def login(): form = LoginForm(next=request.args.get('next')) if form.validate_on_submit(): u = User.find_by_identity(request.form.get('studentemail')) #u = User.query.filter(request.form.get('studentemail')) print(request.form.get('studentemail')) if u: ##if u and u.authenticated(password=request.form.get('password')): # As you can see remember me is always enabled, this was a design # decision I made because more often than not users want this # enabled. This allows for a less complicated login form. # # If however you want them to be able to select whether or not they # should remain logged in then perform the following 3 steps: # 1) Replace 'True' below with: request.form.get('remember', False) # 2) Uncomment the 'remember' field in user/forms.py#LoginForm # 3) Add a checkbox to the login form with the id/name 'remember' if login_user(u, remember=True) and u.is_active(): u.update_activity_tracking(request.remote_addr) # Handle optionally redirecting to the next URL safely. next_url = request.form.get('next') if next_url: return redirect(safe_next_url(next_url)) return redirect(url_for('portal.portal_page')) else: flash('This account has been disabled.', 'error') else: flash('Identity or password is incorrect.', 'error') return render_template('user/login.html', form=form)
def users_bulk_delete(): form = BulkDeleteForm() if form.validate_on_submit(): ids = User.get_bulk_action_ids(request.form.get('scope'), request.form.getlist('bulk_ids'), omit_ids=[current_user.id], query=request.args.get('q', '')) delete_count = User.bulk_delete(ids) flash('{0} user(s) were scheduled to be deleted.'.format(delete_count), 'success') else: flash('No users were deleted, something went wrong.', 'error') return redirect(url_for('admin.users'))
def seed(): """ Seed the database with an initial user. :return: User instance """ if User.find_by_identity(app.config['SEED_ADMIN_EMAIL']) is not None: return None params = { 'role': 'admin', 'first_name': app.config['SEED_ADMIN_FIRST_NAME'], 'student_number': app.config['SEED_ADMIN_STUDENT_NUMBER'], 'email': app.config['SEED_ADMIN_EMAIL'] } return User(**params).save()
def users(page): search_form = SearchForm() bulk_form = BulkDeleteForm() scenario_form = BulkChangeScenarioForm() sort_by = User.sort_by(request.args.get('sort', 'created_on'), request.args.get('direction', 'desc')) order_values = '{0} {1}'.format(sort_by[0], sort_by[1]) paginated_users = User.query \ .filter(User.search(request.args.get('q', ''))) \ .order_by(User.role.asc(), text(order_values)) \ .paginate(page, 50, True) return render_template('admin/user/index.html', form=search_form, bulk_form=bulk_form, users=paginated_users, scenario_form=scenario_form)
def begin_password_reset(): form = BeginPasswordResetForm() if form.validate_on_submit(): u = User.initialize_password_reset(request.form.get('identity')) flash('An email has been sent to {0}.'.format(u.email), 'success') return redirect(url_for('user.login')) return render_template('user/begin_password_reset.html', form=form)
def password_reset(): form = PasswordResetForm(reset_token=request.args.get('reset_token')) if form.validate_on_submit(): u = User.deserialize_token(request.form.get('reset_token')) if u is None: flash('Your reset token has expired or was tampered with.', 'error') return redirect(url_for('user.begin_password_reset')) form.populate_obj(u) u.password = User.encrypt_password(request.form.get('password')) u.save() if login_user(u): flash('Your password has been reset.', 'success') return redirect(url_for('user.settings')) return render_template('user/password_reset.html', form=form)
def ensure_identity_exists(form, field): """ Ensure an identity exists. :param form: wtforms Instance :param field: Field being passed in :return: None """ user = User.find_by_identity(field.data) if not user: raise ValidationError('Unable to locate account.')
def signup(): form = SignupForm() if form.validate_on_submit(): u = User() form.populate_obj(u) if form.money.data == 100: u.supplement = False else: u.supplement = True ##u.password = User.encrypt_password(request.form.get('password')) u.save() room_id = app.config["SPARK_BOT_ROOM_ID"] message = " 👶 " + u.first_name + " (Student #" + str( u.student_number) + ") has created a new account with $" + str( u.money) + " to start.\n" send_message_to_room(room_id, message) if login_user(u): ##flash('Awesome, thanks for signing up!', 'success') return redirect(url_for('portal.portal_page')) return render_template('user/signup.html', form=form)
def update_credentials(): form = UpdateCredentials(current_user, uid=current_user.id) if form.validate_on_submit(): new_password = request.form.get('password', '') current_user.email = request.form.get('email') if new_password: current_user.password = User.encrypt_password(new_password) current_user.save() flash('Your sign in settings have been updated.', 'success') return redirect(url_for('user.settings')) return render_template('user/update_credentials.html', form=form)
def users_edit(id): user = User.query.get(id) form = UserForm(obj=user) if form.validate_on_submit(): if User.is_last_admin(user, request.form.get('role'), request.form.get('active')): flash('You are the last admin, you cannot do that.', 'error') return redirect(url_for('admin.users')) form.populate_obj(user) ##if not user.username: ## user.username = None user.save() flash('User has been saved successfully.', 'success') return redirect(url_for('admin.users')) return render_template('admin/user/edit.html', form=form, user=user)