def register():
form = OwnerRegister()
error = None
if form.validate_on_submit():
stimage_ts = None
image_ts = None
hash_pwd = generate_password_hash(form.password.data)
if form.code.data == '10726629':
####save store_image#####
if request.files.get('store_image'):
#securing file's name
filename = secure_filename(form.store_image.data.filename)
#pathing
file_path = os.path.join(UPLOAD_FOLDER_IMG, 'store', filename)
#save image to path
form.store_image.data.save(file_path)
#image_ts=image name for img_src function to find images
stimage_ts = str(
thumbnail_process(file_path, 'store',
str(form.storecode.data)))
if request.files.get('owner_image'):
#securing file's name
filename = secure_filename(form.owner_image.data.filename)
#pathing
file_path = os.path.join(UPLOAD_FOLDER_IMG, 'owner', filename)
#save image to path
form.owner_image.data.save(file_path)
#image_ts=image name for img_src function to find images
image_ts = str(
thumbnail_process(file_path, 'owner',
str(form.storecode.data)))
store = Store(username=form.username.data,
password=hash_pwd,
email=form.email.data,
storename=form.storename.data,
storecode=form.storecode.data)
if stimage_ts:
store.store_image = stimage_ts
if image_ts:
store.qr_image = image_ts
store.save()
return redirect(url_for('store_app.login'))
else:
error = 'Wrong code'
return render_template('store/o_register.html', form=form, error=error)
def edit():
error = None
message = None
user = User.objects.filter(username=session.get('username')).first()
if user:
form = EditForm(obj=user) #pre populates form
if form.validate_on_submit():
#Check if image is of correct type
image_ts = None
if request.files.get('image'):
filename = secure_filename(form.image.data.filename)
file_path = os.path.join(UPLOAD_FOLDER, 'user', filename)
form.image.data.save(
file_path) #save form image under this path
image_ts = str(
thumbnail_process(file_path, 'user', str(user.id)))
if user.username != form.username.data.lower(
): # check that user has changed own username
if User.objects.filter(username=form.username.data.lower(
)).first(): # check that username not already taken
error = "Username already taken"
else:
session['username'] = form.username.data.lower()
form.username.data = form.username.data.lower()
if user.email != form.email.data.lower(
): # check that user has changed own email
if User.objects.filter(email=form.email.data.lower()).first(
): # check that email not already taken
error = "This email already exists"
else:
code = str(uuid.uuid4())
user.change_configuration = {
"new_email": form.email.data.lower(),
"confirmation_code": code
}
user.email_confirmed = False
form.email.data = user.email
message = "You will need to confirm the new email, by clicking on the link sent to your email"
body_html = render_template('mail/user/change_email.html',
user=user)
body_text = render_template('mail/user/change_email.txt',
user=user)
email(user.change_configuration['new_email'],
"Please confirm email change", body_html, body_text)
user.save()
return "User details updated, pending email confirmation"
if not error:
form.populate_obj(user) #populate form with user object
if image_ts: #if image was attached to form
user.profile_image = image_ts
user.save()
if not message: #if user did not edit the email
message = "Profile updated"
return render_template("user/edit.html",
form=form,
error=error,
message=message,
user=user)
else:
abort(404)
def edit():
error = None
message = None
user = User.objects.filter(username=session.get("username")).first()
if user:
form = EditForm(obj=user) # Prepopulating the form with what's in user
if form.validate_on_submit():
# Check if image
image_ts = None
if request.files.get("image"):
filename = secure_filename(form.image.data.filename)
file_path = os.path.join(UPLOAD_FOLDER, "user", filename)
form.image.data.save(file_path)
image_ts = str(thumbnail_process(file_path, "user",
str(user.id)))
# User changes their username
if user.username != form.username.data.lower():
if User.objects.filter(username=form.username.data.lower()).first():
error = "Username already exists"
else:
session["username"] = form.username.data.lower()
form.username.data = form.username.data.lower()
# User changes their email
if user.email != form.email.data.lower():
if User.objects.filter(email=form.email.data.lower()).first():
error = "Email already exists"
else:
code = str(uuid.uuid4())
user.change_configuration = {
"new_email": form.email.data.lower(),
"confirmation_code": code
}
user.email_confirmed = False
form.email.data = user.email
message = "You will need to confirm the new email address \
to complete this change."
