def password(username, password): """Change the password of a user. \b Args: username: user to change password for """ user = User.query.filter_by(username=username).first() if not user: click.echo('User does not exist') return hashed_password = user_manager.hash_password(password) user.password = hashed_password try: correct = True db.session.commit() except Exception as e: # Catch anything unknown correct = False click.echo(e) finally: if not correct: # Cleanup and show error db.session.rollback() click.echo('Failed to change password') else: click.echo('Password changed')
def create(username, email, password): """Add a new user to the database.""" hashed_password = user_manager.hash_password(password) new_user = User( username=username, email=email, password=hashed_password, confirmed_at=datetime.datetime.utcnow(), is_enabled=True, ) try: correct = True db.session.add(new_user) db.session.commit() except Exception as e: # Catch anything unknown correct = False click.echo(e) finally: if not correct: # Cleanup and show error db.session.rollback() click.echo( 'Error creating user, make sure username and email are unique' ) else: click.echo('New user created')
def change_password_user(): """ Metodo que sirve para cambiar la contrasena de un usuario. Este metodo primeramente se debe comprobar que se sabe la contrasena antigua, para poder cambiar la contrasena, por una nueva. """ form = ChangePasswordForm(request.form) if form.validate_on_submit(): if not request.form['old_password'] or request.form[ 'old_password'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/change_password_user.html', title='Change Password', form=form) if not request.form['password'] or request.form['password'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/change_password_user.html', title='Change Password', form=form) if request.form['password'] != request.form['retype_password']: flash("Passwords are not the same!", "warn") return render_template('user/change_password_user.html', title='Change Password', form=form) hashed_password = user_manager.hash_password(request.form['password']) # Modificamos el password del usuario current_user.password = hashed_password try: correct = True db.session.commit() except Exception as e: # Catch anything unknown print(e) correct = False finally: if not correct: # Cleanup and show error db.session.rollback() flash( 'Error modifying password of user, make sure username and email are unique', 'error') return render_template('user/change_password_user.html', title='Change Password', form=form) else: flash('Congratulations, update your password!', 'success') return redirect(url_for('user_ksat.show_user')) return render_template('user/change_password_user.html', title='Change Password', form=form)
def register(): """ Metodo que sirve para registrar un usuario.""" if current_user.is_authenticated: return redirect(url_for('general.show_dash')) form = RegistrationForm() if form.validate_on_submit(): #Continua con la creacion de un usuario hashed_password = user_manager.hash_password(form.password.data) new_user = User( username=form.username.data, email=form.email.data, password=hashed_password, confirmed_at=datetime.datetime.utcnow(), is_enabled=True, ) role = 'User' role_default = Role.query.filter_by(name=role).first() if not role_default: new_role_default = Role(name='User') new_user.roles.add(new_role_default) else: new_user.roles.add(role_default) try: correct = True db.session.add(new_user) db.session.commit() except Exception as e: # Catch anything unknown print(e) correct = False finally: if not correct: # Cleanup and show error db.session.rollback() flash( 'Error creating user, make sure username and email are unique', 'error') else: flash('Congratulations, you are now a registered user!', 'success') return redirect(url_for('user.login')) return render_template('extensions/flask_user/register.html', title='Register', form=form)
def modify_by_user(): """ Metodo que sirve para modificar el perfil de un usuario.""" user_form = UserForm(request.form) user_form.username.data = current_user.username user_form.email.data = current_user.email user_form.password.data = current_user.password user_form.first_name.data = current_user.first_name user_form.last_name.data = current_user.last_name if user_form.validate_on_submit(): if not request.form['username'] or request.form['username'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/modify_by_user.html', title='Modify Profile', user_form=user_form) if not request.form['email'] or request.form['email'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/modify_by_user.html', title='Modify Profile', user_form=user_form) if not request.form['password'] or request.form['password'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/modify_by_user.html', title='Modify Profile', user_form=user_form) if request.form['password'] != request.form['retype_password']: flash("Passwords are not the same!", "warn") return render_template('user/modify_by_user.html', title='Modify Profile', user_form=user_form) hashed_password = user_manager.hash_password(request.form['password']) current_user.username = request.form['username'] current_user.email = request.form['email'] current_user.password = hashed_password current_user.first_name = request.form['first_name'] current_user.last_name = request.form['last_name'] current_user.confirmed_at = datetime.datetime.utcnow() try: correct = True db.session.commit() except Exception as e: # Catch anything unknown print(e) correct = False finally: if not correct: # Cleanup and show error db.session.rollback() flash( 'Error modifying user, make sure username and email are unique', 'error') return render_template('user/modify_by_user.html', title='Modify Profile', user_form=user_form) else: flash('The user was successfully modified.', 'success') return redirect(url_for('user_ksat.show_user')) return render_template('user/modify_by_user.html', title='Modify Profile', user_form=user_form)
