def auth_set_password():
passwordform = PasswordForm(request.form)
if not passwordform.validate():
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=UsernameForm(),
passwordform=passwordform)
if passwordform.password.data != passwordform.password2.data:
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=UsernameForm(),
passwordform=passwordform,
error="You gave two different passwords")
user = User.query.get(current_user.id)
user.password = passwordform.password.data
db.session().commit()
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=UsernameForm(),
passwordform=PasswordForm(),
confirm="Password was changed")
def auth_set_username():
usernameform = UsernameForm(request.form)
if not usernameform.validate():
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=usernameform,
passwordform=PasswordForm())
user = User.query.filter_by(username=usernameform.username.data).first()
if user:
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=UsernameForm(),
passwordform=PasswordForm(),
error="Username is already in use")
user = User.query.get(current_user.id)
user.username = usernameform.username.data
db.session().commit()
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=UsernameForm(),
passwordform=PasswordForm(),
confirm="Userame was changed")
def user_edit_password():
if request.method == 'GET':
return redirect(url_for('user_profile'))
form = PasswordForm(request.form)
user = User.query.get(current_user.id)
if not form.validate():
return render_template(
'auth/profile.html',
user=user,
usernameForm=UsernameForm(),
passwordForm=form,
)
with session_scope() as session:
user = session.query(User).get(current_user.id)
password = form.password.data.encode()
salt = bcrypt.gensalt(rounds=10)
phash = bcrypt.hashpw(password, salt)
user.phash = phash.decode()
session.commit()
return redirect(url_for('user_profile'))
def user_profile():
user = User.query.filter(User.id == current_user.id).first()
usernameForm = UsernameForm()
passwordForm = PasswordForm()
with suppress(KeyError):
usernameForm = request.args['usernameForm']
with suppress(KeyError):
passwordForm = request.args['passwordForm']
return render_template(
'auth/profile.html',
user=user,
usernameForm=UsernameForm(),
passwordForm=PasswordForm(),
)
def auth_set_name():
nameform = NameForm(request.form)
if not nameform.validate():
return render_template("auth/settings.html",
user=current_user,
nameform=nameform,
usernameform=UsernameForm(),
passwordform=PasswordForm())
user = User.query.get(current_user.id)
user.name = nameform.name.data
db.session().commit()
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=UsernameForm(),
passwordform=PasswordForm(),
confirm="Name was changed")
def user_edit_username():
if request.method == 'GET':
return redirect(url_for('user_profile'))
form = UsernameForm(request.form)
user = User.query.get(current_user.id)
if not form.validate():
return render_template(
'auth/profile.html',
user=user,
usernameForm=form,
passwordForm=PasswordForm(),
)
with session_scope() as session:
username = form.username.data
existingUser = session.query(User).filter(
User.username == username).first()
if (existingUser):
form.username.errors.append('Username already exists')
return render_template(
'auth/profile.html',
user=user,
usernameForm=form,
passwordForm=PasswordForm(),
)
user.username = username
session.commit()
return redirect(url_for('user_profile'))
def delete_cancel():
return render_template("auth/settings.html",
user=current_user,
nameform=NameForm(),
usernameform=UsernameForm(),
passwordform=PasswordForm())