def register(): form = OwnerRegister() error = None if form.validate_on_submit(): stimage_ts = None image_ts = None hash_pwd = generate_password_hash(form.password.data) if form.code.data == '10726629': ####save store_image##### if request.files.get('store_image'): #securing file's name filename = secure_filename(form.store_image.data.filename) #pathing file_path = os.path.join(UPLOAD_FOLDER_IMG, 'store', filename) #save image to path form.store_image.data.save(file_path) #image_ts=image name for img_src function to find images stimage_ts = str( thumbnail_process(file_path, 'store', str(form.storecode.data))) if request.files.get('owner_image'): #securing file's name filename = secure_filename(form.owner_image.data.filename) #pathing file_path = os.path.join(UPLOAD_FOLDER_IMG, 'owner', filename) #save image to path form.owner_image.data.save(file_path) #image_ts=image name for img_src function to find images image_ts = str( thumbnail_process(file_path, 'owner', str(form.storecode.data))) store = Store(username=form.username.data, password=hash_pwd, email=form.email.data, storename=form.storename.data, storecode=form.storecode.data) if stimage_ts: store.store_image = stimage_ts if image_ts: store.qr_image = image_ts store.save() return redirect(url_for('store_app.login')) else: error = 'Wrong code' return render_template('store/o_register.html', form=form, error=error)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() if user: form = EditForm(obj=user) #pre populates form if form.validate_on_submit(): #Check if image is of correct type image_ts = None if request.files.get('image'): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, 'user', filename) form.image.data.save( file_path) #save form image under this path image_ts = str( thumbnail_process(file_path, 'user', str(user.id))) if user.username != form.username.data.lower( ): # check that user has changed own username if User.objects.filter(username=form.username.data.lower( )).first(): # check that username not already taken error = "Username already taken" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if user.email != form.email.data.lower( ): # check that user has changed own email if User.objects.filter(email=form.email.data.lower()).first( ): # check that email not already taken error = "This email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email, by clicking on the link sent to your email" body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], "Please confirm email change", body_html, body_text) user.save() return "User details updated, pending email confirmation" if not error: form.populate_obj(user) #populate form with user object if image_ts: #if image was attached to form user.profile_image = image_ts user.save() if not message: #if user did not edit the email message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: abort(404)
def edit(): error = None message = None user = User.objects.filter(username=session.get("username")).first() if user: form = EditForm(obj=user) # Prepopulating the form with what's in user if form.validate_on_submit(): # Check if image image_ts = None if request.files.get("image"): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, "user", filename) form.image.data.save(file_path) image_ts = str(thumbnail_process(file_path, "user", str(user.id))) # User changes their username if user.username != form.username.data.lower(): if User.objects.filter(username=form.username.data.lower()).first(): error = "Username already exists" else: session["username"] = form.username.data.lower() form.username.data = form.username.data.lower() # User changes their email if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = "Email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email address \ to complete this change." # email the user body_html = render_template("mail/user/change_email.html", user=user) body_text = render_template("mail/user/change_email.txt", user=user) email(user.change_configuration["new_email"], "Confirm your new email", body_html, body_text) if not error: # Populate database object with form's content form.populate_obj(user) # Add image if it exists if image_ts: user.profile_image = image_ts user.save() if not message: message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: # User wasn't found abort(404)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() if user: form = EditForm(obj=user) if form.validate_on_submit(): # check if image image_ts = None if request.files.get('image'): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, 'user', filename) form.image.data.save(file_path) image_ts = str( thumbnail_process(file_path, 'user', str(user.id))) if user.username != form.username.data.lower(): if User.objects.filter( username=form.username.data.lower()).first(): error = "Username already exists" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = "Email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email to complete this change" # email the user body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], "Confirm your new email", body_html, body_text) if not error: form.populate_obj(user) if image_ts: user.profile_image = image_ts user.save() if not message: message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: abort(404)
def edit(): error = None message = None user = User.objects.filter(email=session.get('email')).first() if user: form = EditForm() if form.validate_on_submit(): # check if image image_ts = None if request.files.get('image'): if user.profile_image: sizes = ["sm", "lg", "raw"] for size in sizes: filename = '%s.%s.%s.jpg' % (user.id, user.profile_image, size) os.remove( os.path.join(UPLOAD_FOLDER_IMG, 'user', filename)) filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER_IMG, 'user', filename) form.image.data.save(file_path) image_ts = str( thumbnail_process(file_path, 'user', str(user.id))) if user.username != form.username.data.lower(): if User.objects.filter( username=form.username.data.lower()).first(): error = "Username already exists" else: session['username'] = form.username.data.lower() user.username = form.username.data.lower() if not error: if image_ts: user.profile_image = image_ts user.first_name = form.first_name.data user.last_name = form.last_name.data user.facebook_link = form.facebook_link.data user.tel = form.tel.data user.save() if not message: message = "Profile updated" elif request.method == 'GET': form.username.data = user.username form.facebook_link.data = user.facebook_link form.first_name.data = user.first_name form.last_name.data = user.last_name form.tel.data = user.tel return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: abort(404)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() if user: form = EditForm(obj=user) if form.validate_on_submit(): # check if image image_ts = None if request.files.get('image'): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, 'user', filename) form.image.data.save(file_path) image_ts = str(thumbnail_process(file_path, 'user', str(user.id))) if user.username != form.username.data.lower(): if User.objects.filter(username=form.username.data.lower()).first(): error = "Username already exists" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = "Email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email to complete this change" # email the user body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], "Confirm your new email", body_html, body_text) if not error: form.populate_obj(user) if image_ts: user.profile_image = image_ts user.save() if not message: message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: abort(404)
