def register(): form = RegisterForm() if form.validate_on_submit(): # ie passes validation # generate a salt (password generation key) salt = bcrypt.gensalt() # encrypt the password using the salt key hashed_password = bcrypt.hashpw(form.password.data, salt) # Create a unique identifier to store in the change_configuration field code = str(uuid.uuid4()) # Create the user object user = User(username=form.username.data, password=hashed_password, email=form.email.data, first_name=form.first_name.data, last_name=form.last_name.data, bio=form.bio.data, change_configuration={ "new_email": form.email.data.lower(), "confirmation_code": code }) # Email verification to the user body_html = render_template('mail/user/register.html', user=user) body_text = render_template('mail/user/register.txt', user=user) email(user.email, 'Welcome to Flaskbook', body_html, body_text) # save the user to the database user.save() return 'User registered' return render_template('user/register.html', form=form)
def register(): form = RegisterForm() if form.validate_on_submit(): salt = gensalt() hashed_password = hashpw(form.password.data.encode('utf8'), salt) code = str(uuid.uuid4()) user = User(username=form.username.data, password=hashed_password, email=form.email.data, first_name=form.first_name.data, last_name=form.last_name.data, change_configuration={ "new_email": form.email.data, "confirmation_code": code }) # email the user body_html = render_template('mail/user/register.html', user=user, host=WEBSITE_ADDRESS) body_text = render_template('mail/user/register.txt', user=user, host=WEBSITE_ADDRESS) email(user.email, "Welcome to the social network", body_html, body_text) user.save() return redirect(url_for('user_app.login')) return render_template('user/register.html', form=form)
def register(): form = RegisterForm() if request.args.get('storecode'): session['temp_storecode'] = request.args.get('storecode') # store storecode in temp_storecode session if form.validate_on_submit(): code = str(uuid.uuid4()) hash_pwd = generate_password_hash(form.password.data) user = User(username=form.username.data, password=hash_pwd, email=form.email.data, change_configuration={ "new_email": form.email.data.lower(), "confirmation_code": code }, email_confirmed=True) if session.get('temp_storecode'): body_html = render_template( 'mail/user/confirm.html', user=user, storecode=session.get('temp_storecode')) body_text = render_template( 'mail/user/confirm.txt', user=user, storecode=session.get('temp_storecode')) else: body_html = render_template('mail/user/confirm_n.html', user=user) body_text = render_template('mail/user/confirm_n.txt', user=user) email(user.email.lower(), "Email confirmation", body_html, body_text) user.save() return redirect( url_for('user_app.awaiting', user_email=form.email.data.lower())) return render_template('user/register.html', form=form)
def forgot(): error = None message = None form = ForgotForm() if form.validate_on_submit(): user = User.objects.filter(email=form.email.data.lower()).first() if user: # create validation code code = str(uuid.uuid4()) user.change_configuration = {'password_reset_code': code} user.save() # email the user body_html = render_template('mail/user/password_reset.html', user=user) body_text = render_template('mail/user/password_reset.txt', user=user) email(user.email, 'Password reset request', body_html, body_text) message = 'You will recieve a password reset email if we find the email in our system' return render_template('user/forgot.html', form=form, error=error, message=message)
def register(): form = RegisterForm() if form.validate_on_submit(): # salt = bcrypt.gensalt() # hashed_password = bcrypt.hashpw(form.password.data, salt) code = str(uuid.uuid4()) password64 = maxx_encode(form.password.data) user = User(username=form.username.data, password=password64, email=form.email.data, first_name=form.first_name.data, last_name=form.last_name.data, change_configuration={ "new_email": form.email.data.lower(), "confirmation_code": code }) # email the user body_html = render_template('mail/user/register.html', user=user) body_text = render_template('mail/user/register.txt', user=user) email(user.email, "Welcome to White History Week", body_html, body_text) user.save() return redirect(url_for('home_app.home')) return render_template('user/register.html', form=form)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() if user: form = EditForm(obj=user) #pre populates form if form.validate_on_submit(): #Check if image is of correct type image_ts = None if request.files.get('image'): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, 'user', filename) form.image.data.save( file_path) #save form image under this path image_ts = str( thumbnail_process(file_path, 'user', str(user.id))) if user.username != form.username.data.lower( ): # check that user has changed own username if User.objects.filter(username=form.username.data.lower( )).first(): # check that username not already taken error = "Username already taken" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if user.email != form.email.data.lower( ): # check that user has changed own email if User.objects.filter(email=form.email.data.lower()).first( ): # check that email not already taken error = "This email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email, by clicking on the link sent to your email" body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], "Please confirm email change", body_html, body_text) user.save() return "User details updated, pending email confirmation" if not error: form.populate_obj(user) #populate form with user object if image_ts: #if image was attached to form user.profile_image = image_ts user.save() if not message: #if user did not edit the email message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: abort(404)
