def login(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] if len(email) is 0 or len(password) is 0: flash("Please provide an email address and a password") return render_template("index.html") is_valid = dbOps.validate_login_credentials(email, encrypt(password)) user = dbOps.get_user_by_email(email) if is_valid: if dbOps.is_user_account_activated(email): session['logged_in'] = True session['user_id'] = user.user_id session.permanent = True app.permanent_session_lifetime = timedelta(minutes=20) return redirect(url_for('show_user_page', user_id=user.user_id)) else: flash( "Your account has not been activated yet. Please follow the URL in your email" ) return render_template("index.html") else: flash("invalid login credentials") return render_template("index.html")
def forgot_password(): if request.method == 'GET': return render_template('forgot_password.html') elif request.method == 'POST': email = request.form['email'] if dbOps.get_user_by_email(email) is None: flash('The email you entered is not associated with any account. Please verify the email address.', 'danger') return redirect(url_for('forgot_password')) else: token = Token.generate_confirmation_token(email) recover_password_url = url_for('reset_password', token=token, _external=True) html = render_template('reset_password.html', recover_password_url=recover_password_url) subject = "BookSwap - Password Recovery" mail_manager.send_email(email, subject, html) flash("An email has been sent to your account, please follow the link to reset your password.", 'success') return redirect(url_for('index'))
def reset_password(): if request.method == 'GET': token = request.args.get('token') return render_template('update_password.html', token=token) elif request.method == 'POST': token = request.form['token'] email = Token.confirm_token(token) new_password = request.form['password'] errors = [] errors.append(validate_password(new_password)) flattened_errors_list = [error for errorSublist in errors for error in errorSublist] if(len(flattened_errors_list) == 0): user = dbOps.get_user_by_email(email) dbOps.edit_user_account(user.user_id, None, encrypt(new_password)) flash("Successfully updated password", 'Success') return render_template('index.html') else: formatted_error = '. '.join(str(error) for error in flattened_errors_list) flash(formatted_error) return render_template('update_password.html', token=token)
def forgot_password(): if request.method == 'GET': return render_template('forgot_password.html') elif request.method == 'POST': email = request.form['email'] if dbOps.get_user_by_email(email) is None: flash( 'The email you entered is not associated with any account. Please verify the email address.', 'danger') return redirect(url_for('forgot_password')) else: token = Token.generate_confirmation_token(email) recover_password_url = url_for('reset_password', token=token, _external=True) html = render_template('reset_password.html', recover_password_url=recover_password_url) subject = "BookSwap - Password Recovery" mail_manager.send_email(email, subject, html) flash( "An email has been sent to your account, please follow the link to reset your password.", 'success') return redirect(url_for('index'))
def reset_password(): if request.method == 'GET': token = request.args.get('token') return render_template('update_password.html', token=token) elif request.method == 'POST': token = request.form['token'] email = Token.confirm_token(token) new_password = request.form['password'] errors = [] errors.append(validate_password(new_password)) flattened_errors_list = [ error for errorSublist in errors for error in errorSublist ] if (len(flattened_errors_list) == 0): user = dbOps.get_user_by_email(email) dbOps.edit_user_account(user.user_id, None, encrypt(new_password)) flash("Successfully updated password", 'Success') return render_template('index.html') else: formatted_error = '. '.join( str(error) for error in flattened_errors_list) flash(formatted_error) return render_template('update_password.html', token=token)
def login(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] if len(email) is 0 or len(password) is 0: flash("Please provide an email address and a password") return render_template("index.html") is_valid = dbOps.validate_login_credentials(email, encrypt(password)) user = dbOps.get_user_by_email(email) if is_valid: if dbOps.is_user_account_activated(email): session['logged_in'] = True session['user_id'] = user.user_id session.permanent = True app.permanent_session_lifetime = timedelta(minutes=20) return redirect(url_for('show_user_page', user_id=user.user_id)) else: flash("Your account has not been activated yet. Please follow the URL in your email") return render_template("index.html") else: flash("invalid login credentials") return render_template("index.html")