def email_message():
"""
Redirect user to this to tell them to go check their email
"""
user_id = request.args.get('id')
useraccount = Account.by_id(user_id)
if not useraccount:
message = "There is no user with this account"
return render_template('account/email_message.jade', message=message)
if useraccount.admin:
message = "This operation is not possible for this user type"
return render_template('account/email_message.jade', message=message)
emailsplit = useraccount.email.split("@")
email = emailsplit[0][:3] + "*****@" + emailsplit[1]
flash_success("Your account is being set up. Please see note below.")
message = """Thank you for your request. An email has been sent to %s with
further instructions. If you have not recieved an email in next few minutes
please try <a style='color:#337ab7' href='%s'>resetting your
password</a>.""" % (email, url_for('account.trigger_reset'))
# message_dict = sendhash(useraccount, gettext=True)
# message = str(message_dict) + "<br/><br/><a href='" + message_dict['verifylink'] + "'><h3>Click to Verify</h3></a>"
return render_template('account/email_message.jade', message=message)
def verify():
if request.method == 'GET':
loginhash = request.args.get('login')
if not loginhash:
message = "Invalid URL. Please contact system administrator."
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "This URL is no longer valid. If you have an account, you can reset your password at the " + \
" <a href='" + url_for('account.trigger_reset') + "'>password reset page</a>. Or you can register at \
<a href='" + url_for('account.login') + "'>login page</a>"
return render_template('account/message.jade', message=message)
#request.form.loginhash = {"data":loginhash}
values = {'loginhash': loginhash, "csrf_token": generate_csrf_token()}
return render_template('account/verify.jade', account=account, form_fill=values)
else:
loginhash = request.form.get('loginhash')
if not loginhash:
message = "We cannot find your unique URL"
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "We could not find your account"
return render_template('account/message.jade', message=message)
password1 = request.form.get('password1')
password2 = request.form.get('password2')
# Check if passwords match, return error if not
if password1 != password2:
error = "Your passwords do not match"
return render_template('account/verify.jade', loginhash=loginhash, account=account, error=error)
account.password = generate_password_hash(password1)
#reset that hash but don't send it.
account.reset_loginhash()
account.verified = True
db.session.commit()
flash_success("Password saved and you are now verified. Thank you.")
login_user(account, remember=True)
return redirect(url_for('home.index'))
def verify():
if request.method == 'GET':
loginhash = request.args.get('login')
if not loginhash:
message = "Invalid URL. Please contact system administrator."
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "This URL is no longer valid. If you have an account, you can reset your password at the " + \
" <a href='" + url_for('account.trigger_reset') + "'>password reset page</a>. Or you can register at \
<a href='" + url_for('account.login') + "'>login page</a>"
return render_template('account/message.jade', message=message)
#request.form.loginhash = {"data":loginhash}
values = {'loginhash': loginhash, "csrf_token": generate_csrf_token()}
return render_template('account/verify.jade',
account=account,
form_fill=values)
else:
loginhash = request.form.get('loginhash')
if not loginhash:
message = "We cannot find your unique URL"
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "We could not find your account"
return render_template('account/message.jade', message=message)
password1 = request.form.get('password1')
password2 = request.form.get('password2')
# Check if passwords match, return error if not
if password1 != password2:
error = "Your passwords do not match"
return render_template('account/verify.jade',
loginhash=loginhash,
account=account,
error=error)
account.password = generate_password_hash(password1)
#reset that hash but don't send it.
account.reset_loginhash()
account.verified = True
db.session.commit()
flash_success("Password saved and you are now verified. Thank you.")
login_user(account, remember=True)
return redirect(url_for('home.index'))
def login_perform():
account = Account.by_email(request.form.get('login'))
#if account is not None and account.verified == True:
if account is not None:
if check_password_hash(account.password, request.form.get('password')):
logout_user()
login_user(account, remember=True)
flash_success("Welcome back, " + account.fullname + "!")
return redirect(url_for('home.index'))
flash_error("Incorrect user name or password!")
return login()
def login_perform():
account = Account.by_email(request.form.get('login'))
#if account is not None and account.verified == True:
if account is not None:
if check_password_hash(account.password, request.form.get('password')):
logout_user()
login_user(account, remember=True)
flash_success("Welcome back, " + account.fullname + "!")
return redirect(url_for('home.index'))
flash_error("Incorrect user name or password!")
return login()
def logout():
logout_user()
flash_success("You have been logged out.")
return redirect(url_for('home.index'))
def logout():
logout_user()
flash_success("You have been logged out.")
return redirect(url_for('home.index'))