def register():
if not app.config["ALLOW_REGISTER"]:
abort(404)
if request.method == "GET":
return render_template("accounts/register.html", form=RegisterForm())
form = RegisterForm(request.form)
if not form.validate():
return render_template("accounts/register.html", form=form)
if Account.is_username_taken(form.username.data):
return render_template(
"accounts/register.html",
form=form,
error="Username is already taken.",
)
password_hash = \
bcrypt.generate_password_hash(form.password.data).decode("utf-8")
account = Account(
username=form.username.data,
password_hash=password_hash,
role="user",
)
db.session().add(account)
db.session.commit()
login_user(account)
return redirect(url_for("index"))
def register():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password)
db.session.add(user)
db.session.commit()
flash('Account has been created! You are now able to login', 'success')
return redirect(url_for('login'))
return render_template('register.html', title='Register', form=form)
def change_password():
if request.method == "GET":
return redirect(url_for("my_account"))
form = ChangePasswordForm()
if not form.validate():
return jsonify(error_messages=form.errors), 400
if not bcrypt.check_password_hash(current_user.password_hash,
form.current_password.data):
return jsonify(error_messages={
"current_password": ["Current password is incorrect"],
}), 400
current_user.password_hash = \
bcrypt.generate_password_hash(form.new_password.data).decode("utf-8")
db.session().commit()
return ""
def update_account(account_id):
if request.method == "GET":
return redirect(url_for("get_accounts"))
form = EditAccountForm()
if not form.validate():
return jsonify(error_messages=form.errors), 400
account = Account.query.filter_by(id=account_id).first_or_404()
username_duplicate = \
Account.query.filter_by(username=form.username.data).first()
if username_duplicate and username_duplicate.id != account.id:
return jsonify(error_messages={
"username": ["Username is already taken"],
}), 400
account.username = form.username.data
account.role = form.role.data
if form.password.data:
account.password_hash = bcrypt.generate_password_hash(
form.password.data, ).decode("utf-8")
db.session().commit()
return ""
def create_account():
if request.method == "GET":
return redirect(url_for("get_accounts"))
form = EditAccountForm()
if not form.validate():
return jsonify(error_messages=form.errors), 400
if Account.is_username_taken(form.username.data):
return jsonify(error_messages={
"username": ["Username is already taken"],
}), 400
if form.password.data:
password = form.password.data
else:
password = secrets.token_urlsafe(64)
db.session().add(
Account(
username=form.username.data,
role=form.role.data,
password_hash=bcrypt.generate_password_hash(password).decode(
"utf-8"),
))
db.session().commit()
return ""
def hash_password(password_string, salt):
hash_pwd = bcrypt.generate_password_hash(salt + password_string)
return hash_pwd
def hash_value(value: str):
return bcrypt.generate_password_hash(value, 12).decode('utf-8')
def password(self, new_password):
self.password_hash = bcrypt.generate_password_hash(
new_password).decode("utf-8")
def generate_password_hash(password, salt):
hash_pwd = bcrypt.generate_password_hash(salt + password)
return hash_pwd
def password(self, password):
self.password_hashed = bcrypt.generate_password_hash(password).decode(
'utf-8')