# email the user
body_html = render_template("mail/user/change_email.html",
user=user)
body_text = render_template("mail/user/change_email.txt",
user=user)
email(user.change_configuration["new_email"],
"Confirm your new email", body_html, body_text)
if not error:
# Populate database object with form's content
form.populate_obj(user)
# Add image if it exists
if image_ts:
user.profile_image = image_ts
user.save()
if not message:
message = "Profile updated"
return render_template("user/edit.html", form=form, error=error,
message=message, user=user)
else: # User wasn't found
abort(404)
def edit():
error = None
message = None
user = User.objects.filter(username=session.get('username')).first()
if user:
form = EditForm(obj=user)
if form.validate_on_submit():
# check if image
image_ts = None
if request.files.get('image'):
filename = secure_filename(form.image.data.filename)
file_path = os.path.join(UPLOAD_FOLDER, 'user', filename)
form.image.data.save(file_path)
image_ts = str(
thumbnail_process(file_path, 'user', str(user.id)))
if user.username != form.username.data.lower():
if User.objects.filter(
username=form.username.data.lower()).first():
error = "Username already exists"
else:
session['username'] = form.username.data.lower()
form.username.data = form.username.data.lower()
if user.email != form.email.data.lower():
if User.objects.filter(email=form.email.data.lower()).first():
error = "Email already exists"
else:
code = str(uuid.uuid4())
user.change_configuration = {
"new_email": form.email.data.lower(),
"confirmation_code": code
}
user.email_confirmed = False
form.email.data = user.email
message = "You will need to confirm the new email to complete this change"
# email the user
body_html = render_template('mail/user/change_email.html',
user=user)
body_text = render_template('mail/user/change_email.txt',
user=user)
email(user.change_configuration['new_email'],
"Confirm your new email", body_html, body_text)
if not error:
form.populate_obj(user)
if image_ts:
user.profile_image = image_ts
user.save()
if not message:
message = "Profile updated"
return render_template("user/edit.html",
form=form,
error=error,
message=message,
user=user)
else:
abort(404)
def edit():
error = None
message = None
user = User.objects.filter(email=session.get('email')).first()
if user:
form = EditForm()
if form.validate_on_submit():
# check if image
image_ts = None
if request.files.get('image'):
if user.profile_image:
sizes = ["sm", "lg", "raw"]
for size in sizes:
filename = '%s.%s.%s.jpg' % (user.id,
user.profile_image, size)
os.remove(
os.path.join(UPLOAD_FOLDER_IMG, 'user', filename))
filename = secure_filename(form.image.data.filename)
file_path = os.path.join(UPLOAD_FOLDER_IMG, 'user', filename)
form.image.data.save(file_path)
image_ts = str(
thumbnail_process(file_path, 'user', str(user.id)))
if user.username != form.username.data.lower():
if User.objects.filter(
username=form.username.data.lower()).first():
error = "Username already exists"
else:
session['username'] = form.username.data.lower()
user.username = form.username.data.lower()
if not error:
if image_ts:
user.profile_image = image_ts
user.first_name = form.first_name.data
user.last_name = form.last_name.data
user.facebook_link = form.facebook_link.data
user.tel = form.tel.data
user.save()
if not message:
message = "Profile updated"
elif request.method == 'GET':
form.username.data = user.username
form.facebook_link.data = user.facebook_link
form.first_name.data = user.first_name
form.last_name.data = user.last_name
form.tel.data = user.tel
return render_template("user/edit.html",
form=form,
error=error,
message=message,
user=user)
else:
abort(404)
def edit():
error = None
message = None
user = User.objects.filter(username=session.get('username')).first()
if user:
form = EditForm(obj=user)
if form.validate_on_submit():
# check if image
image_ts = None
if request.files.get('image'):
filename = secure_filename(form.image.data.filename)
