def user_create():
error = None
form = UserForm(request.form)
if request.method == 'POST' and form.validate(skip=['threshold']):
username = request.form.get('username')
password = werkzeug.generate_password_hash(request.form.get('password'))
email = request.form.get('email')
fullname = request.form.get('fullname')
user = User.find_one({'username':username})
if user:
error = 'User %s already exists' % username
else:
user = User()
user.update({'username':username, 'password':password, \
'email':email, 'fullname':fullname})
user.validate()
if user.validation_errors:
error = str([k for k in user.validation_errors]) + \
' fields not valid'
else:
user.save()
flash('User %s created.' % username, 'success')
return redirect(url_for('.users_display'))
flash(error, 'error')
return render_template('create_user.html', form=form)
def tsignin():
form = UserForm()
warn = ''
if form.validate_on_submit():
warn = Methods(form.name.data).add_user(form.pwd.data)
return render_template('todo/tsignin.html', form=form, warn=warn)
def post(self):
email = self.get_argument('email', '')
form = UserForm(self.request.arguments)
if not form.validate():
self.render('auth/signup.html', error_message='', form=form)
elif User.exists_email(email):
error_message = '既に存在するメールアドレスです。'
self.render('auth/signup.html', error_message=error_message, form=form)
else:
user = User(**form.data)
user.save()
self.redirect(self.reverse_url('login'))
def user_edit(username):
threshold = range(99)
if request.method == 'POST':
username = request.form.get('username')
if not username:
return "Invalid action"
user = User.find_one({'username':username})
if not user:
return 'User does not exist'
if session['username'] != 'admin' and username != session['username']:
return 'You are not allowed to perform that action'
form = UserForm(request.form)
skip = request.form.get('skip')
active = 'account'
if request.method == 'POST' and form.validate(skip=skip):
if request.form.get('password'):
logging.warn('password received')
active = 'password'
if session['username'] != 'admin':
previous_password = request.form.get('previous_password')
if previous_password:
if werkzeug.check_password_hash(user['password'], previous_password):
pass
else:
return render_template('edit_user.html', form=form, user=user, active=active)
user['password'] = werkzeug.generate_password_hash(request.form.get('password'))
elif request.form.get('email') and request.form.get('fullname'):
logging.warn('email and fullname received')
active = 'account'
user['email'] = request.form.get('email')
user['fullname'] = request.form.get('fullname')
elif request.form.get('copy_labels'):
logging.warn('labels received')
active = 'label'
user['labels'] = eval(request.form.get('copy_labels'))
elif request.form.get('threshold'):
logging.warn('settings received')
active = 'settings'
user['threshold'] = int(request.form.get('threshold'))
if user.validation_errors:
return str([k for k in user.validation_errors]) + ' fields not valid'
user.save()
flash('Information updated for user %s.' % username, 'success')
if form.password.errors:
active = 'password'
return render_template('edit_user.html', form=form, user=user, threshold=threshold, active=active)
def post(self):
email = self.get_argument('email', '')
form = UserForm(self.request.arguments)
if not form.validate():
self.render('auth/signup.html', error_message='', form=form)
elif User.exists_email(email):
error_message = '既に存在するメールアドレスです。'
self.render('auth/signup.html',
error_message=error_message,
form=form)
else:
user = User(**form.data)
user.save()
self.redirect(self.reverse_url('login'))
def add_user():
form = UserForm()
if request.method == 'POST':
data = {'name': request.form['name'], 'email': request.form['email']}
user = UserModel(**data)
db.session.add(user)
db.session.commit()
return redirect(url_for('book.add_book'))
return render_template('add_user.html', form=form)
def tlogin():
form = UserForm() # 表单对象
warn = ''
if form.validate_on_submit(): # 表单提交
user_data = User.objects(user_name=form.name.data).first() # 数据库用户认证
if user_data:
if form.pwd.data == user_data.user_pwd:
login_user(user_data)
return redirect(url_for('test.todo'))
else:
warn = '密码错误'
else:
warn = '用户不存在'
return render_template('todo/tlogin.html',
title="Sign In",
form=form,
warn=warn)
def user_modify():
form = UserForm(request.form)
if 'id' in request.args:
user = db.session.query(User).get(request.args.get('id'))
form = UserForm(obj=user)
if request.method == "GET":
return render_template('user_modify.html', form=form)
elif request.method == "POST":
if form.validate_on_submit():
if form.id.data:
user = db.session.query(User).get(form.id.data)
user.name = form.name.data
user.alias = form.alias.data
user.email = form.email.data
user.role_id = form.role_id.data
if form.delete_date.data:
user.delete_date = form.delete_date.data
else:
user.delete_date = None
db.session.commit()
flash("user modified")
else:
newuser = User(name=form.name.data,
alias=form.alias.data,
email=form.email.data,
password=None,
role_id=form.role_id.data,
avatar=None,
delete_date=None)
db.session.add(newuser)
db.session.commit()
flash("user added")
return redirect(url_for('user_page'))
else:
flash("wrong data")
return render_template('user_modify.html', form=form)
def register(request):
registered = False
flag =1
if request.method == 'POST':
user_form = UserForm(data=request.POST)
profile_form = UserProfileForm(data=request.POST)
User = get_user_model()
if user_form.is_valid() and profile_form.is_valid():
for User in User.objects.filter():
if user_form.cleaned_data['email'] == User.email:
flag =0
user_form.cleaned_data['username'] = "******"
print("This mail address already exists!")
if flag ==1:
user = user_form.save()
print("user saved")
user.set_password(user.password)
user.save()
profile = profile_form.save(commit=False)
profile.user = user
if 'profile_pic' in request.FILES:
print('found it')
profile.profile_pic = request.FILES['profile_pic']
profile.save()
registered = True
else :
print("not-saved")
else:
print(user_form.errors,profile_form.errors)
else:
user_form = UserForm()
profile_form = UserProfileForm()
return render(request,'forms/registration.html',
{'user_form':user_form,
'profile_form':profile_form,
'registered':registered,
'flag':flag})
def get(self):
self.render('auth/signup.html', error_message='', form=UserForm())