def login():
form = LoginForm()
if form.validate_on_submit():
reader = getInstance()
con = DBConnectivity.getConnection(
reader.get('Credential', 'hostname'),
reader.get('Credential', 'username'),
reader.get('Credential', 'passwrod'),
reader.get('Credential', 'database'))
query = "select * from user where Email='" + form.email.data + "'"
cursor = DBConnectivity.getQueryResult(con, query)
user = cursor.fetchone()
if user != None:
hashed_pwd = str(user[3])
if (bcrypt.check_password_hash(hashed_pwd, form.password.data)):
session['logged_in'] = True
session['username'] = user[1]
session['email'] = user[2]
session['image_file'] = user[4]
#flash("You have been logged in", "success")
return redirect(url_for("users.account"))
else:
flash("Invalid Password!!", "danger")
return redirect(url_for("users.login"))
DBConnectivity.closeConnection(con)
else:
flash("User does not exists!", "danger")
return redirect(url_for("users.register"))
DBConnectivity.closeConnection(con)
return render_template("login.html", title="Login", form=form)
def forgot_password_otp_resend():
form = ForgotPassword_Resend_OTP()
if form.validate_on_submit():
reader = getInstance()
con = DBConnectivity.getConnection(
reader.get('Credential', 'hostname'),
reader.get('Credential', 'username'),
reader.get('Credential', 'passwrod'),
reader.get('Credential', 'database'))
query = "select * from user where email='" + form.email.data + "'"
result = DBConnectivity.getQueryResult(con, query).fetchone()
if result != None:
session['email'] = form.email.data
OTP = str(random.randrange(1001, 10000))
session['OTP'] = OTP
subject = "Flask Blog Application"
msg = OTP + " is your One time password (OTP) for Flask Blog Application."
send_email(subject, msg, form.email.data)
return redirect(url_for("users.forgot_password_otp"))
else:
flash("Email Does not exists", "danger")
return redirect(url_for("users.register"))
DBConnectivity.closeConnection(con)
elif request.method == 'GET':
form.email.data = session['email']
return render_template('forgot_password_otp_resend.html', form=form)
def account():
form = UpdateAccountForm()
reader = getInstance()
con = DBConnectivity.getConnection(reader.get('Credential', 'hostname'),
reader.get('Credential', 'username'),
reader.get('Credential', 'passwrod'),
reader.get('Credential', 'database'))
query = "select * from user where username='******'username'] + "'"
user = DBConnectivity.getQueryResult(con, query).fetchone()
if form.validate_on_submit():
query = "select * from user where username='******' and user_id <> " + str(
user[0])
result = DBConnectivity.getQueryResult(con, query).fetchone()
if result == None:
query = "select * from user where email='" + form.email.data + "' and user_id <> " + str(
user[0])
result = DBConnectivity.getQueryResult(con, query).fetchone()
if result == None:
if form.picture.data:
picture_file = save_picture(form.picture.data)
query = "UPDATE USER SET image_file='" + picture_file + "' where user_id=" + str(
user[0])
DBConnectivity.updateDatabase(con, query)
session['image_file'] = picture_file
session['username'] = form.username.data
session['email'] = form.email.data
query = "UPDATE USER SET username='******',email='" + form.email.data + "' where user_id=" + str(
user[0])
DBConnectivity.updateDatabase(con, query)
DBConnectivity.closeConnection(con)
flash("Account has been updated!", "success")
return redirect(url_for("users.account"))
else:
DBConnectivity.closeConnection(con)
flash("Email has already exists!", "danger")
return redirect(url_for("users.account"))
else:
DBConnectivity.closeConnection(con)
flash("Username has already exists!", "danger")
return redirect(url_for("users.account"))
elif request.method == "GET":
form.username.data = session['username']
form.email.data = session['email']
if (user[4] == None):
image_file = url_for('static', filename='profilepics/pubg.jpg')
else:
image_file = url_for('static', filename='profilepics/' + user[4])
DBConnectivity.closeConnection(con)
return render_template('account.html',
title="Account",
image_file=image_file,
form=form)
def forgot_password_change():
form = Password_Change()
if form.validate_on_submit():
reader = getInstance()
con = DBConnectivity.getConnection(
reader.get('Credential', 'hostname'),
reader.get('Credential', 'username'),
reader.get('Credential', 'passwrod'),
reader.get('Credential', 'database'))
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
query = "update user set password='******' where email='" + session[
'email'] + "'"
DBConnectivity.updateDatabase(con, query)
DBConnectivity.closeConnection(con)
subject = "Flask Blog Application"
msg = "Your password has been changed successfully!"
send_email(subject, msg, session['email'])
flash(msg, "success")
return redirect(url_for("users.login"))
return render_template('forgot_password_change.html', form=form)
def register():
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
username = form.username.data
email = form.email.data
query = "select * from user where username='******'"
reader = getInstance()
con = DBConnectivity.getConnection(
reader.get('Credential', 'hostname'),
reader.get('Credential', 'username'),
reader.get('Credential', 'passwrod'),
reader.get('Credential', 'database'))
cursor = DBConnectivity.getQueryResult(con, query)
cursor = cursor.fetchone()
if (cursor == None):
query = "select * from user where email='" + email + "'"
cursor = DBConnectivity.getQueryResult(con, query)
cursor = cursor.fetchone()
if (cursor == None):
query = "insert into user(username,email,password) values('" + username + "','" + email + "','" + hashed_password + "')"
DBConnectivity.updateDatabase(con, query)
flash(f"User has successfully registered!", "success")
DBConnectivity.closeConnection(con)
return redirect(url_for("users.login"))
else:
DBConnectivity.closeConnection(con)
flash(f"Email has already exists!", "danger")
return redirect(url_for("users.register"))
else:
DBConnectivity.closeConnection(con)
flash(f"Username has already exists!", "danger")
return redirect(url_for("users.register"))
return render_template("register.html", title="Registration", form=form)