def send_reset_email(user):
reset_user = User(username=user["username"],
email=user["email"],
password=user["password"],
profile_pic=user["profile_pic"])
token = reset_user.get_reset_token()
port = 587 # For starttls
smtp_server = "smtp.gmail.com"
sender_email = os.environ.get("MAIL_USERNAME")
receiver_email = user["email"]
password = os.environ.get("MAIL_PASSWORD")
message = f"""\
Subject: Password Reset Request
To reset your password, visit the following link:
{url_for('reset_token', token=token, _external=True)}
If you did not make this request then simply ignore this email and no changes will be made."""
# Create a secure SSL context
context = ssl.create_default_context()
# Try to log in to server and send email
try:
server = smtplib.SMTP(smtp_server, port)
server.starttls(context=context) # Secure the connection
server.login(sender_email, password)
server.sendmail(sender_email, receiver_email, message)
except Exception as e:
# Print any error messages to stdout
print(e)
finally:
server.quit()
def home():
"""
Check if a user is signed in and then direct him to his own notes or to the frontpage.
If not signed in You can sign in on the page directly
"""
if current_user.is_authenticated:
return redirect(url_for("my_notes"))
form = LoginForm()
if form.validate_on_submit():
user = mongo.db.users.find_one({"email": form.email.data})
if user and bcrypt.check_password_hash(user["password"],
form.password.data):
user_obj = User(user["username"], user["email"], user["password"],
user["profile_pic"])
login_user(user_obj, remember=form.remember.data)
next_page = request.args.get("next")
return redirect(next_page) if next_page else redirect(
url_for("my_notes"))
else:
flash(
"Login unsuccesful, please check your email and/or password!",
"danger")
posts = mongo.db.posts.find({
"$query": {
"public": True
},
"$orderby": {
"date_posted": -1
}
}).limit(3)
return render_template("index.html", posts=posts, title="Home", form=form)
def home():
'''
Check if a user is signed in and then direct him to his own notes or to the frontpage.
If not signed in You can sign in on the page directly
'''
if current_user.is_authenticated:
return redirect(url_for('my_notes'))
form = LoginForm()
if form.validate_on_submit():
user = mongo.db.users.find_one({'email': form.email.data})
if user and bcrypt.check_password_hash(user['password'],
form.password.data):
user_obj = User(user['username'], user['email'], user['password'],
user['profile_pic'])
login_user(user_obj, remember=form.remember.data)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(
url_for('my_notes'))
else:
flash(
'Login unsuccesful, please check your email and/or password!',
'danger')
posts = mongo.db.posts.find({
'$query': {
'public': True
},
'$orderby': {
'date_posted': -1
}
}).limit(3)
return render_template('index.html', posts=posts, title="Home", form=form)
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for("home"))
user = User.verify_reset_token(token)
if user is None:
flash("That is an invalid or expired token", "warning")
return redirect(url_for("reset_request"))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode("utf-8")
mongo.db.users.update_one({"email": user["email"]},
{"$set": {
"password": hashed_password
}})
flash("Your password has been updated! You are now able to log in",
"success")
return redirect(url_for("login"))
return render_template("reset_token.html",
title="Reset Password",
form=form)
def register():
"""
View to register page and create a user with a hashed password.
It will set a default profile image.
"""
if current_user.is_authenticated:
return redirect(url_for("my_notes"))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode("utf-8")
new_user = User(username=form.username.data,
email=form.email.data,
password=hashed_password,
profile_pic="default.png")
users = mongo.db.users
users.insert_one(new_user.__dict__)
flash(
f"Account for {form.username.data} has been created! You can now log in.",
"success")
return redirect(url_for("login"))
return render_template("register.html", title="Register", form=form)
def register():
'''
View to register page and create a user with a hashed password.
It will set a default profile image.
'''
if current_user.is_authenticated:
return redirect(url_for('my_notes'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
new_user = User(username=form.username.data,
email=form.email.data,
password=hashed_password,
profile_pic='default.png')
users = mongo.db.users
users.insert_one(new_user.__dict__)
flash(
f'Account for {form.username.data} has been created! You can now log in.',
'success')
return redirect(url_for('login'))
return render_template('register.html', title='Register', form=form)
def login():
"""
View to the login page.
Checks if submitted values are correct or it will return an error
"""
if current_user.is_authenticated:
return redirect(url_for("my_notes"))
form = LoginForm()
if form.validate_on_submit():
user = mongo.db.users.find_one({"email": form.email.data})
if user and bcrypt.check_password_hash(user["password"],
form.password.data):
user_obj = User(user["username"], user["email"], user["password"],
user["profile_pic"])
login_user(user_obj, remember=form.remember.data)
next_page = request.args.get("next")
return redirect(next_page) if next_page else redirect(
url_for("my_notes"))
else:
flash(
"Login unsuccesful, please check your email and/or password!",
"danger")
return render_template("login.html", title="Login", form=form)
def login():
'''
View to the login page.
Checks if submitted values are correct or it will return an error
'''
if current_user.is_authenticated:
return redirect(url_for('my_notes'))
form = LoginForm()
if form.validate_on_submit():
user = mongo.db.users.find_one({'email': form.email.data})
if user and bcrypt.check_password_hash(user['password'],
form.password.data):
user_obj = User(user['username'], user['email'], user['password'],
user['profile_pic'])
login_user(user_obj, remember=form.remember.data)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(
url_for('my_notes'))
else:
flash(
'Login unsuccesful, please check your email and/or password!',
'danger')
return render_template('login.html', title='Login', form=form)