def email_pane(): form = EmailUpdateForm(request.form) if request.method == 'POST': if form.validate(): if form.update.data: if current_user.mail == form.mail.data and current_user.mail_verified: flash("This address is already verified with your account.", category="error") return redirect(url_for('settings.email_pane')) current_user.mail = form.mail.data current_user.mail_verified = False current_user.save() send_verification_mail() flash('A verification email has been sent.', category='info') elif form.resend.data: send_verification_mail() flash('A verification email has been sent.', category='info') else: return render_template('settings_email.html', form=form) return redirect(url_for('settings.email_pane')) form.mail.data = current_user.mail if not form.mail.data else form.mail.data return render_template('settings_email.html', settings_panels_structure=settings_panels_structure, form=form, title="Email - Account - Settings")
def email_pane(): form = EmailUpdateForm(request.form) if request.method == "POST": if form.validate(): if form.update.data: if current_user.mail == form.mail.data and current_user.mail_verified: flash("This address is already verified with your account.", category="error") return redirect(url_for("settings.email_pane")) current_user.mail = form.mail.data current_user.mail_verified = False current_user.save() send_verification_mail() flash("A verification email has been sent.", category="info") elif form.resend.data: send_verification_mail() flash("A verification email has been sent.", category="info") else: return render_template("settings_email.html", form=form) return redirect(url_for("settings.email_pane")) form.mail.data = current_user.mail if not form.mail.data else form.mail.data return render_template( "settings_email.html", settings_panels_structure=settings_panels_structure, form=form, title="Email - Account - Settings", )
def tfa_disable(): form = TOTPDisableForm(request.form) if form.validate(): current_user.tfa = False current_user.tfa_method = '' current_user.tfa_secret = '' current_user.tfa_info = '' current_user.save() return redirect(url_for('settings.tfa_pane')), 303
def tfa_disable(): form = TOTPDisableForm(request.form) if form.validate(): current_user.tfa = False current_user.tfa_method = '' current_user.tfa_secret = '' current_user.tfa_info = '' current_user.save() return redirect(url_for('settings.tfa_pane')), 303
def reddit_unlink(): reddit_username = current_user.reddit_username if reddit_username is not None: if get_flair(reddit_username) is not None: r_bot().get_subreddit(subreddit).set_flair(reddit_username) flash("Your flair has been unset on /r/%s." % subreddit, category="success") current_user.reddit_username = None current_user.save() flash("Reddit username successfully unlinked.", category="success") return redirect(url_for("settings.reddit_pane")) else: flash("You must have a username linked to do that.", category="alert") return redirect(url_for("settings.reddit_pane"))
def reddit_unlink(): reddit_username = current_user.reddit_username if reddit_username is not None: if get_flair(reddit_username) is not None: r_bot().get_subreddit(subreddit).set_flair(reddit_username) flash('Your flair has been unset on /r/%s.' % subreddit, category='success') current_user.reddit_username = None current_user.save() flash('Reddit username successfully unlinked.', category='success') return redirect(url_for('settings.reddit_pane')) else: flash('You must have a username linked to do that.', category='alert') return redirect(url_for('settings.reddit_pane'))
def reddit_link(): if request.method == "POST": state = hashlib.md5(os.urandom(24)).hexdigest() link = oauth.get_authorize_url(state, "identity") return redirect("%s" % link) try: oauth.get_access_information(request.args.get("code", "")) reddit_username = oauth.get_me().name current_user.reddit_username = reddit_username current_user.save() flash("Reddit username successfully linked.", category="success") return redirect(url_for("settings.reddit_pane")) except: flash("Unable to link your username. Did you make sure to click accept?", category="alert") return redirect(url_for("settings.reddit_pane"))
def tfa_enable(): form = TOTPSetupForm(request.form) if request.method == "GET": # generate a new secret secret = '' rand = random.SystemRandom() for i in range(30): secret += chr(rand.getrandbits(8)) session['tfa-new-method'] = 'TOTP' session['tfa-new-secret'] = base64.b32encode(secret) elif request.method == "POST" and form.validate(): method = session.get('tfa-new-method', None) if method == 'TOTP': # check code key = binascii.hexlify(base64.b32decode(session['tfa-new-secret'])) ok, drift = accept_totp(format='dec6', key=key, response=form.code.data) if not ok: form.errors['tfa'] = ['Verification error, please try again.'] else: current_user.tfa = True current_user.tfa_method = 'TOTP' current_user.tfa_secret = session['tfa-new-secret'] current_user.tfa_info['drift'] = drift current_user.save() del session['tfa-new-method'] del session['tfa-new-secret'] flash('Two-Factor Authentication enabled', category='success') return redirect(url_for('settings.tfa_pane')), 303 else: abort(401) else: abort(403) text = session['tfa-new-secret'] readable = ' '.join(text[i:i + 4] for i in range(0, len(text), 4)) return render_template( 'settings_tfa_enable.html', settings_panels_structure=settings_panels_structure, secret=readable, form=form, title="TFA - Account - Settings", totp_url=_totp_url(secret=session['tfa-new-secret']))
def reddit_link(): if request.method == 'POST': state = hashlib.md5(os.urandom(24)).hexdigest() link = oauth.get_authorize_url(state, 'identity') return redirect("%s" % link) try: oauth.get_access_information(request.args.get('code', '')) reddit_username = oauth.get_me().name current_user.reddit_username = reddit_username current_user.save() flash('Reddit username successfully linked.', category='success') return redirect(url_for('settings.reddit_pane')) except: flash( 'Unable to link your username. Did you make sure to click accept?', category='alert') return redirect(url_for('settings.reddit_pane'))
def tfa_enable(): form = TOTPSetupForm(request.form) if request.method == "GET": # generate a new secret secret = '' rand = random.SystemRandom() for i in range(30): secret += chr(rand.getrandbits(8)) session['tfa-new-method'] = 'TOTP' session['tfa-new-secret'] = base64.b32encode(secret) elif request.method == "POST" and form.validate(): method = session.get('tfa-new-method', None) if method == 'TOTP': # check code key = binascii.hexlify(base64.b32decode(session['tfa-new-secret'])) ok, drift = accept_totp(format='dec6', key=key, response=form.code.data) if not ok: form.errors['tfa'] = ['Verification error, please try again.'] else: current_user.tfa = True current_user.tfa_method = 'TOTP' current_user.tfa_secret = session['tfa-new-secret'] current_user.tfa_info['drift'] = drift current_user.save() del session['tfa-new-method'] del session['tfa-new-secret'] flash('Two-Factor Authentication enabled', category='success') return redirect(url_for('settings.tfa_pane')), 303 else: abort(401) else: abort(403) text = session['tfa-new-secret'] readable = ' '.join(text[i:i + 4] for i in range(0, len(text), 4)) return render_template('settings_tfa_enable.html', settings_panels_structure=settings_panels_structure, secret=readable, form=form, title="TFA - Account - Settings", totp_url=_totp_url(secret=session['tfa-new-secret']))