def my_info():
form = forms.ChangeInfoForm(request.form)
if form.validate_on_submit():
for name, value in form.data.items():
try:
user_attr = current_user.__dict__[name]
form_attr = type(user_attr)(value)
if user_attr != form_attr:
setattr(current_user, name, form_attr)
except AttributeError:
return None
if db.session.is_modified(current_user):
db.session.add(current_user)
db.session.commit()
flash("Your information have been updated successfully!", 'success')
else:
flash("You need to change some information to update.", 'warning')
else:
forms.flash_errors(form)
return render_template('user/my_info.html', form=form, user=current_user)
def register():
if current_user.is_authenticated:
return redirect(url_for('.index'))
form = forms.RegistrationForm(request.form)
if form.validate_on_submit():
user = User(
username = form.username.data,
password = form.password.data,
firstname = form.firstname.data,
lastname = form.lastname.data,
email = form.email.data
)
db.session.add(user)
db.session.commit()
send_confirmation_email(
user,
subject = "Please confirm your email",
template = 'user/email/confirm.html',
redirect_to = 'user.confirm_registration',
token_type = 'confirm',
)
login_user(user, form.remember_me.data)
flash("A confirmation email has been sent to you by email.", 'info')
flash("You are logged in with restricted access and need to confirm "
"to get access to the other pages.", 'warning')
return redirect(url_for('.index'))
else:
forms.flash_errors(form)
return render_template("user/register.html", form=form)
def password_reset(token):
if not current_user.is_anonymous:
return redirect(url_for('.index'))
form = forms.PasswordResetForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and user.has_valid_token(token, token_type='password'):
user.password = form.password.data
db.session.add(user)
db.session.commit()
flash('Your password has been updated. Please, log in.',
'success')
return redirect(url_for('.login'))
else:
flash('The current link to reset your password is invalid or '
'has expired. Please, make another request to reset your '
'password.',
'danger')
return redirect(url_for('.request_password_reset'))
else:
forms.flash_errors(form)
return render_template('user/reset_password.html', form=form, token=token)
def change_password():
form = forms.ChangePasswordForm()
if form.validate_on_submit():
if current_user.has_password_equal_to(form.old_password.data):
current_user.password = form.password.data
db.session.add(current_user)
db.session.commit()
flash('Your password has been updated.', 'success')
return redirect(url_for('.index'))
else:
flash("Couldn't change your password.", 'danger')
else:
forms.flash_errors(form)
return render_template("user/change_password.html", form=form)
def login():
# login_dev_user() # FOR_DEV
if current_user.is_authenticated and login_fresh():
return redirect(url_for('.index'))
form = forms.LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user and user.has_password_equal_to(form.password.data):
login_user(user, form.remember_me.data)
flash("Logged in successfully!", 'success')
return redirect(request.args.get('next') or url_for('.index'))
else:
flash("Wrong username or password!", 'danger')
else:
forms.flash_errors(form)
return render_template("user/login.html", form=form)
def request_change_email():
form = forms.ChangeEmailForm()
if form.validate_on_submit():
if current_user.has_password_equal_to(form.password.data):
send_confirmation_email(
current_user,
to = form.email.data,
subject = "Confirm your email address",
template = 'user/email/change_email.html',
redirect_to = 'user.change_email',
token_type = 'email',
token_dict = dict(email=form.email.data)
)
flash('An email with instructions to confirm your new email '
'address has been sent to you.', 'info')
return redirect(url_for('.index'))
else:
flash('Wrong email or password.')
else:
forms.flash_errors(form)
return render_template("user/change_email.html", form=form)
def request_password_reset():
if not current_user.is_anonymous:
return redirect(url_for('.index'))
form = forms.RequestPasswordResetForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user and user.email == form.email.data:
send_confirmation_email(
user,
subject = "Reset Your Password",
template = 'user/email/reset_password.html',
redirect_to = 'user.password_reset',
token_type = 'password',
)
flash("An email with instructions to reset your password "
"has been sent to you.", 'info')
else:
flash("Wrong username or email!", 'danger')
else:
forms.flash_errors(form)
return render_template("user/request_password_reset.html", form=form)