def register(): title = 'Create an account' if current_user.is_authenticated: return redirect(url_for('main.index')) form = RegistrationForm() if form.validate_on_submit(): email = form.email.data.lower() hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') master_key = generate_pswrd(length=32, special=False) encrypted_master_key = encrypt(get_key(form.password.data), master_key) user = User(email=email, password=hashed_password, master_key=encrypted_master_key) try: send_activation_email(user) flash('Account created! Verification link has been sent to your email.', 'success') except SMTPRecipientsRefused: flash('Entered email address is invalid!', 'danger') return redirect(url_for('account.register')) except: user.activated = True flash('Account created! You can now log in.', 'success') db.session.add(user) db.session.commit() return redirect(url_for('account.login')) return render_template('account/register.html', title=title, form=form)
def account_settings(): title = 'Account Settings' # Check if 2fa is enabled for current user if current_user.otp_secret is None: tfa = False else: tfa = True form = UpdateAccountForm() if form.validate_on_submit(): if bcrypt.check_password_hash(current_user.password.encode(), form.current_password.data): if form.email.data != current_user.email: current_user.email = form.email.data current_user.activated = False send_activation_email(current_user) flash('Email address has been changed. Please check your email for the verification link.', 'success') if form.new_password.data: current_user.password = bcrypt.generate_password_hash(form.new_password.data) current_user.master_key = encrypt(get_key(form.new_password.data), session['master_key']) flash('Password has been updated.', 'success') db.session.commit() return redirect(url_for('account.account_settings')) elif request.method == 'GET': form.email.data = current_user.email return render_template('account/account_settings.html', title=title, form=form, tfa=tfa)
def account_settings(): title = 'Account Settings' form = UpdateAccountForm() if form.validate_on_submit(): if bcrypt.check_password_hash(current_user.password, form.current_password.data): if form.email.data != current_user.email: current_user.email = form.email.data current_user.activated = False send_activation_email(current_user) flash( 'Email address has been changed. Please check your email for the verification link.' ) if form.new_password.data: current_user.password = bcrypt.generate_password_hash( form.new_password.data).decode('utf-8') flash('Password has been updated.') db.session.commit() return redirect(url_for('account.account_settings')) elif request.method == 'GET': form.email.data = current_user.email return render_template('account/account_settings.html', title=title, form=form)
def resend_activation_link(email): user = User.query.filter_by(email=email).first() if user: send_activation_email(user) flash('Verification link has been sent to your email.', 'success') else: flash('Something went wrong. Try again.', 'danger') return redirect(url_for('account.login'))