def change_password(): require_current = True error = None form = PasswordResetForm() user = User.objects.filter(username=session.get('username')).first() if not user: abort(404) if request.method == 'POST': if form.validate_on_submit(): if bcrypt.hashpw(form.current_password.data, user.password) == user.password: salt = bcrypt.gensalt() hashed_password = bcrypt.hashpw(form.password.data, salt) user.password = hashed_password user.save() # email the user the confirmation of password change body_html = render_template('mail/user/change_password_confirmation.html') body_text = render_template('mail/user/change_password_confirmation.txt') email(user.email, "Recent Password Change", body_html, body_text) # if user is logged in, log out if session.get('username'): session.pop('username') return redirect(url_for('user_app.password_reset_complete')) else: error = "Incorrect password" return render_template('user/password_reset.html', form=form, require_current=require_current, error=error )
def change_password(): require_current = True error = None form = PasswordResetForm() user = User.objects.filter(username=session.get("username")).first() if not user: abort(404) if request.method == "POST": if form.validate_on_submit(): if bcrypt.hashpw(form.current_password.data, user.password) == user.password: salt = bcrypt.gensalt() hashed_password = bcrypt.hashpw(form.password.data, salt) user.password = hashed_password user.save() body_html = render_template("mail/user/password_change.html", user=user) body_text = render_template("mail/user/password_change.txt", user=user) email(user.email, "Password change request", body_html, body_text) # If user is logged in, log him/her out if session.get("username"): session.pop("username") return redirect(url_for("user_app.password_reset_complete")) else: error = "Incorrect password" return render_template("user/password_reset.html", form=form, require_current=require_current, error=error)
def register(): form = RegisterForm() if form.validate_on_submit(): salt = bcrypt.gensalt() hashed_password = bcrypt.hashpw(form.password.data, salt) code = str(uuid.uuid4()) user = User( username=form.username.data, password=hashed_password, email=form.email.data, first_name=form.first_name.data, last_name=form.last_name.data, change_configuration={ "new_email": form.email.data.lower(), "confirmation_code": code } ) # email the user body_html = render_template('mail/user/register.html', user=user) body_text = render_template('mail/user/register.txt', user=user) email(user.email, "Welcome to Flaskbook", body_html, body_text) user.save() return redirect(url_for('home_app.home')) return render_template('user/register.html', form=form)
def register(): form = RegisterForm() if form.validate_on_submit(): salt = bcrypt.gensalt() hashed_password = bcrypt.hashpw(form.password.data, salt) code = str(uuid.uuid4()) user = User( username=form.username.data, password=hashed_password, email=form.email.data, first_name=form.first_name.data, last_name=form.last_name.data, change_configuration={ "new_email": form.email.data.lower(), "confirmation_code": code } ) # email the user body_html = render_template('mail/user/register.html', user=user) body_text = render_template('mail/user/register.txt', user=user) email(user.email, "Welcome to Flaskbook", body_html, body_text) user.save() return "User registered" return render_template('user/register.html', form=form)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() if user: form = EditForm(obj=user) if form.validate_on_submit(): # check if image image_ts = None if request.files.get('image'): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, 'user', filename) form.image.data.save(file_path) image_ts = str( thumbnail_process(file_path, 'user', str(user.id))) if user.username != form.username.data.lower(): if User.objects.filter( username=form.username.data.lower()).first(): error = "Username already exists" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = "Email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email to complete this change" # email the user body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], "Confirm your new email", body_html, body_text) if not error: form.populate_obj(user) if image_ts: user.profile_image = image_ts user.save() if not message: message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: abort(404)
