def create_model(self, form): if form.auth_data.data == '': form.auth_data.errors.append(lazy_gettext("This field is required.")) return False form.auth_data.data = create_salted_password(form.auth_data.data) model = super(UsersView, self).create_model(form) model.creation_date = datetime.datetime.now() return model
def update_model(self, form, model): old_auth_data = model.auth_data if form.auth_data.data != '': form.auth_data.data = create_salted_password(form.auth_data.data) return_value = super(UsersView, self).update_model(form, model) if form.auth_data.data == '': model.auth_data = old_auth_data self.session.add(model) self.session.commit() return return_value
def create_model(self, form): if form.auth_data.data == '': form.auth_data.errors.append( lazy_gettext("This field is required.")) return False form.auth_data.data = create_salted_password(form.auth_data.data) model = super(UsersView, self).create_model(form) model.creation_date = datetime.datetime.now() return model
def create_user(login, name, password): """ Creates a new user and adds it to the DB. """ password = create_salted_password("password") user = User(login, name, password, "*****@*****.**", None, None, datetime.datetime.now(), datetime.datetime.now(), "userpass", password) db.session.add(user) db.session.commit() return user
def index(self): """ index(self) This method will be invoked for the Profile Edit view. This view is used for both viewing and updating the user profile. It exposes both GET and POST, for viewing and updating respectively. """ # This will be passed as a template parameter to let us change the password. # (And display the appropriate form field). change_password = True user = current_user() if user is None: return redirect("login") # If it is a POST request to edit the form, then request.form will not be None # Otherwise we will simply load the form data from the DB if len(request.form): form = ProfileEditForm(request.form, csrf_enabled=True) else: # It was a GET request (just viewing). form = ProfileEditForm(csrf_enabled=True) form.name.data = user.name form.login.data = user.login form.email.data = user.email form.organization.data = user.organization form.role.data = user.role form.creation_date.data = user.creation_date form.last_access_date.data = user.last_access_date form.auth_system.data = user.auth_system form.password.data = user.auth_data # If the method is POST we assume that we want to update and not just view if request.method == "POST" and form.validate_on_submit(): # It was a POST request, the data (which has been modified) will be contained in # the request. For security reasons, we manually modify the user for these # settings which should actually be modifiable. user.email = form.email.data user.organization = form.organization.data user.role = form.role.data user.auth_type = form.auth_system.data # Probably in the release we shouldn't let users modify the auth this way if len(form.password.data) > 0: new_password_data = create_salted_password(form.password.data) user.auth_data = new_password_data db.session.add(user) db.session.commit() flash("Changes saved", "success") return self.render("user/profile-edit.html", user=user, form=form, change_password=change_password)