Project.created.desc())
)
if not is_owner:
# If this isn't the users own page, only
# display public projects.
projects = projects.filter_by(public=True)
return render_template('dashboard.html',
user=u,
is_owner=is_owner,
projects=projects,
page_title='Notifico! - {u.username}\'s Projects'.format(
u=u
)
)
def dashboard(u):
"""
Display an overview of all the user's projects with summary
statistics.
"""
u = User.by_username(u)
if not u:
# No such user exists.
return abort(404)
is_owner = (g.user and g.user.id == u.id)
# Get all projects by decending creation date.
projects = (u.projects.order_by(False).order_by(Project.created.desc()))
if not is_owner:
# If this isn't the users own page, only
# display public projects.
projects = projects.filter_by(public=True)
return render_template(
'dashboard.html',
user=u,
is_owner=is_owner,
projects=projects,
page_title='Notifico! - {u.username}\'s Projects'.format(u=u))
def validate_username(form, field):
from notifico.views.account import _reserved
username = field.data.strip().lower()
if username in _reserved or User.username_exists(username):
raise wtf.ValidationError(
'Sorry, but that username is taken.'
)
def validate_username(form, field):
user = User.by_username(field.data)
if not user:
raise wtf.ValidationError('No such user exists.')
if reset.count_tokens(user) >= 5:
raise wtf.ValidationError(
'You may not reset your password more than 5 times'
' in one day.')
def validate_username(form, field):
user = User.by_username(field.data)
if not user:
raise wtf.ValidationError('No such user exists.')
if reset.count_tokens(user) >= 5:
raise wtf.ValidationError(
'You may not reset your password more than 5 times'
' in one day.'
)
def forgot_password():
"""
If NOTIFICO_PASSWORD_RESET is enabled and Flask-Mail is configured,
this view allows you to request a password reset email. It also
handles accepting those tokens.
"""
# Because this functionality depends on Flask-Mail and
# celery being properly configured, we default to disabled.
if not current_app.config.get('NOTIFICO_PASSWORD_RESET'):
flash(
'Password resets have been disabled by the administrator.',
category='warning'
)
return redirect('.login')
# How long should reset tokens last? We default
# to 24 hours.
token_expiry = current_app.config.get(
'NOTIFICO_PASSWORD_RESET_EXPIRY',
60 * 60 * 24
)
form = UserForgotForm()
if form.validate_on_submit():
user = User.by_username(form.username.data)
new_token = reset.add_token(user, expire=token_expiry)
# Send the email as a background job so we don't block
# up the browser (and to use celery's built-in rate
# limiting).
background.send_mail.delay(
'Notifico - Password Reset for {username}'.format(
username=user.username
),
# We're already using Jinja2, so we might as well use
# it to render our email templates as well.
html=render_template(
'email_reset.html',
user=user,
reset_link=url_for(
'.reset_password',
token=new_token,
uid=user.id,
_external=True
),
hours=token_expiry / 60 / 60
),
recipients=[user.email],
sender=current_app.config['NOTIFICO_MAIL_SENDER']
)
flash('A reset email has been sent.', category='success')
return redirect(url_for('.login'))
return render_template('forgot.html', form=form)
def admin_user(username):
do = request.args.get('do', None)
u = User.by_username(username)
if u is None:
return abort(404)
password_form = UserPasswordForm()
if do == 'p' and password_form.validate_on_submit():
u.set_password(password_form.password.data)
db.session.commit()
return redirect(url_for('.admin_user', username=username))
return render_template('admin_user.html', u=u, password_form=password_form)
def login():
"""
Standard login form.
