def change_password():
if( request.method == "POST"):
form = ChangePasswordForm( request.form)
if( form.validate()):
current_user.set_password( form.password1.data)
flash( "Your password was changed successfully.", "success")
return redirect( "/")
else:
form = ChangePasswordForm()
return render_template( "auth/change_password.html", **locals())
def changePasswordView(request):
if request.method == 'POST':
form = ChangePasswordForm(user=request.user, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('logouturl'))
else:
form = ChangePasswordForm(user=request.user)
context_dict = {
'form': form,
}
return render(request, 'common/changepassword.html', context_dict)
def change_password(request):
if request.method == 'POST':
form = ChangePasswordForm(user=request.user, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('accounts:logout'))
else:
form = ChangePasswordForm(user=request.user)
kwargs = {
'form': form,
'request': request,
}
return render(request, 'accounts/change_password.html', kwargs)
def change_password(request):
redirect_url = reverse("account.views.home")
if request.method == "POST":
form = ChangePasswordForm(user=request.user, data=request.POST)
if form.is_valid():
form.save(commit=True)
return redirect(redirect_url)
else:
form = ChangePasswordForm(user=request.user)
breadcrumb = [{"name": u"首页", "url": "/"}, {'name': u'修改密码'}]
return render_template("change_password.html", request, form=form, breadcrumb=breadcrumb)
def changepassword(request):
if request.method == 'POST':
form = ChangePasswordForm(user=request.user, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect('/accounts/logout/')
else:
form = ChangePasswordForm(user=request.user)
return render_to_response('index.html',{
'title':u'主页',
'username':request.user.username,
'form':form,
},context_instance=RequestContext(request))
def changepassword(request):
user = request.user
form = ChangePasswordForm(initial={'username': user.unitsn})
if request.method == "POST":
form = ChangePasswordForm(request.POST)
if form.is_valid():
newpassword = request.POST['newpassword']
user.set_password(newpassword)
user.save()
return HttpResponseRedirect("/login/")
return render_to_response('changepassword.html', {
'form': form,
},
context_instance=RequestContext(request))
def changepassword():
form = ChangePasswordForm(request.form)
if request.method == 'POST' and form.validate():
if not current_user.check_password(form.old_password.data):
form.old_password.errors.append(u'密码错误!')
return render_template("changepassword.html", form=form)
current_user.password = User.create_password(form.new_password.data)
db.session.add(current_user)
db.session.commit()
flash(u"密码修改成功!")
return render_template("changepassword.html",
form=ChangePasswordForm())
return render_template("changepassword.html", form=form)
def render_student_change_password():
if session['is_admin']:
return redirect("/admin_panel")
query = "SELECT si.rname, s.bid_point FROM student s NATURAL JOIN studentinfo si WHERE s.uname = '{}'".format(
current_user.uname)
real_name, bid_point = db.session.execute(query).fetchone()
form = ChangePasswordForm()
if form.validate_on_submit():
old_password = form.oldPassword.data
new_password = form.newPassword.data
confirm_password = form.confirmPassword.data
if new_password != confirm_password:
form.confirmPassword.errors.append(
"newPassword must be the same as the confirmPassword!")
else:
query = "SELECT password FROM users WHERE uname = '{}'".format(
current_user.uname)
password = db.session.execute(query).fetchone()[0]
if password != old_password:
form.oldPassword.errors.append("old password is incorrect!")
else:
query = "UPDATE users SET password = '******' WHERE uname = '{}'".format(
new_password, current_user.uname)
db.session.execute(query)
db.session.commit()
form.confirmPassword.errors.append("password updated!")