def edit(): error = None message = None user = User.objects.filter(username=session.get("username")).first() if user: form = EditForm(obj=user) # Prepopulating the form with what's in user if form.validate_on_submit(): # Check if image image_ts = None if request.files.get("image"): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, "user", filename) form.image.data.save(file_path) image_ts = str(thumbnail_process(file_path, "user", str(user.id))) # User changes their username if user.username != form.username.data.lower(): if User.objects.filter(username=form.username.data.lower()).first(): error = "Username already exists" else: session["username"] = form.username.data.lower() form.username.data = form.username.data.lower() # User changes their email if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = "Email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email address \ to complete this change." # email the user body_html = render_template("mail/user/change_email.html", user=user) body_text = render_template("mail/user/change_email.txt", user=user) email(user.change_configuration["new_email"], "Confirm your new email", body_html, body_text) if not error: # Populate database object with form's content form.populate_obj(user) # Add image if it exists if image_ts: user.profile_image = image_ts user.save() if not message: message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: # User wasn't found abort(404)
def add_friend(to_username): ref = request.referrer logged_user = User.objects.filter(username=session.get('username')).first() to_user = User.objects.filter(username=to_username).first() if to_user: rel = Relationship.get_relationship(logged_user, to_user) to_username = to_user.username if rel == "REVERSE_FRIENDS_PENDING": Relationship( from_user=logged_user, to_user=to_user, rel_type=Relationship.FRIENDS, status=Relationship.APPROVED ).save() reverse_rel = Relationship.objects.get( from_user=to_user, to_user=logged_user) reverse_rel.status = Relationship.APPROVED reverse_rel.save() elif rel == None and rel != "REVERSE_BLOCKED": Relationship( from_user=logged_user, to_user=to_user, rel_type=Relationship.FRIENDS, status=Relationship.PENDING ).save() # email the user body_html = render_template( 'mail/relationship/added_friend.html', from_user=logged_user, to_user=to_user, ) body_text = render_template( 'mail/relationship/added_friend.txt', from_user=logged_user, to_user=to_user, ) email(to_user.email, ("%s has requested to be friends") % logged_user.first_name, body_html, body_text) if ref: return redirect(ref) else: return redirect(url_for('user_app.profile', username=to_user.username)) else: abort(404)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() if user: form = EditForm(obj=user) if form.validate_on_submit(): # check if image image_ts = None if request.files.get('image'): filename = secure_filename(form.image.data.filename) file_path = os.path.join(UPLOAD_FOLDER, 'user', filename) form.image.data.save(file_path) image_ts = str(thumbnail_process(file_path, 'user', str(user.id))) if user.username != form.username.data.lower(): if User.objects.filter(username=form.username.data.lower()).first(): error = "Username already exists" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = "Email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email to complete this change" # email the user body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], "Confirm your new email", body_html, body_text) if not error: form.populate_obj(user) if image_ts: user.profile_image = image_ts user.save() if not message: message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message, user=user) else: abort(404)
def add_friend(to_username): ref = request.referrer logged_user = User.objects.filter(username=session.get('username')).first() to_user = User.objects.filter(username=to_username).first() if to_user: rel = Relationship.get_relationship(logged_user, to_user) to_username = to_user.username if rel == "REVERSE_FRIENDS_PENDING": Relationship( from_user=logged_user, to_user=to_user, rel_type=Relationship.FRIENDS, status=Relationship.APPROVED ).save() reverse_rel = Relationship.objects.get( from_user=to_user, to_user=logged_user) reverse_rel.status=Relationship.APPROVED reverse_rel.save() elif rel == None and rel != "REVERSE_BLOCKED": Relationship( from_user=logged_user, to_user=to_user, rel_type=Relationship.FRIENDS, status=Relationship.PENDING ).save() # email the user body_html = render_template( 'mail/relationship/added_friend.html', from_user=logged_user, to_user=to_user, ) body_text = render_template( 'mail/relationship/added_friend.txt', from_user=logged_user, to_user=to_user, ) email(to_user.email, ("%s has requested to be friends") % logged_user.first_name, body_html, body_text) if ref: return redirect(ref) else: return redirect(url_for('user_app.profile', username=to_user.username)) else: abort(404)
