def create(self): """ Register a user in the database """ pw_hash = auth.hash_password(self.password) sql = """ insert into Users (username, password, email, first_name, last_name) values (%s, %s, %s, %s, %s) returning user_id """ data = (self.username, pw_hash, self.email, self.fname, self.lname) user_id = app.db.exec_query(sql, data, "commit", "returning") if user_id: self.user_id = user_id self.password = pw_hash logger.debug("Created new user_id: %s | username: %s" % (user_id, self.username)) else: logger.debug("Failed to create username: %s" % (username)) return user_id
def user_setting_password(username): """ GET - Show password change form POST - Update g.user.password to password hash and change it in database """ if g.user.username == username: form = UserPwForm() if form.validate_on_submit(): pw_hash = auth.hash_password(request.form['password']) if pw_hash: g.user.password = pw_hash g.user.update() return redirect(url_for('user_settings', username=g.user.username)) else: return render_template('user/settings/password.html', username=g.user.username, form=form) else: # unauthorized user return redirect(url_for('user_settings', username=g.user.username))