def edit(): error = None message = None store = Store.objects.filter(username=session.get('username')).first() if store: form = OwnerBase(obj=store) if form.validate_on_submit(): #check if there is any image upload stimage_ts = None image_ts = None if request.files.get('store_image'): if store.store_image: sizes = ["sm", "lg", "raw"] for size in sizes: filename = '%s.%s.%s.jpg' % (store.storecode, store.store_image, size) os.remove( os.path.join(UPLOAD_FOLDER_IMG, 'store', filename)) #securing file's name filename = secure_filename(form.store_image.data.filename) #pathing file_path = os.path.join(UPLOAD_FOLDER_IMG, 'store', filename) #save image to path form.store_image.data.save(file_path) #image_ts=image name for img_src function to find images stimage_ts = str( thumbnail_process(file_path, 'store', str(store.storecode))) if request.files.get('owner_image'): if store.qr_image: sizes = ["sm", "lg", "raw"] for size in sizes: filename = '%s.%s.%s.jpg' % (store.storecode, store.qr_image, size) os.remove( os.path.join(UPLOAD_FOLDER_IMG, 'owner', filename)) #securing file's name filename = secure_filename(form.owner_image.data.filename) #pathing file_path = os.path.join(UPLOAD_FOLDER_IMG, 'owner', filename) #save image to path form.owner_image.data.save(file_path) #image_ts=image name for img_src function to find images image_ts = str( thumbnail_process(file_path, 'owner', str(store.storecode))) ########################################################################## #########check if uesrname and email existed or just in lower case####### if store.username != form.username.data.lower(): if Store.objects.filter( username=form.username.data.lower()).first(): error = "Username already exists" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if form.email.data != '': if store.email != form.email.data.lower(): if Store.objects.filter( email=form.email.data.lower()).first(): error = "Email already exists" else: form.email.data = form.email.data.lower() if not error: form.populate_obj(store) if stimage_ts: store.store_image = stimage_ts if image_ts: store.qr_image = image_ts store.save() if not message: message = "Store updated" return redirect( url_for('store_app.store_front', storecode=store.storecode)) return render_template('store/edit.html', form=form, store=store) else: abort(404)
async def profile_edit() -> Union[str, "Response"]: error: str = "" csrf_token: uuid.UUID = uuid.uuid4() # grab the user's details conn = current_app.dbc profile_user = await get_user_by_username(conn, session["username"]) if request.method == "GET": session["csrf_token"] = str(csrf_token) if request.method == "POST": form: dict = await request.form form_username = form.get("username", "") if not form_username: error = "Please enter username" if (session.get("csrf_token") != form.get("csrf_token") and not current_app.testing): error = "Invalid POST contents" # check if the username exists if username changed if not error and session["username"] != form_username: user = await get_user_by_username(conn, form_username) if user and user["id"]: error = "Username already exists" # image upload (skip if testing) changed_image: bool = False if not current_app.testing: files = await request.files profile_image = files.get("profile_image") # if no filename, no file was uploaded if profile_image.filename: filename = (str(uuid.uuid4()) + "-" + secure_filename(profile_image.filename)) file_path = os.path.join(UPLOAD_FOLDER, filename) profile_image.save(file_path) image_uid = thumbnail_process(file_path, "user", str(profile_user["id"])) changed_image = True # edit the profile if not error: if not current_app.testing: del session["csrf_token"] profile_user["username"] = form_username if changed_image: profile_user["image"] = image_uid # delete the profile image_urls before updating del profile_user["image_url_raw"] del profile_user["image_url_xlg"] del profile_user["image_url_lg"] del profile_user["image_url_sm"] user_update = user_table.update( user_table.c.id == profile_user["id"]).values(profile_user) await conn.execute(query=user_update) # update session with new username session["username"] = form_username # update session await flash("Profile edited") return redirect( url_for(".profile", username=profile_user["username"])) else: session["csrf_token"] = str(csrf_token) return await render_template( "user/profile_edit.html", error=error, profile_user=profile_user, csrf_token=csrf_token, )
async def profile_edit() -> Union[str, "Response"]: error: str = "" csrf_token: uuid.UUID = uuid.uuid4() # grab the user's details profile_user = await User().get_user(username=session["username"]) if request.method == "GET": session["csrf_token"] = str(csrf_token) if request.method == "POST": form: dict = await request.form form_username = form.get("username", "") form_password = form.get("password", "") if not form_username: error = "Please enter username" if (session.get("csrf_token") != form.get("csrf_token") and not current_app.testing): error = "Invalid POST contents" # check if the username exists if username changed if not error and session["username"] != form_username: user = await User().get_user(username=form_username) if user and user.uid: error = "Username already exists" # update password if profile_user and not error and form_password: profile_user.password = form_password # image upload (skip if testing) changed_image: bool = False if profile_user and not current_app.testing: files = await request.files profile_image = files.get("profile_image") # if there's a profile_image, new file was uploaded if profile_image and profile_image.filename: filename = (str(uuid.uuid4()) + "-" + secure_filename(profile_image.filename)) file_path = os.path.join(UPLOAD_FOLDER, filename) await profile_image.save(file_path) image_uid = thumbnail_process(file_path, "user", str(profile_user.uid)) changed_image = True # edit the profile if profile_user and not error: if not current_app.testing: del session["csrf_token"] profile_user.username = form_username if changed_image: profile_user.image = image_uid # update the user await profile_user.save() # update session with new username session["username"] = form_username # update session await flash("Profile edited") return redirect(url_for(".profile", username=profile_user.username)) else: session["csrf_token"] = str(csrf_token) return await render_template( "user/profile_edit.html", error=error, profile_user=profile_user, csrf_token=csrf_token, )