def logout():
db = sqlite3_connection()
db.execute_sql_cmd("""UPDATE users SET logged_in = 0 WHERE name = ?""",
(Session.get_session_by_name("username"), ))
db.close_connection()
Session.clear_all()
return redirect(url_for("home_app.home"))
def change_password():
username = Session.get_session_by_name("username")
if request.method == "POST":
if username:
db = sqlite3_connection()
current_password = db.get_one("SELECT password FROM users WHERE name =?", (username, ))
if Password.check_password(current_password["password"], request.form["password"]):
hashed_password = Password.hash_passwd(request.form["new_password"])
db.execute_sql_cmd("""UPDATE users set password = ? WHERE name = ?""", (hashed_password, username))
Session.clear_all()
flash("Your password has been successfully changed. You may now login with the new password")
db.close_connection()
return redirect(url_for("login_app.login"))
flash("The password you entered does not match the current password")
db.close_connection()
return render_template("password/new_password.html")
def admin(*args, **kwargs):
if not Session.get_session_by_name("admin"):
return redirect(url_for("home_app.home"))
return f(*args, **kwargs)
def login(*args, **kwargs):
if Session.get_session_by_name("username") is None:
return redirect(url_for("login_app.login"))
return f(*args, **kwargs)
def is_user_logged_in(*args, **kwargs):
if Session.get_session_by_name("username"):
return redirect(url_for("home_app.home"))
return f(*args, **kwargs)