file_path = os.path.join(UPLOAD_FOLDER, 'user', filename)
form.image.data.save(file_path)
image_ts = str(thumbnail_process(file_path, 'user', str(user.id)))
if user.username != form.username.data.lower():
if User.objects.filter(username=form.username.data.lower()).first():
error = "Username already exists"
else:
session['username'] = form.username.data.lower()
form.username.data = form.username.data.lower()
if user.email != form.email.data.lower():
if User.objects.filter(email=form.email.data.lower()).first():
error = "Email already exists"
else:
code = str(uuid.uuid4())
user.change_configuration = {
"new_email": form.email.data.lower(),
"confirmation_code": code
}
user.email_confirmed = False
form.email.data = user.email
message = "You will need to confirm the new email to complete this change"
# email the user
body_html = render_template('mail/user/change_email.html', user=user)
body_text = render_template('mail/user/change_email.txt', user=user)
email(user.change_configuration['new_email'], "Confirm your new email", body_html, body_text)
if not error:
form.populate_obj(user)
if image_ts:
user.profile_image = image_ts
user.save()
if not message:
message = "Profile updated"
return render_template("user/edit.html", form=form, error=error, message=message, user=user)
else:
abort(404)
def edit():
error = None
message = None
store = Store.objects.filter(username=session.get('username')).first()
if store:
form = OwnerBase(obj=store)
if form.validate_on_submit():
#check if there is any image upload
stimage_ts = None
image_ts = None
if request.files.get('store_image'):
if store.store_image:
sizes = ["sm", "lg", "raw"]
for size in sizes:
filename = '%s.%s.%s.jpg' % (store.storecode,
store.store_image, size)
os.remove(
os.path.join(UPLOAD_FOLDER_IMG, 'store', filename))
#securing file's name
filename = secure_filename(form.store_image.data.filename)
#pathing
file_path = os.path.join(UPLOAD_FOLDER_IMG, 'store', filename)
#save image to path
form.store_image.data.save(file_path)
#image_ts=image name for img_src function to find images
stimage_ts = str(
thumbnail_process(file_path, 'store',
str(store.storecode)))
if request.files.get('owner_image'):
if store.qr_image:
sizes = ["sm", "lg", "raw"]
for size in sizes:
filename = '%s.%s.%s.jpg' % (store.storecode,
store.qr_image, size)
os.remove(
os.path.join(UPLOAD_FOLDER_IMG, 'owner', filename))
#securing file's name
filename = secure_filename(form.owner_image.data.filename)
#pathing
file_path = os.path.join(UPLOAD_FOLDER_IMG, 'owner', filename)
#save image to path
form.owner_image.data.save(file_path)
#image_ts=image name for img_src function to find images
image_ts = str(
thumbnail_process(file_path, 'owner',
str(store.storecode)))
##########################################################################
#########check if uesrname and email existed or just in lower case#######
if store.username != form.username.data.lower():
if Store.objects.filter(
username=form.username.data.lower()).first():
error = "Username already exists"
else:
session['username'] = form.username.data.lower()
form.username.data = form.username.data.lower()
if form.email.data != '':
if store.email != form.email.data.lower():
if Store.objects.filter(
email=form.email.data.lower()).first():
error = "Email already exists"
else:
form.email.data = form.email.data.lower()
if not error:
form.populate_obj(store)
if stimage_ts:
store.store_image = stimage_ts
if image_ts:
store.qr_image = image_ts
store.save()
if not message:
message = "Store updated"
return redirect(
url_for('store_app.store_front',
storecode=store.storecode))
return render_template('store/edit.html', form=form, store=store)
else:
abort(404)
async def profile_edit() -> Union[str, "Response"]:
error: str = ""
csrf_token: uuid.UUID = uuid.uuid4()
# grab the user's details
conn = current_app.dbc
profile_user = await get_user_by_username(conn, session["username"])
