def login():
form = LoginForm(next=request.args.get('next'))
if form.validate_on_submit():
u = User.find_by_identity(request.form.get('studentemail'))
#u = User.query.filter(request.form.get('studentemail'))
print(request.form.get('studentemail'))
if u:
##if u and u.authenticated(password=request.form.get('password')):
# As you can see remember me is always enabled, this was a design
# decision I made because more often than not users want this
# enabled. This allows for a less complicated login form.
#
# If however you want them to be able to select whether or not they
# should remain logged in then perform the following 3 steps:
# 1) Replace 'True' below with: request.form.get('remember', False)
# 2) Uncomment the 'remember' field in user/forms.py#LoginForm
# 3) Add a checkbox to the login form with the id/name 'remember'
if login_user(u, remember=True) and u.is_active():
u.update_activity_tracking(request.remote_addr)
# Handle optionally redirecting to the next URL safely.
next_url = request.form.get('next')
if next_url:
return redirect(safe_next_url(next_url))
return redirect(url_for('portal.portal_page'))
else:
flash('This account has been disabled.', 'error')
else:
flash('Identity or password is incorrect.', 'error')
return render_template('user/login.html', form=form)
def users_bulk_delete():
form = BulkDeleteForm()
if form.validate_on_submit():
ids = User.get_bulk_action_ids(request.form.get('scope'),
request.form.getlist('bulk_ids'),
omit_ids=[current_user.id],
query=request.args.get('q', ''))
delete_count = User.bulk_delete(ids)
flash('{0} user(s) were scheduled to be deleted.'.format(delete_count),
'success')
else:
flash('No users were deleted, something went wrong.', 'error')
return redirect(url_for('admin.users'))
def seed():
"""
Seed the database with an initial user.
:return: User instance
"""
if User.find_by_identity(app.config['SEED_ADMIN_EMAIL']) is not None:
return None
params = {
'role': 'admin',
'first_name': app.config['SEED_ADMIN_FIRST_NAME'],
'student_number': app.config['SEED_ADMIN_STUDENT_NUMBER'],
'email': app.config['SEED_ADMIN_EMAIL']
}
return User(**params).save()
def users(page):
search_form = SearchForm()
bulk_form = BulkDeleteForm()
scenario_form = BulkChangeScenarioForm()
sort_by = User.sort_by(request.args.get('sort', 'created_on'),
request.args.get('direction', 'desc'))
order_values = '{0} {1}'.format(sort_by[0], sort_by[1])
paginated_users = User.query \
.filter(User.search(request.args.get('q', ''))) \
.order_by(User.role.asc(), text(order_values)) \
.paginate(page, 50, True)
return render_template('admin/user/index.html',
form=search_form,
bulk_form=bulk_form,
users=paginated_users,
scenario_form=scenario_form)
def begin_password_reset():
form = BeginPasswordResetForm()
if form.validate_on_submit():
u = User.initialize_password_reset(request.form.get('identity'))
flash('An email has been sent to {0}.'.format(u.email), 'success')
return redirect(url_for('user.login'))
return render_template('user/begin_password_reset.html', form=form)
def password_reset():
form = PasswordResetForm(reset_token=request.args.get('reset_token'))
if form.validate_on_submit():
u = User.deserialize_token(request.form.get('reset_token'))
if u is None:
flash('Your reset token has expired or was tampered with.',
'error')
return redirect(url_for('user.begin_password_reset'))
form.populate_obj(u)
u.password = User.encrypt_password(request.form.get('password'))
u.save()
if login_user(u):
flash('Your password has been reset.', 'success')
return redirect(url_for('user.settings'))
return render_template('user/password_reset.html', form=form)
def ensure_identity_exists(form, field):
"""
Ensure an identity exists.
:param form: wtforms Instance
:param field: Field being passed in
:return: None
"""
user = User.find_by_identity(field.data)
if not user:
raise ValidationError('Unable to locate account.')
def signup():
form = SignupForm()
if form.validate_on_submit():
u = User()
form.populate_obj(u)
if form.money.data == 100:
u.supplement = False
else:
u.supplement = True
##u.password = User.encrypt_password(request.form.get('password'))
u.save()
room_id = app.config["SPARK_BOT_ROOM_ID"]
message = " 👶 " + u.first_name + " (Student #" + str(
u.student_number) + ") has created a new account with $" + str(
u.money) + " to start.\n"
send_message_to_room(room_id, message)
if login_user(u):
##flash('Awesome, thanks for signing up!', 'success')
return redirect(url_for('portal.portal_page'))
return render_template('user/signup.html', form=form)
def update_credentials():
form = UpdateCredentials(current_user, uid=current_user.id)
if form.validate_on_submit():
new_password = request.form.get('password', '')
current_user.email = request.form.get('email')
if new_password:
current_user.password = User.encrypt_password(new_password)
current_user.save()
flash('Your sign in settings have been updated.', 'success')
return redirect(url_for('user.settings'))
return render_template('user/update_credentials.html', form=form)
def users_edit(id):
user = User.query.get(id)
form = UserForm(obj=user)
if form.validate_on_submit():
if User.is_last_admin(user, request.form.get('role'),
request.form.get('active')):
flash('You are the last admin, you cannot do that.', 'error')
return redirect(url_for('admin.users'))
form.populate_obj(user)
##if not user.username:
## user.username = None
user.save()
flash('User has been saved successfully.', 'success')
return redirect(url_for('admin.users'))
return render_template('admin/user/edit.html', form=form, user=user)