def my_info(): form = forms.ChangeInfoForm(request.form) if form.validate_on_submit(): for name, value in form.data.items(): try: user_attr = current_user.__dict__[name] form_attr = type(user_attr)(value) if user_attr != form_attr: setattr(current_user, name, form_attr) except AttributeError: return None if db.session.is_modified(current_user): db.session.add(current_user) db.session.commit() flash("Your information have been updated successfully!", 'success') else: flash("You need to change some information to update.", 'warning') else: forms.flash_errors(form) return render_template('user/my_info.html', form=form, user=current_user)
def register(): if current_user.is_authenticated: return redirect(url_for('.index')) form = forms.RegistrationForm(request.form) if form.validate_on_submit(): user = User( username = form.username.data, password = form.password.data, firstname = form.firstname.data, lastname = form.lastname.data, email = form.email.data ) db.session.add(user) db.session.commit() send_confirmation_email( user, subject = "Please confirm your email", template = 'user/email/confirm.html', redirect_to = 'user.confirm_registration', token_type = 'confirm', ) login_user(user, form.remember_me.data) flash("A confirmation email has been sent to you by email.", 'info') flash("You are logged in with restricted access and need to confirm " "to get access to the other pages.", 'warning') return redirect(url_for('.index')) else: forms.flash_errors(form) return render_template("user/register.html", form=form)
def password_reset(token): if not current_user.is_anonymous: return redirect(url_for('.index')) form = forms.PasswordResetForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and user.has_valid_token(token, token_type='password'): user.password = form.password.data db.session.add(user) db.session.commit() flash('Your password has been updated. Please, log in.', 'success') return redirect(url_for('.login')) else: flash('The current link to reset your password is invalid or ' 'has expired. Please, make another request to reset your ' 'password.', 'danger') return redirect(url_for('.request_password_reset')) else: forms.flash_errors(form) return render_template('user/reset_password.html', form=form, token=token)
def change_password(): form = forms.ChangePasswordForm() if form.validate_on_submit(): if current_user.has_password_equal_to(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) db.session.commit() flash('Your password has been updated.', 'success') return redirect(url_for('.index')) else: flash("Couldn't change your password.", 'danger') else: forms.flash_errors(form) return render_template("user/change_password.html", form=form)
def login(): # login_dev_user() # FOR_DEV if current_user.is_authenticated and login_fresh(): return redirect(url_for('.index')) form = forms.LoginForm(request.form) if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user and user.has_password_equal_to(form.password.data): login_user(user, form.remember_me.data) flash("Logged in successfully!", 'success') return redirect(request.args.get('next') or url_for('.index')) else: flash("Wrong username or password!", 'danger') else: forms.flash_errors(form) return render_template("user/login.html", form=form)
def request_change_email(): form = forms.ChangeEmailForm() if form.validate_on_submit(): if current_user.has_password_equal_to(form.password.data): send_confirmation_email( current_user, to = form.email.data, subject = "Confirm your email address", template = 'user/email/change_email.html', redirect_to = 'user.change_email', token_type = 'email', token_dict = dict(email=form.email.data) ) flash('An email with instructions to confirm your new email ' 'address has been sent to you.', 'info') return redirect(url_for('.index')) else: flash('Wrong email or password.') else: forms.flash_errors(form) return render_template("user/change_email.html", form=form)
def request_password_reset(): if not current_user.is_anonymous: return redirect(url_for('.index')) form = forms.RequestPasswordResetForm(request.form) if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user and user.email == form.email.data: send_confirmation_email( user, subject = "Reset Your Password", template = 'user/email/reset_password.html', redirect_to = 'user.password_reset', token_type = 'password', ) flash("An email with instructions to reset your password " "has been sent to you.", 'info') else: flash("Wrong username or email!", 'danger') else: forms.flash_errors(form) return render_template("user/request_password_reset.html", form=form)