def login():
if current_user is not None and current_user.is_authenticated():
return redirect(url_for('index'))
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
login_user(user)
PasswordManager.set_session_pwdh(form.password.data)
return redirect(url_for('index'))
else:
return render_template("login.html", form=form)
def settings():
form = SettingsForm(request.form)
if form.validate_on_submit():
if form.newpassword.data and form.oldpassword.data and form.repeat.data:
# Handling the decryption and re-encryption of the passwords in case of a password change
new_pwdh = PasswordManager.generate_pwdh_from_password(form.newpassword.data)
for device in Device.query.all():
# Decrypts the password using the session pwdh and encrypts it with the new pwdh (not in session)
device.password = PasswordManager.encrypt_string(device.decrypt_password(), new_pwdh)
device.save(encrypt=False) # The password is already encrypted
PasswordManager.set_session_pwdh(form.newpassword.data)
current_user.set_password(form.newpassword.data)
current_user.save()
flash("Successfully set new password", "info")
return redirect(url_for('settings'))
else:
return render_template("settings.html", form=form, active_page="settings")