def create(self):
"""
Register a user in the database
"""
pw_hash = auth.hash_password(self.password)
sql = """
insert into Users
(username, password, email, first_name, last_name)
values
(%s, %s, %s, %s, %s)
returning
user_id
"""
data = (self.username, pw_hash, self.email, self.fname, self.lname)
user_id = app.db.exec_query(sql, data, "commit", "returning")
if user_id:
self.user_id = user_id
self.password = pw_hash
logger.debug("Created new user_id: %s | username: %s" % (user_id, self.username))
else:
logger.debug("Failed to create username: %s" % (username))
return user_id
def user_setting_password(username):
"""
GET - Show password change form
POST - Update g.user.password to password hash and change it in database
"""
if g.user.username == username:
form = UserPwForm()
if form.validate_on_submit():
pw_hash = auth.hash_password(request.form['password'])
if pw_hash:
g.user.password = pw_hash
g.user.update()
return redirect(url_for('user_settings', username=g.user.username))
else:
return render_template('user/settings/password.html', username=g.user.username, form=form)
else:
# unauthorized user
return redirect(url_for('user_settings', username=g.user.username))
