def email_confirm(code): email, email_exists = get_row(""" UPDATE email_confirm SET opened = current_timestamp WHERE code = %s RETURNING email, (SELECT EXISTS (SELECT 1 FROM zerosum_user WHERE email=email_confirm.email AND is_active)) """, [code]) if email_exists: flash('A user with this email address already exists. Please log in!', 'warning') return redirect(url_for('login')) form = forms.RegisterForm(email=email) form.email.kwargs = dict(readonly=True) if form.validate_on_submit(): assert form.email.data == email user = User(get_or_create_user(email)) user.set_password(request.form['password']) flash('Created new user!', 'success') login_user(user) return redirect(url_for('home')) else: return render_template('register.html', form=form)
def send_owe_mail(owe_id): owe = get_row(""" SELECT owe.*, creditor.email AS creditor_email, creditor.name AS creditor_name, creditor.is_active, debitor.name AS debitor_name FROM owe JOIN zerosum_user creditor ON (creditor_id = creditor.user_id) JOIN zerosum_user debitor ON (debitor_id = debitor.user_id) WHERE owe_id = %s """, [owe_id]) send_mail('mails/new_owe.txt', owe.creditor_email, confirm_code=lambda: confirm_code(owe.creditor_email), **owe._asdict())
def login(): if request.method == 'POST': login = request.form['login'] password = request.form['password'] # get user try: db_user = db.get_row("SELECT * FROM zerosum_user WHERE email = %s", [login]) user = User(db_user) if user.check_password(password): login_user(user) return redirect(url_for('home')) except db.NoResult: pass flash('Email/password do not match or no user with this email exists', 'error') return render_template('login.html')