return render_template("student_profile_change_password.html",
username=real_name,
bid_point=bid_point,
form=form)
def post(self):
old_password = self.get_argument("old_password")
new_password = self.get_argument("new_password")
confirm_password = self.get_argument("confirm_password")
form = ChangePasswordForm(self.request.arguments)
password_error = password_validation(self.session, self.uid,
old_password)
if form.validate():
if password_error == "":
change_password(self.session, self.uid, new_password)
self.redirect("/")
else:
self.render("changepassword.html",
username=self.username,
group=self.group,
form=form,
db_error=password_error)
else:
self.render("changepassword.html",
username=self.username,
group=self.group,
form=form,
db_error=None)
def render_admin_change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
old_password = form.oldPassword.data
new_password = form.newPassword.data
confirm_password = form.confirmPassword.data
if new_password != confirm_password:
form.confirmPassword.errors.append(
"newPassword must be the same as the confirmPassword!")
else:
query = "SELECT password FROM users WHERE uname = '{}'".format(
current_user.uname)
password = db.session.execute(query).fetchone()[0]
if password != old_password:
form.oldPassword.errors.append("old password is incorrect!")
else:
query = "UPDATE users SET password = '******' WHERE uname = '{}'".format(
new_password, current_user.uname)
db.session.execute(query)
db.session.commit()
form.confirmPassword.errors.append("password updated!")
form.oldPassword.data = ''
form.newPassword.data = ''
form.confirmPassword.data = ''
return render_template("admin_profile_change_password.html",
username=current_user.uname,
form=form)
def changePassword():
form = ChangePasswordForm()
if form.validate_on_submit():
if form.newPassword.data != form.newPassword2.data:
flash("Passwords must match")
return redirect(url_for('changePassword'))
connection = sqlite3.connect('data/site.db')
cur = connection.cursor()
for row in cur.execute("SELECT username, password from user_data"):
if (current_user.id == row[0]):
presentPassword = row[1]
if bcrypt.checkpw(form.currentPassword.data.encode(),
presentPassword):
id = current_user.id
salt = bcrypt.gensalt()
newPassword = bcrypt.hashpw(
form.newPassword2.data.encode(), salt)
cur.execute(
"Update user_data set password=? where username=?",
(newPassword, id))
connection.commit()
cur.close()
logout_user()
flash(
"You have been logged out. Your password has been changed !"
)
return redirect('/')
else:
flash("Wrong Password")
return redirect('/changePassword')
return render_template('changePassword.html', form=form)
def edit_profile():
user = User.query.get(current_user.id)
form = EditProfileForm(request.form, phone=user.phone, email=user.email)
passform = ChangePasswordForm(request.form)
if request.method == 'POST':
#if the user clicked button to update profile
if request.form['submit'] == 'Update' and form.validate_on_submit():
phone = form.phone.data
email = form.email.data
user.phone = phone
user.email = email
db.session.commit()
return redirect('home')
#if user clicked change password
if request.form[
'submit'] == 'Change Password' and passform.validate_on_submit(
):
#generate hash
newpass = generate_password_hash(passform.password.data)
user.password_hash = newpass
db.session.commit()
return redirect('edit_profile')
return render_template('edit_profile.html',
form=form,
passform=passform,
user=user)
def change_password_view():
if not session["is_auth"]:
return redirect(url_for('main_view'))
form = ChangePasswordForm()
if request.method == "POST":
if form.validate_on_submit():
user = db.session.query(User).get(session["user"]["id"])
if user.password_valid(form.password.data):
form.password.errors.append("Вы используете старый пароль!")
return render_template("change_password.html", form=form)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('account_view'))
return render_template("change_password.html", form=form)
def home():
form = ChangePasswordForm()
if form.validate_on_submit():
authResult = authenticateTACACS(form.username.data, form.password.data)
if "status: FAIL" in str(authResult):
form.errors.update({'generalErrors': ["Wrong username/password"]})
else:
if (form.newPassword.data != form.confirmNewPassword.data):
form.errors.update(
{'generalErrors': ["New password fields don't match"]})
else:
userID = getUserID(form.username.data)
result = changePassword(userID, form.username.data,
form.newPassword.data)
if result != "OK":
form.errors.update({'generalErrors': [result]})
else:
form.errors.update({
'messages':
["Password has been successsfully updated"]
})
else:
print(form.errors)
return render_template("template.html", form=form)
def changePassword():
"""
Change the users password
"""
form2 = ChangePasswordForm()
email = form2.email.data
if form2.validate_on_submit():
# check whether employee exists in the database and whether
user = User.query.filter_by(email=email).first()
if user is not None:
user = User.query.filter_by(email=email).first_or_404()
user.password_hash = generate_password_hash(form2.password.data)
db.session.commit()
flash(
'You have successfully changed your password! You may now login.'