def modify_user(): """ Metodo exclusivo del administrador para modificar un usuario.""" id_hash = request.args.get('id') if not id_hash or id_hash == '': flash('There is no id.', 'error') return redirect(url_for('user_ksat.manage_user')) modify_user = User.query.filter_by( id=hashids_hasher.decode(id_hash)).first() if not modify_user: flash('There is no user to be changed.', 'error') return redirect(url_for('user_ksat.manage_user')) roles = Role.query.all() user_form = UserForm(username=modify_user.username, email=modify_user.email, password=modify_user.password, retype_password=modify_user.password, is_enabled=modify_user.is_enabled, first_name=modify_user.first_name, last_name=modify_user.last_name, locale=modify_user.locale, timezone=modify_user.timezone) # Metemos los valores actuales de los roles y los roles que no se anadieron anteriormente # para que puedan ser seleccionados user_form.roles.choices = [(i.name, i.name) for i in roles] user_form.roles.data = [i for i in modify_user.role_names] if user_form.validate_on_submit(): if not request.form['username'] or request.form['username'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/add_edit_user.html', title='Modify User', user_form=user_form) if not request.form['email'] or request.form['email'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/add_edit_user.html', title='Modify User', user_form=user_form) if not request.form['password'] or request.form['password'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/add_edit_user.html', title='Modify User', user_form=user_form) if request.form['password'] != request.form['retype_password']: flash("Passwords are not the same!", "warn") return render_template('user/add_edit_user.html', title='Modify User', user_form=user_form) hashed_password = user_manager.hash_password(request.form['password']) modify_user.username = request.form['username'] modify_user.email = request.form['email'] modify_user.password = hashed_password modify_user.confirmed_at = datetime.datetime.utcnow() if 'is_enabled' in request.form: modify_user.is_enabled = True else: modify_user.is_enabled = False modify_user.first_name = request.form['first_name'] modify_user.last_name = request.form['last_name'] modify_user.locale = request.form['locale'] modify_user.timezone = request.form['timezone'] # Si existe la lista de roles que hemos elegido se anadira al usuario if request.form.getlist('roles'): for rol in roles: if rol.name in request.form.getlist('roles'): modify_user.roles.add(rol) else: modify_user.roles = set() try: correct = True db.session.commit() except Exception as e: # Catch anything unknown print(e) correct = False finally: if not correct: # Cleanup and show error db.session.rollback() flash( 'Error modifying user, make sure username and email are unique', 'error') else: flash('Congratulations, you have modified a user!', 'success') return redirect(url_for('user_ksat.manage_user')) return render_template('user/add_edit_user.html', title='Modify User', user_form=user_form)
def add_user(): """ Metodo exclusivo del administrador para anadir un nuevo usuario.""" roles = Role.query.all() user_form = UserForm(request.form) user_form.roles.choices = [(i.name, i.name) for i in roles] if user_form.validate_on_submit(): if not request.form['username'] or request.form['username'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/add_edit_user.html', title='Add User', add=True, user_form=user_form) if not request.form['email'] or request.form['email'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/add_edit_user.html', title='Add User', add=True, user_form=user_form) if not request.form['password'] or request.form['password'] == '': flash("No null or empty values are allowed.", "warn") return render_template('user/add_edit_user.html', title='Add User', add=True, user_form=user_form) if request.form['password'] != request.form['retype_password']: flash("Passwords are not the same!", "warn") return render_template('user/add_edit_user.html', title='Add User', add=True, user_form=user_form) hashed_password = user_manager.hash_password(user_form.password.data) new_user = User(username=user_form.username.data, email=user_form.email.data, password=hashed_password, confirmed_at=datetime.datetime.utcnow(), is_enabled=user_form.is_enabled.data, first_name=user_form.first_name.data, last_name=user_form.last_name.data, locale=user_form.locale.data, timezone=user_form.timezone.data) # Si existe la lista de roles que hemos elegido se anadira al usuario if user_form.roles.data: for rol in roles: if rol.name in user_form.roles.data: new_user.roles.add(rol) try: correct = True db.session.add(new_user) db.session.commit() except Exception as e: # Catch anything unknown print(e) correct = False finally: if not correct: # Cleanup and show error db.session.rollback() flash( 'Error creating user, make sure username and email are unique', 'error') else: flash('Congratulations, you have created a new user!', 'success') return redirect(url_for('user_ksat.manage_user')) return render_template('user/add_edit_user.html', title='Add User', add=True, user_form=user_form)