def edit_account(user_id):
form = EditAccountForm(request.form)
if not session.get('logged_in'):
return "You are not logged in"
user = dbOps.get_user_by_ID(user_id)
if not user:
return "No user account associated with that user"
if request.method == 'GET':
return render_template("edit_account_page.html", user_id=user_id, form=form)
if request.method == 'POST' and form.validate():
errors = []
new_email = form.email.data
new_pword = form.password.data
if (not new_email) and (not new_pword):
errors += ['Please enter a new email or password']
errors += validate_password(new_pword) + validate_email(new_email)
if dbOps.user_exists(new_email):
flash("Account already exists for this email")
return render_template("edit_account_page.html", user_id=user_id, form=form)
if len(errors) is not 0:
if errors[0] !='field is required':
flash(errors[0])
return render_template("edit_account_page.html", user_id=user_id, form=form)
if new_email:
dbOps.send_verification_email(new_email, mail_manager)
flash("you will receive a confirmation email with an activation URL, to prove that the new email address belongs to you")
dbOps.edit_user_account(user_id, new_email, encrypt(new_pword))
return redirect(url_for('index'))
dbOps.edit_user_account(user_id, new_email, encrypt(new_pword))
flash("Account successfully updated")
return redirect(url_for('show_user_page', user_id=user_id))
else:
flash("Please fix any errors")
return render_template("edit_account_page.html", user_id=user_id, form=form)
def edit_account(user_id):
form = EditAccountForm(request.form)
if not session.get('logged_in'):
return "You are not logged in"
user = dbOps.get_user_by_ID(user_id)
if not user:
return "No user account associated with that user"
if request.method == 'GET':
return render_template("edit_account_page.html",
user_id=user_id,
form=form)
if request.method == 'POST' and form.validate():
errors = []
new_email = form.email.data
new_pword = form.password.data
if (not new_email) and (not new_pword):
errors += ['Please enter a new email or password']
errors += validate_password(new_pword) + validate_email(new_email)
if dbOps.user_exists(new_email):
flash("Account already exists for this email")
return render_template("edit_account_page.html",
user_id=user_id,
form=form)
if len(errors) is not 0:
if errors[0] != 'field is required':
flash(errors[0])
return render_template("edit_account_page.html",
user_id=user_id,
form=form)
if new_email:
dbOps.send_verification_email(new_email, mail_manager)
flash(
"you will receive a confirmation email with an activation URL, to prove that the new email address belongs to you"
)
dbOps.edit_user_account(user_id, new_email, encrypt(new_pword))
return redirect(url_for('index'))
dbOps.edit_user_account(user_id, new_email, encrypt(new_pword))
flash("Account successfully updated")
return redirect(url_for('show_user_page', user_id=user_id))
else:
flash("Please fix any errors")
return render_template("edit_account_page.html",
user_id=user_id,
form=form)
def reset_password():
if request.method == 'GET':
token = request.args.get('token')
return render_template('update_password.html', token=token)
elif request.method == 'POST':
token = request.form['token']
email = Token.confirm_token(token)
new_password = request.form['password']
errors = []
errors.append(validate_password(new_password))
flattened_errors_list = [error for errorSublist in errors for error in errorSublist]
if(len(flattened_errors_list) == 0):
user = dbOps.get_user_by_email(email)
dbOps.edit_user_account(user.user_id, None, encrypt(new_password))
flash("Successfully updated password", 'Success')
return render_template('index.html')
else:
formatted_error = '. '.join(str(error) for error in flattened_errors_list)
flash(formatted_error)
return render_template('update_password.html', token=token)
def reset_password():
if request.method == 'GET':
token = request.args.get('token')
return render_template('update_password.html', token=token)
elif request.method == 'POST':
token = request.form['token']
email = Token.confirm_token(token)
new_password = request.form['password']
errors = []
errors.append(validate_password(new_password))
flattened_errors_list = [
error for errorSublist in errors for error in errorSublist
]
if (len(flattened_errors_list) == 0):
user = dbOps.get_user_by_email(email)
dbOps.edit_user_account(user.user_id, None, encrypt(new_password))
flash("Successfully updated password", 'Success')
return render_template('index.html')
else:
formatted_error = '. '.join(
str(error) for error in flattened_errors_list)
flash(formatted_error)
return render_template('update_password.html', token=token)
