def change_pwd(token):
dbm = DataBaseManager()
user_email = dbm.verify_token(token)
field = validate.regex()
password = field.validate(field.password_pattern,
request.form.get("password"))
password_conf = password == request.form.get("password_conf")
err_msg = field.compose_error_message(password, password_conf)
if user_email is None:
return render_template("NewPwd.html", session=True)
else:
if err_msg is not None:
return render_template("NewPwd.html",
session=False,
token=token,
error=err_msg)
pwd_manager = Hash()
salt, hashpwd = pwd_manager.get_salt_hash(password)
stored_pwd = "$" + salt + "$" + hashpwd.decode("utf-8")
dbm.update_new_password(stored_pwd, user_email)
return redirect(url_for('render_gallery'))
def photo_upload():
if 'authorized' in session and session['authorized'] is True:
input_title = request.form.get("title")
input_hashtag = request.form.get("hashtag")
field = validate.regex()
owner = session["user"]
title = field.validate(field.photo_title_pattern, input_title)
hashtag = field.validate(field.photo_hashtag_pattern, input_hashtag)
if not title:
return render_template(
"uploadphoto.html",
up_error=
"Invalid title. Hover cursor over field for requirements.",
title=input_title,
hashtags=input_hashtag)
if not hashtag:
return render_template(
"uploadphoto.html",
up_error=
"Invalid hashtags. Hover cursor over fields for requirements.",
title=input_title,
hashtags=input_hashtag)
file_manager = FileManager()
file = extract_photo_from_request()
if not file or not file_manager.save_file(file):
return render_template("uploadphoto.html",
up_error="Please select a valid file.",
title=input_title,
hashtags=input_hashtag)
saved_files = ImageTransform.make_transformations(
file_manager.last_saved_full_path)
saved_files["original"] = FileManager.extract_filename(
file_manager.last_saved_full_path)
file_manager.save_to_s3(saved_files)
file_manager.delete_file_list(saved_files)
dbm = DataBaseManager()
db_success = dbm.add_photos(owner, title, hashtag, saved_files)
if not db_success:
return render_template(
"uploadphoto.html",
up_error="There was an error. Please try again.",
title=input_title,
hashtags=input_hashtag)
return redirect(url_for('render_gallery'))
return redirect(url_for('index'))
def create_user():
if 'authorized' in session and session['authorized'] is True:
return redirect(url_for("render_gallery"))
input_username = request.form.get("username")
input_first_name = request.form.get("first_name")
input_last_name = request.form.get("last_name")
input_email = request.form.get("email")
input_password = request.form.get("password")
input_password_conf = request.form.get("password_conf")
field = validate.regex()
username = field.validate(field.user_name_pattern, input_username)
first_name = field.validate(field.first_name_pattern, input_first_name)
last_name = field.validate(field.last_name_pattern, input_last_name)
email = field.validate(field.email_pattern, input_email)
password = field.validate(field.password_pattern, input_password)
password_conf = password == input_password_conf
err_msg = compose_error_message(username, first_name, last_name, email,
password, password_conf)
if err_msg is not None:
return render_template("newuser.html",
error=err_msg,
username=input_username,
first_name=input_first_name,
last_name=input_last_name,
email=input_email,
password=input_password,
password_conf=input_password_conf)
pwd_manager = Hash()
salt, hashpwd = pwd_manager.get_salt_hash(password)
stored_pwd = "$" + salt + "$" + hashpwd.decode("utf-8")
dbm = DataBaseManager()
email_already_registered = dbm.email_already_exists(email)
if not email_already_registered:
db_success = dbm.add_user(username, first_name, last_name, email,
stored_pwd)
if db_success:
session['user'] = username
session['authorized'] = True
return redirect(url_for('render_gallery'))
else:
# Getting here means that either there was a database error or the username is already taken.
# Since the user will have to retry anyways, we might as well say there was an error with the
# chosen username
err_msg = ["Username is unavailable."]
return render_template("newuser.html",
error=err_msg,
username=input_username,
first_name=input_first_name,
last_name=input_last_name,
email=input_email,
password=input_password,
password_conf=input_password_conf)
else:
err_msg = ["An account already exists with this Email"]
return render_template("newuser.html",
error=err_msg,
username=username,
first_name=first_name,
last_name=last_name,
email=email,
password=password,
password_conf=password_conf)