def register():
title = 'Create an account'
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegistrationForm()
if form.validate_on_submit():
email = form.email.data.lower()
hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
master_key = generate_pswrd(length=32, special=False)
encrypted_master_key = encrypt(get_key(form.password.data), master_key)
user = User(email=email, password=hashed_password, master_key=encrypted_master_key)
try:
send_activation_email(user)
flash('Account created! Verification link has been sent to your email.', 'success')
except SMTPRecipientsRefused:
flash('Entered email address is invalid!', 'danger')
return redirect(url_for('account.register'))
except:
user.activated = True
flash('Account created! You can now log in.', 'success')
db.session.add(user)
db.session.commit()
return redirect(url_for('account.login'))
return render_template('account/register.html', title=title, form=form)
def account_settings():
title = 'Account Settings'
# Check if 2fa is enabled for current user
if current_user.otp_secret is None:
tfa = False
else:
tfa = True
form = UpdateAccountForm()
if form.validate_on_submit():
if bcrypt.check_password_hash(current_user.password.encode(), form.current_password.data):
if form.email.data != current_user.email:
current_user.email = form.email.data
current_user.activated = False
send_activation_email(current_user)
flash('Email address has been changed. Please check your email for the verification link.', 'success')
if form.new_password.data:
current_user.password = bcrypt.generate_password_hash(form.new_password.data)
current_user.master_key = encrypt(get_key(form.new_password.data), session['master_key'])
flash('Password has been updated.', 'success')
db.session.commit()
return redirect(url_for('account.account_settings'))
elif request.method == 'GET':
form.email.data = current_user.email
return render_template('account/account_settings.html', title=title, form=form, tfa=tfa)
def account_settings():
title = 'Account Settings'
form = UpdateAccountForm()
if form.validate_on_submit():
if bcrypt.check_password_hash(current_user.password,
form.current_password.data):
if form.email.data != current_user.email:
current_user.email = form.email.data
current_user.activated = False
send_activation_email(current_user)
flash(
'Email address has been changed. Please check your email for the verification link.'
)
if form.new_password.data:
current_user.password = bcrypt.generate_password_hash(
form.new_password.data).decode('utf-8')
flash('Password has been updated.')
db.session.commit()
return redirect(url_for('account.account_settings'))
elif request.method == 'GET':
form.email.data = current_user.email
return render_template('account/account_settings.html',
title=title,
form=form)
def resend_activation_link(email):
user = User.query.filter_by(email=email).first()
if user:
send_activation_email(user)
flash('Verification link has been sent to your email.', 'success')
else:
flash('Something went wrong. Try again.', 'danger')
return redirect(url_for('account.login'))