def auth_confirm(token):
if confirm_token(token):
mail = confirm_token(token)
code = set_user_confirmed(mail)
if code == 201:
return jsonify({"msg": "User successfully confirmed"}), code
else:
return jsonify({"msg": "Oops!"}), 422
else:
return jsonify({"msg":
"Confirmation link invalid or has expired"}), 498
def post(self):
data = request.form
current_user = User.find_by_username(data['username'])
if not current_user:
print('User {} doesn\'t exist'.format(data['username']))
return {
'message': 'User {} doesn\'t exist'.format(data['username'])
}, 401
if current_user.email != confirm_token(data['token']):
print('Invalid token')
return {'message': 'Invalid token'}, 401
if User.verify_hash(data['password'], current_user.password_hash):
current_user.confirmed = True
current_user.save()
access_token = create_access_token(identity=data['username'])
refresh_token = create_refresh_token(identity=data['username'])
return {
'message': 'Logged in as {}'.format(current_user.username),
'access_token': access_token,
'refresh_token': refresh_token
}
else:
print('Wrong credentials')
return {'message': 'Wrong credentials'}, 401
def reset_password(token):
if current_user.is_authenticated:
return redirect(url_for('home.home_page'))
form = ResetPasswordChangeForm()
if form.validate_on_submit():
try:
email = confirm_token(token)
except BaseException:
flash(
'Link resetujący hasło wygasł, lub jest nieprawidłowy!',
'danger')
user = User.objects(email=email).first_or_404()
if user.last_change + timedelta(minutes=30) <= datetime.now():
user.update(password=bcrypt.generate_password_hash(form.password.data))
user.update(last_password_change=datetime.now())
flash(
'Twoje hasło zostało pomyślnie zresetowane!, teraz możesz się zalogować.',
'success')
return redirect(url_for('auth.login'))
else:
flash(
'Hasło można zresetować po upływie 30minut od ostatniej zmiany!',
'warning')
return redirect(url_for('home.home_page'))
return render_template('/auth/resetPassword.html', form=form)
def confirm_email(token):
try:
email = confirm_token(token)
except:
abort(404)
user = User.query.filter_by(mail=email).first_or_404()
user.confirmed = True
db.session.commit()
flash("Your Account has been successfully activated", "Account Activated")
return redirect("/login")
def confirm_account(token):
try:
email = confirm_token(token)
except BaseException:
flash('Link potwierdzający jest nieprawidłowy lub wygasł!.', 'danger')
user = User.objects(email=email).first_or_404()
if user.confirmed:
flash('Twoje konto zostało już wcześniej potwierdzone!', 'info')
else:
user.update(confirmed=True)
flash('Aktywacja konta przebiegła pomyślnie. Dziękujemy!', 'success')
return redirect(url_for('home.home_page'))
def confirm_email(token):
try:
email = confirm_token(token)
except Exception: # FIXME
return {}, HTTPStatus.BAD_REQUEST
user = get_object_or_404(User, (User.username == email))
if user.is_active:
return {'error': 'User is already active'}, HTTPStatus.BAD_REQUEST
else:
user.is_active = True
user.save()
return {}, HTTPStatus.OK
def post(self, confirmToken):
try:
emailp = confirm_token(confirmToken)
except BaseException:
return abort(
403,
description='Token aktywujący wygasł, lub jest niepoprawny!')
# if not emailp: return abort(403, description='Coś poszło nie tak, skontaktuj sie z administratorem serwisu!')
user = User.objects(username='******').first_or_404()
if user.confirmed:
return abort(403, description='To konto zostało już aktywowane.')
else:
user.update(confirmed=True)
return jsonify(
message='Konto zostało pomyślnie aktywowane! Dziękujemy')
def reset_pass(token):
try:
email = confirm_token(token)
except:
abort(404)
if request.method == "POST":
passw = request.form.get("pass")
pwd = request.form.get("pwd")
if isPassword(pwd):
if pwd == passw:
user = User.query.filter_by(mail=email).first_or_404()
user.password = hash_func(pwd)
db.session.commit()
flash("Password Change successful", "Success")
return redirect("/login")
flash("Passwords are not matching", "Error")
flash(
"Password must contain at least one uppercase, one lowercase, one digit, one special and have a minimum length of 8",
"Error")
return render_template("subTemplates/passReset.html", mail=email)
