def send_email_verification(user_id: str):
user = users_model.get_user(user_id, ["email_verification", "email"])
verification_str = user["email_verification"]
try:
verification_url = url_for("verify", username=user_id, verification_str=verification_str, _external=True)
except RuntimeError:
verification_url = "SENT FROM TERMINAL: %s" % (verification_str)
return email.send_email("Thank you for registering for Sherwyn's CS 166 Security Blog! Go to the following link to verify your email: %s" % verification_url, user["email"])
def current_user():
# No user is logged in
cid = current_user_id()
if not cid:
return None
# get the user's information from the database
user_model = users_model.get_user(
cid, ["user_id", "join_date", "email", "role", "email_verification"])
# don't expose the email verification code to the template (replace with a bool...dynamic typing abuse)
user_model["email_verification"] = not user_model["email_verification"]
return user_model
def profile(username: str, page: int = 1):
#user = {
# "join_date" : datetime.datetime.today()
# , "email_verified": True
# , "admin_status" : True
#}
user = users_model.get_user(username)
# if the user exists, show their profile
if user:
user_posts = posts_model.get_user_posts(username)
total_posts = len(user_posts)
return render_template("profile.html",
username=username,
user=user,
posts=user_posts,
total_posts=total_posts,
page=page)
flash("User %s does not exist." % username)
return redirect(url_for("index"))
def toggle_admin_status(username: str):
role = users_model.get_user(username, ["role"])["role"]
new_role = "admin" if role == "user" else "user"
users_model.set_user(username, "role", new_role)
flash("%s's role is now set to: %s" % (username, new_role))
return redirect(url_for("profile", username=username))
def verify_login(username: str, password: str):
user = users_model.get_user(username)
if not user:
return False
inputted_password_hash = hash_password(password, user["password_salt"])
return inputted_password_hash == user["password_hash"]