)
return redirect(url_for('auth.login'))
# when email doesn't exist
else:
flash('Invalid email')
return render_template('auth/change-password-email.html',
form=form2,
title='Change Password')
def change_password():
if request.method == 'POST':
form = ChangePasswordForm(user=current_user, obj=request.form)
else:
form = ChangePasswordForm(user=current_user)
if form.validate_on_submit():
session = object_session(current_user)
current_user.change_password(form.password.data)
current_user.needs_password_reset = False
session.add(current_user)
session.commit()
flash('Password changed.', 'success')
return redirect(url_for('index'))
return render_template('user/change_password.html', form=form)
def recover_password(token):
s = URLSafeSerializer(app.config['SECRET_KEY'])
try:
token_data = s.loads(token)
except BadSignature:
flash('Failed to validate token.')
return redirect(url_for('index'))
if token_data['time'] + 600 < int(time.time()):
flash('That link has expired')
return redirect(url_for('forgot'))
form = ChangePasswordForm()
if form.validate_on_submit():
try:
user = User.get(User.email == token_data['email'])
except User.DoesNotExist:
flash('That user does not exist.')
return redirect(url_for('index'))
user.password = generate_password_hash(form.password.data)
user.save()
flash('Your password has been updated.')
return redirect(url_for('login'))
else:
return render_template(
'recover_password.html',
form=form,
token_data=token_data,
token=token,
)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if form.selecttype.data == 'admin':
admin = Admin.query.filter_by(name=form.name.data).first()
if admin is None:
flash(u'用户不存在')
return render_template('changePassword.html', form=form)
admin.password = md5(form.password.data).hexdigest()
elif form.selecttype.data == 'teacher':
teacher = None
if form.name.data.isdigit():
teacher = Teacher.query.filter_by(id=int(form.name.data) +
DEFAULT).first()
if teacher is None:
flash(u'用户不存在')
return render_template('changePassword.html', form=form)
teacher.password = md5(form.password.data).hexdigest()
else:
student = None
if form.name.data.isdigit():
student = Student.query.filter_by(
id=int(form.name.data)).first()
if student is None:
flash(u'用户不存在')
return render_template('changePassword.html', form=form)
student.password = md5(form.password.data).hexdigest()
db.session.commit()
flash(u'修改密码成功')
return redirect(url_for('change_password'))
return render_template('changePassword.html', form=form)
def get(self):
form = ChangePasswordForm()
self.render("changepassword.html",
username=self.username,
group=self.group,
form=form,
db_error=None)
def profile():
"""
load the profile page for the current user (currently just a 'change password' form)
@return: profile page content
"""
changepw_form = ChangePasswordForm()
return render_template('profile.html', changepw_form=changepw_form)
def change_password():
user = None
if current_user.is_authenticated:
if not login_fresh():
return login_manager.needs_refresh()
user = current_user
elif 'activation_key' in request.values and 'email' in request.values:
activation_key = request.values['activation_key']
email = request.values['email']
user = User.query.filter_by(activation_key=activation_key) \
.filter_by(email=email).first()
if user is None:
abort(403)
form = ChangePasswordForm(activation_key=user.activation_key)
if form.validate_on_submit():
user.password = form.password.data
user.activation_key = None
db.session.add(user)
db.session.commit()
flash("Your password has been changed, please log in again", "success")
return redirect(url_for("frontend.login"))
return render_template("frontend/change_password.html", form=form)
def change_password():
"""Change user's password."""