"""
if g.user:
return redirect(url_for('public.landing'))
form = UserLoginForm()
if form.validate_on_submit():
u = User.by_username(form.username.data)
session['_u'] = u.id
session['_uu'] = u.username
return redirect(url_for('projects.dashboard', u=u.username))
return render_template('login.html', form=form)
def _wrapped(*args, **kwargs):
u = User.by_username(kwargs.pop('u'))
if not u:
# No such user exists.
return abort(404)
p = Project.by_name_and_owner(kwargs.pop('p'), u)
if not p:
# Project doesn't exist (404 Not Found)
return abort(404)
kwargs['p'] = p
kwargs['u'] = u
return f(*args, **kwargs)
def _wrapped(*args, **kwargs):
u = User.by_username(kwargs.pop('u'))
if not u:
# No such user exists.
return abort(404)
p = Project.by_name_and_owner(kwargs.pop('p'), u)
if not p:
# Project doesn't exist (404 Not Found)
return abort(404)
kwargs['p'] = p
kwargs['u'] = u
return f(*args, **kwargs)
def login():
"""
Standard login form.
"""
if g.user:
return redirect(url_for('public.landing'))
form = UserLoginForm()
if form.validate_on_submit():
u = User.by_username(form.username.data)
session['_u'] = u.id
session['_uu'] = u.username
return redirect(url_for('projects.dashboard', u=u.username))
return render_template('login.html', form=form)
def overview(u):
"""
Display an overview of all the user's projects with summary
statistics.
"""
u = User.by_username(u)
if not u:
# No such user exists.
return abort(404)
is_owner = (g.user and g.user.id == u.id)
return render_template('overview.html',
user=u,
is_owner=is_owner
)
def login():
"""
Standard login form.
"""
if g.user:
flash('You must logout before logging in.', 'error')
return redirect(url_for('public.landing'))
form = UserLoginForm()
if form.validate_on_submit():
u = User.by_username(form.username.data)
session['_u'] = u.id
session['_uu'] = u.username
flash('Welcome back!', 'success')
return redirect(url_for('public.landing'))
return render_template('login.html', form=form)
def admin_user(username):
do = request.args.get('do', None)
u = User.by_username(username)
if u is None:
return abort(404)
password_form = UserPasswordForm()
if do == 'p' and password_form.validate_on_submit():
u.set_password(password_form.password.data)
g.db.session.commit()
return redirect(url_for('.admin_user', username=username))
return render_template(
'admin_user.html',
u=u,
password_form=password_form
)
def register():
"""
If new user registrations are enabled, provides a registration form
and validation.
"""
if g.user:
return redirect(url_for('public.landing'))
# Make sure this instance is allowing new users.
if not current_app.config.get('NOTIFICO_NEW_USERS', True):
return redirect(url_for('public.landing'))
form = UserRegisterForm()
if form.validate_on_submit():
# Checks out, go ahead and create our new user.
u = User.new(form.username.data, form.email.data, form.password.data)
db.session.add(u)
db.session.commit()
# ... and send them back to the login screen.
return redirect(url_for('.login'))
return render_template('register.html', form=form)
def register():
"""
If new user registrations are enabled, provides a registration form
and validation.
"""
if g.user:
return redirect(url_for('public.landing'))
# Make sure this instance is allowing new users.
if not current_app.config.get('PUBLIC_NEW_USERS', True):
return redirect(url_for('public.landing'))
form = UserRegisterForm()
if form.validate_on_submit():
# Checks out, go ahead and create our new user.
u = User.new(form.username.data, form.email.data, form.password.data)
g.db.session.add(u)
g.db.session.commit()
# ... and send them back to the login screen.
return redirect(url_for('.login'))
return render_template('register.html', form=form)
def validate_password(form, field):
if not User.login(g.user.username, field.data):
raise wtf.ValidationError('Password is incorrect.')
def validate_password(form, field):
if not User.login(form.username.data, field.data):
raise wtf.ValidationError('Incorrect username and/or password.')
def validate_username(form, field):
username = field.data.strip().lower()
if username in _reserved or User.username_exists(username):
raise wtf.ValidationError(
'Sorry, but that username is taken.'
)
def validate_password(form, field):
if not User.login(g.user.username, field.data):
raise wtf.ValidationError('Your password is incorrect.')
def validate_username(form, field):
from notifico.views.account import _reserved
username = field.data.strip().lower()
if username in _reserved or User.username_exists(username):
raise wtf.ValidationError('Sorry, but that username is taken.')
def validate_password(form, field):
if not User.login(form.username.data, field.data):
raise wtf.ValidationError('Incorrect username and/or password.')
