def login():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
if len(email) is 0 or len(password) is 0:
flash("Please provide an email address and a password")
return render_template("index.html")
is_valid = dbOps.validate_login_credentials(email, encrypt(password))
user = dbOps.get_user_by_email(email)
if is_valid:
if dbOps.is_user_account_activated(email):
session['logged_in'] = True
session['user_id'] = user.user_id
session.permanent = True
app.permanent_session_lifetime = timedelta(minutes=20)
return redirect(url_for('show_user_page',
user_id=user.user_id))
else:
flash(
"Your account has not been activated yet. Please follow the URL in your email"
)
return render_template("index.html")
else:
flash("invalid login credentials")
return render_template("index.html")
def forgot_password():
if request.method == 'GET':
return render_template('forgot_password.html')
elif request.method == 'POST':
email = request.form['email']
if dbOps.get_user_by_email(email) is None:
flash('The email you entered is not associated with any account. Please verify the email address.', 'danger')
return redirect(url_for('forgot_password'))
else:
token = Token.generate_confirmation_token(email)
recover_password_url = url_for('reset_password', token=token, _external=True)
html = render_template('reset_password.html', recover_password_url=recover_password_url)
subject = "BookSwap - Password Recovery"
mail_manager.send_email(email, subject, html)
flash("An email has been sent to your account, please follow the link to reset your password.", 'success')
return redirect(url_for('index'))
def reset_password():
if request.method == 'GET':
token = request.args.get('token')
return render_template('update_password.html', token=token)
elif request.method == 'POST':
token = request.form['token']
email = Token.confirm_token(token)
new_password = request.form['password']
errors = []
errors.append(validate_password(new_password))
flattened_errors_list = [error for errorSublist in errors for error in errorSublist]
if(len(flattened_errors_list) == 0):
user = dbOps.get_user_by_email(email)
dbOps.edit_user_account(user.user_id, None, encrypt(new_password))
flash("Successfully updated password", 'Success')
return render_template('index.html')
else:
formatted_error = '. '.join(str(error) for error in flattened_errors_list)
flash(formatted_error)
return render_template('update_password.html', token=token)
def forgot_password():
if request.method == 'GET':
return render_template('forgot_password.html')
elif request.method == 'POST':
email = request.form['email']
if dbOps.get_user_by_email(email) is None:
flash(
'The email you entered is not associated with any account. Please verify the email address.',
'danger')
return redirect(url_for('forgot_password'))
else:
token = Token.generate_confirmation_token(email)
recover_password_url = url_for('reset_password',
token=token,
_external=True)
html = render_template('reset_password.html',
recover_password_url=recover_password_url)
subject = "BookSwap - Password Recovery"
mail_manager.send_email(email, subject, html)
flash(
"An email has been sent to your account, please follow the link to reset your password.",
'success')
return redirect(url_for('index'))
def reset_password():
if request.method == 'GET':
token = request.args.get('token')
return render_template('update_password.html', token=token)
elif request.method == 'POST':
token = request.form['token']
email = Token.confirm_token(token)
new_password = request.form['password']
errors = []
errors.append(validate_password(new_password))
flattened_errors_list = [
error for errorSublist in errors for error in errorSublist
]
if (len(flattened_errors_list) == 0):
user = dbOps.get_user_by_email(email)
dbOps.edit_user_account(user.user_id, None, encrypt(new_password))
flash("Successfully updated password", 'Success')
return render_template('index.html')
else:
formatted_error = '. '.join(
str(error) for error in flattened_errors_list)
flash(formatted_error)
return render_template('update_password.html', token=token)
def login():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
if len(email) is 0 or len(password) is 0:
flash("Please provide an email address and a password")
return render_template("index.html")
is_valid = dbOps.validate_login_credentials(email, encrypt(password))
user = dbOps.get_user_by_email(email)
if is_valid:
if dbOps.is_user_account_activated(email):
session['logged_in'] = True
session['user_id'] = user.user_id
session.permanent = True
app.permanent_session_lifetime = timedelta(minutes=20)
return redirect(url_for('show_user_page', user_id=user.user_id))
else:
flash("Your account has not been activated yet. Please follow the URL in your email")
return render_template("index.html")
else:
flash("invalid login credentials")
return render_template("index.html")