def intro(storecode): form = ForgotForm() if form.validate_on_submit(): user_email = form.email.data.lower() body_html = render_template('mail/user/intro.html', storecode=storecode) body_text = render_template('mail/user/intro.txt', storecode=storecode) email(user_email, "Thank you for using Homing Pigeon", body_html, body_text) return render_template('home/welcome.html', user_email=user_email, storecode=storecode) return render_template('home/to_email.html', form=form, storecode=storecode)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() if user: form = EditForm(obj=user) if form.validate_on_submit(): if user.username != form.username.data.lower(): if User.objects.filter( username=form.username.data.lower()).first(): error = "Username already exists" else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = "Email already exists" else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email to complete this change" # email the user body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], "Confirm your new email", body_html, body_text) if not error: form.populate_obj(user) user.save() if not message: message = "Profile updated" return render_template("user/edit.html", form=form, error=error, message=message) else: abort(404)
def add_friend(to_username): ref = request.referrer logged_user = User.objects.filter(username=session.get("username")).first() to_user = User.objects.filter(username=to_username).first() if to_user: rel = Relationship.get_relationship(logged_user, to_user) to_username = to_user.username if rel == "REVERSE_FRIENDS_PENDING": # Person has requested you a friendship and waiting on you Relationship(from_user=logged_user, to_user=to_user, rel_type=Relationship.FRIENDS, status=Relationship.APPROVED).save() reverse_rel = Relationship.objects.get(from_user=to_user, to_user=logged_user) reverse_rel.status = Relationship.APPROVED reverse_rel.save() elif rel == None and rel != "REVERSE_BLOCKED": Relationship(from_user=logged_user, to_user=to_user, rel_type=Relationship.FRIENDS, status=Relationship.PENDING).save() # Email the user body_html = render_template( "mail/relationship/added_friend.html", from_user=logged_user, to_user=to_user, ) body_text = render_template( "mail/relationship/added_friend.txt", from_user=logged_user, to_user=to_user, ) email( to_user.email, "{0} has requested to be friends".format( logged_user.first_name), body_html, body_text) if ref: return redirect(ref) else: return redirect( url_for("user_app.profile", username=to_user.username)) else: abort(404)
def forgot(): error = None message = None form = ForgotForm() if form.validate_on_submit(): user = User.objects.filter(email=form.email.data.lower()).first() if user: code = str(uuid.uuid4()) user.change_configuration = { "password_reset_code": code } user.save() # email user code body_html = render_template('mail/user/password_reset.html', user=user) body_text = render_template('mail/user/password_reset.txt', user=user) email(user.email, "Password Reset Request", body_html, body_text) message = "You will receive a password reset email" return render_template('user/forgot.html', form=form, error=error, message=message)
def forgot(): error = None message = None form = ForgotForm() if form.validate_on_submit(): user = User.objects.filter(email=form.email.data.lower()).first() if user: code = str(uuid.uuid4()) user.change_configuration={ "password_reset_code": code } user.save() # email the user body_html = render_template('mail/user/password_reset.html', user=user) body_text = render_template('mail/user/password_reset.txt', user=user) email(user.email, "Password reset request", body_html, body_text) message = "You will receive a password reset email if we find that email in our system" return render_template('user/forgot.html', form=form, error=error, message=message)
def forgot(): error = None message = None form = ForgotForm() if form.validate_on_submit(): user = User.objects.filter(email=form.email.data.lower()).first() if user: code = str(uuid.uuid4()) user.change_configuration = { "password_reset_code": code } user.save() # Email the code to the user body_html = render_template("mail/user/password_reset.html", user=user) body_text = render_template("mail/user/password_reset.txt", user=user) email(user.email, "Password reset request", body_html, body_text) message = "You will receive a password reset email if we find that \ email in our system" return render_template("user/forgot.html", form=form, error=error, message=message)
def forgotPassword(): error = None message = None form = ForgotPasswordForm() if form.validate_on_submit(): user = User.objects.filter(email=form.email.data.lower()).first() if user: code = str(uuid.uuid4()) user.change_configuration = {"password_reset_code": code} user.save() #Email to user body_html = render_template('mail/user/password_reset.html', user=user) body_text = render_template('mail/user/password_reset.txt', user=user) email(user.email, "Password reset request from Cloudbook", body_html, body_text) message = "Password reset request has been sent to your email address" return render_template('user/forgotPassword.html', form=form, error=error, message=message)