if request.method == "GET":
session["csrf_token"] = str(csrf_token)
if request.method == "POST":
form: dict = await request.form
form_username = form.get("username", "")
if not form_username:
error = "Please enter username"
if (session.get("csrf_token") != form.get("csrf_token")
and not current_app.testing):
error = "Invalid POST contents"
# check if the username exists if username changed
if not error and session["username"] != form_username:
user = await get_user_by_username(conn, form_username)
if user and user["id"]:
error = "Username already exists"
# image upload (skip if testing)
changed_image: bool = False
if not current_app.testing:
files = await request.files
profile_image = files.get("profile_image")
# if no filename, no file was uploaded
if profile_image.filename:
filename = (str(uuid.uuid4()) + "-" +
secure_filename(profile_image.filename))
file_path = os.path.join(UPLOAD_FOLDER, filename)
profile_image.save(file_path)
image_uid = thumbnail_process(file_path, "user",
str(profile_user["id"]))
changed_image = True
# edit the profile
if not error:
if not current_app.testing:
del session["csrf_token"]
profile_user["username"] = form_username
if changed_image:
profile_user["image"] = image_uid
# delete the profile image_urls before updating
del profile_user["image_url_raw"]
del profile_user["image_url_xlg"]
del profile_user["image_url_lg"]
del profile_user["image_url_sm"]
user_update = user_table.update(
user_table.c.id == profile_user["id"]).values(profile_user)
await conn.execute(query=user_update)
# update session with new username
session["username"] = form_username
# update session
await flash("Profile edited")
return redirect(
url_for(".profile", username=profile_user["username"]))
else:
session["csrf_token"] = str(csrf_token)
return await render_template(
"user/profile_edit.html",
error=error,
profile_user=profile_user,
csrf_token=csrf_token,
)
async def profile_edit() -> Union[str, "Response"]:
error: str = ""
csrf_token: uuid.UUID = uuid.uuid4()
# grab the user's details
profile_user = await User().get_user(username=session["username"])
if request.method == "GET":
session["csrf_token"] = str(csrf_token)
if request.method == "POST":
form: dict = await request.form
form_username = form.get("username", "")
form_password = form.get("password", "")
if not form_username:
error = "Please enter username"
if (session.get("csrf_token") != form.get("csrf_token")
and not current_app.testing):
error = "Invalid POST contents"
# check if the username exists if username changed
if not error and session["username"] != form_username:
user = await User().get_user(username=form_username)
if user and user.uid:
error = "Username already exists"
# update password
if profile_user and not error and form_password:
profile_user.password = form_password
# image upload (skip if testing)
changed_image: bool = False
if profile_user and not current_app.testing:
files = await request.files
profile_image = files.get("profile_image")
# if there's a profile_image, new file was uploaded
if profile_image and profile_image.filename:
filename = (str(uuid.uuid4()) + "-" +
secure_filename(profile_image.filename))
file_path = os.path.join(UPLOAD_FOLDER, filename)
await profile_image.save(file_path)
image_uid = thumbnail_process(file_path, "user",
str(profile_user.uid))
changed_image = True
# edit the profile
if profile_user and not error:
if not current_app.testing:
del session["csrf_token"]
profile_user.username = form_username
if changed_image:
profile_user.image = image_uid
# update the user
await profile_user.save()
# update session with new username
session["username"] = form_username
# update session
await flash("Profile edited")
return redirect(url_for(".profile",
username=profile_user.username))
else:
session["csrf_token"] = str(csrf_token)
return await render_template(
"user/profile_edit.html",
error=error,
profile_user=profile_user,
csrf_token=csrf_token,
)