form = ChangePasswordForm()
if form.validate_on_submit() and User.authenticate(
g.user.username, form.current_password.data):
data = {
'new_password': form.new_password.data,
'new_password_confirmed': form.new_password_confirmed.data
}
if g.user.change_password(**data):
g.user.change_password(**data)
db.session.commit()
flash("Password changed!", "success")
return redirect(url_for('profile'))
else:
flash("Invalid password", "danger")
return render_template('users/change_password.html',
form=form,
user=g.user)
else:
return render_template('users/change_password.html',
form=form,
user=g.user)
def change_password(username):
# Make sure the logged in user is the authorized user to view this page.
if "username" not in session or username != session['username']:
raise Unauthorized()
user = User.query.filter_by(username=username).first()
user_id = user.id
form = ChangePasswordForm()
if form.validate_on_submit():
current_password = form.current_password.data
new_password = form.new_password.data
# If user's current password is true, update password.
if User.change_password(user_id, current_password, new_password):
User.change_password(user_id, current_password, new_password)
flash("Password updated.", "success")
return redirect('/')
else:
flash("Incorrect Password.", "danger")
return render_template('/user/change_password.html', form=form)
else:
return render_template('/user/change_password.html', form=form)
def change_password(request, template_name, extra_context=None):
if request.method == 'POST':
form = ChangePasswordForm(request.POST)
form.username = request.user.username
if form.is_valid():
request.user.set_password(form.cleaned_data['new_password'])
request.user.save()
return render_to_response(template_name, {
'success': 'true',
'form': form
},
context_instance=RequestContext(request))
else:
form = ChangePasswordForm()
return render_to_response(template_name, {'form': form},
context_instance=RequestContext(request))
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
old_password = form.password.data
new_password = form.new_password.data
cfm_password = form.confirm_password.data
user = User.query.filter_by(user_id=current_user.user_id,
password=old_password).first()
if user is not None:
if new_password == cfm_password:
# update admin password
insertSql = "UPDATE users SET password = :password WHERE user_id = :id"
insertParams = {
"password": new_password,
"id": current_user.user_id
}
db.engine.execute(text(insertSql), insertParams)
flash('Password changed successful!', 'success')
else:
flash('New Password and Confirm Password not match!')
else:
flash('incorrect password. please try again!')
return render_template('change-password.html',
auth=current_user,
form=form,
active='password')
def change_password(request):
message = None
if request.POST:
change_form = ChangePasswordForm(request.user, request.POST)
if not change_form.errors:
change_form.save()
message = "Hasło zmienione."
change_form = ChangePasswordForm(request.user)
else:
change_form = ChangePasswordForm(request.user)
template = loader.get_template('form.html')
context = {
'form': change_form,
'action': reverse('change_password'),
'message': message
}
return HttpResponse(template.render(context, request))
def change_password():
form = ChangePasswordForm(request.form)
if request.method == "POST" and form.validate():
user = User.query.filter_by(name=g.user.name).first()
user.password = hash_str(form.password.data)
user.save()
return redirect(url_for('user.settings'))
return redirect(url_for('user.settings'))
def change_password(request):
if request.method == 'POST':
form = ChangePasswordForm(request.POST)
if form.is_valid():
request.user.set_password(form.cleaned_data['password1'])
request.user.save()
messages.success(request, _("Your password has been changed."))
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, _("Oops. Something went wrong."))
return render_to_response('accounts/change-password.html',
RequestContext(request, {'form': form}))
#this is a GET
return render_to_response('accounts/change-password.html',
{'form': ChangePasswordForm()},
context_instance=RequestContext(request))
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
current_user.password = form.password.data
db.session.add(current_user)
db.session.commit()
flash('Password changed successfully', 'success')
return redirect(url_for('.index', name=current_user.name))
return render_template('user/change_password.html', form=form)
def change_password(request):
temp_name = "skaccounts/accounts-header.html"
if request.method == 'POST':
form = ChangePasswordForm(user=request.user, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('logout'))
else:
form = ChangePasswordForm(user=request.user)
kwvars = {
'form': form,
'request': request,
'temp_name': temp_name,
}
return render_to_response('skaccounts/change_password.html', kwvars,
RequestContext(request))
