def email_confirm(code):
email, email_exists = get_row("""
UPDATE email_confirm
SET opened = current_timestamp
WHERE code = %s
RETURNING email, (SELECT EXISTS (SELECT 1 FROM zerosum_user
WHERE email=email_confirm.email
AND is_active))
""", [code])
if email_exists:
flash('A user with this email address already exists. Please log in!',
'warning')
return redirect(url_for('login'))
form = forms.RegisterForm(email=email)
form.email.kwargs = dict(readonly=True)
if form.validate_on_submit():
assert form.email.data == email
user = User(get_or_create_user(email))
user.set_password(request.form['password'])
flash('Created new user!', 'success')
login_user(user)
return redirect(url_for('home'))
else:
return render_template('register.html', form=form)
def send_owe_mail(owe_id):
owe = get_row("""
SELECT owe.*,
creditor.email AS creditor_email,
creditor.name AS creditor_name,
creditor.is_active,
debitor.name AS debitor_name
FROM owe
JOIN zerosum_user creditor ON (creditor_id = creditor.user_id)
JOIN zerosum_user debitor ON (debitor_id = debitor.user_id)
WHERE owe_id = %s
""", [owe_id])
send_mail('mails/new_owe.txt', owe.creditor_email,
confirm_code=lambda: confirm_code(owe.creditor_email), **owe._asdict())
def login():
if request.method == 'POST':
login = request.form['login']
password = request.form['password']
# get user
try:
db_user = db.get_row("SELECT * FROM zerosum_user WHERE email = %s",
[login])
user = User(db_user)
if user.check_password(password):
login_user(user)
return redirect(url_for('home'))
except db.NoResult:
pass
flash('Email/password do not match or no user with this email exists',
'error')
return render_template('login.html')