def add_friend(to_username): ref = request.referrer logged_user = User.objects.filter(username=session.get('username')).first() fetchNotifications(logged_user) toUser = User.objects.filter(username=to_username).first() if toUser: rel = Relationship.get_relationship(logged_user, toUser) to_username = toUser.username if rel == "REVERSE_FRIENDS_PENDING": Relationship(fromUser=logged_user, toUser=toUser, rel_type=Relationship.FRIENDS, status=Relationship.APPROVED).save() reverse_rel = Relationship.objects.get(fromUser=toUser, toUser=logged_user) reverse_rel.status = Relationship.APPROVED reverse_rel.save() notification = Notification.objects.filter( fromUser=toUser.username, toUser=logged_user.username).first() if notification != None: nlist = session.get('notifications') nlist.remove(notification) session['notifications'] = nlist notification.delete() elif rel == None and rel != "REVERSE_BLOCKED": Relationship(fromUser=logged_user, toUser=toUser, rel_type=Relationship.FRIENDS, status=Relationship.PENDING).save() body_html = render_template('mail/relationship/added_friend.html', fromUser=logged_user, toUser=toUser, host=WEBSITE_ADDRESS) body_text = render_template('mail/relationship/added_friend.txt', fromUser=logged_user, toUser=toUser, host=WEBSITE_ADDRESS) email(toUser.email, ("%s has requested to be friends") % logged_user.first_name, body_html, body_text) notification = Notification(fromUser=logged_user.username, toUser=toUser.username, notificationType="request") notification.save() if ref: return redirect(ref) else: return redirect( url_for('user_app.profile', username=toUser.username)) else: abort(404)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() # If the user was found if user: # obj=user is wtfform special usage thta prfills the form with user object form = EditForm(obj=user) if form.validate_on_submit(): # Check to see if username is changing # also the case may have changes so potetially give a false positive # therefore set username lower case. if user.username != form.username.data.lower(): # Check to see if username already exists if User.objects.filter( username=form.username.data.lower()).first(): error = 'Username already exists' else: # set the session to that of the username(lowercase) session['username'] = form.username.data.lower() # set the username in the form to lowercase form.username.data = form.username.data.lower() # Check if the email has chanmged if user.email != form.email.data: # The email has changed but check that it doesnt already exist if User.objects.filter(email=form.email.data.lower()).first(): error = 'email already exists' else: # email has changed but does not already exist # sent verification email code = str(uuid.uuid4()) user.change_configuration = { 'new_email': form.email.data.lower(), 'confirmation_code': code } #set the email confirmation to false user.email_confirmed = False # Change the form email to the old email otherwise the new email # will be changed without the confirmation form.email.data = user.email message = 'You will need to confirm the new email to complete this change' # Email the user body_html = render_template('mail/user/change_email.html', user=user) body_text = render_template('mail/user/change_email.txt', user=user) email(user.change_configuration['new_email'], 'Confirm your new email', body_html, body_text) # If there are no errors Populate the user object with the new info if not error: # use a WTForm specuial usage to populate the user obj and # save (rather UPDATE) to DB form.populate_obj(user) user.save() # The new email has been confirmed if not message: message = 'Profile updated' return render_template('user/edit.html', form=form, error=error, message=message) else: # No user found abort(404)
def edit(): error = None message = None user = User.objects.filter(username=session.get('username')).first() formModalMessage = PrivateMessageForm() if user: form = EditForm(obj=user) fetchNotifications(user) if form.validate_on_submit(): # check if image image_ts = None if request.files.get('image'): filename = secure_filename(form.image.data.filename) file_path = "images/user/" + str(uuid.uuid4()) + filename file_pathB = "static/" + file_path form.image.data.save(file_pathB) image_ts = str(file_path) print(image_ts) # check if new username if user.username != form.username.data.lower(): if User.objects.filter( username=form.username.data.lower()).first(): error = 'Username already exists' else: session['username'] = form.username.data.lower() form.username.data = form.username.data.lower() # check if new email if user.email != form.email.data.lower(): if User.objects.filter(email=form.email.data.lower()).first(): error = 'Email already exists' else: code = str(uuid.uuid4()) user.change_configuration = { "new_email": form.email.data.lower(), "confirmation_code": code } user.email_confirmed = False form.email.data = user.email message = "You will need to confirm the new email to complete this change" # email the user body_html = render_template('mail/user/change_email.html', user=user, host=WEBSITE_ADDRESS) body_text = render_template('mail/user/change_email.txt', user=user, host=WEBSITE_ADDRESS) email(user.change_configuration['new_email'], "Confirm your new email", body_html, body_text) if not error: form.populate_obj(user) if image_ts: user.profile_image = image_ts print("image_ts") print(image_ts) user.save() if not message: message = "Profile updated" return render_template('user/edit.html', form=form, error=error, message=message, user=user, formModalMessage=formModalMessage) else: abort(404)