def home():
form = ChangePasswordForm()
if form.validate_on_submit():
authResult = authenticateTACACS(form.username.data, form.password.data)
if "status: FAIL" in str(authResult):
form.errors.update({'generalErrors': ["Wrong username/password"]})
else:
if (form.newPassword.data != form.confirmNewPassword.data):
form.errors.update(
{'generalErrors': ["New password fields don't match"]})
else:
userID = getUserID(form.username.data)
result = changePassword(userID, form.username.data,
form.newPassword.data)
if result != "OK":
form.errors.update({'generalErrors': [result]})
else:
form.errors.update({
'messages':
["Password has been successsfully updated"]
})
else:
print(form.errors)
return render_template("template.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if form.selecttype.data == 'admin':
admin = Admin.query.filter_by(name=form.name.data).first()
if admin is None:
flash(u'用户不存在')
return render_template('changePassword.html', form=form)
admin.password = md5(form.password.data).hexdigest()
elif form.selecttype.data == 'teacher':
teacher = None
if form.name.data.isdigit():
teacher = Teacher.query.filter_by(id=int(form.name.data) +
DEFAULT).first()
if teacher is None:
flash(u'用户不存在')
return render_template('changePassword.html', form=form)
teacher.password = md5(form.password.data).hexdigest()
else:
student = None
if form.name.data.isdigit():
student = Student.query.filter_by(
id=int(form.name.data)).first()
if student is None:
flash(u'用户不存在')
return render_template('changePassword.html', form=form)
student.password = md5(form.password.data).hexdigest()
db.session.commit()
flash(u'修改密码成功')
return redirect(url_for('change_password'))
return render_template('changePassword.html', form=form)
def change_password():
user = None
if current_user.is_authenticated:
if not login_fresh():
return login_manager.needs_refresh()
user = current_user
elif 'activation_key' in request.values and 'email' in request.values:
activation_key = request.values['activation_key']
email = request.values['email']
user = User.query.filter_by(activation_key=activation_key) \
.filter_by(email=email).first()
if user is None:
abort(403)
form = ChangePasswordForm(activation_key=user.activation_key)
if form.validate_on_submit():
user.password = form.password.data
user.activation_key = None
db.session.add(user)
db.session.commit()
flash("Your password has been changed, please log in again", "success")
return redirect(url_for("frontend.login"))
return render_template("frontend/change_password.html", form=form)
def account_settings():
form = AccountForm()
formpass = ChangePasswordForm()
error = ''
sel_tab = 1
user = UserAccount.query.filter(UserAccount.id==g.user.id).one()
if form.validate_on_submit():
user.username = form.username.data
user.email = form.email.data
db.session.add(user)
db.session.commit()
flash ('Changes saved.')
form.username.data = user.username
form.email.data = user.email
if request.method == 'POST' and formpass.submit_pass:
sel_tab = 2
if formpass.validate_on_submit():
password = md5.md5(formpass.password.data).hexdigest()
user1 = UserAccount.query.filter(and_(UserAccount.id==g.user.id, UserAccount.password==password)).first()
if not user1:
error = 'Invalid password.'
else:
newpassword = md5.md5(formpass.newpassword.data).hexdigest()
user1.password = newpassword
db.session.add(user1)
db.session.commit()
flash ('New password saved.')
return render_template('account.html', form=form, formpass=formpass, site_data=site_data(), navigation=return_navigation(), error=error, sel_tab=sel_tab)
def edit_profile():
user = User.query.get(current_user.id)
form = EditProfileForm(request.form, phone=user.phone, email=user.email)
passform = ChangePasswordForm(request.form)
if request.method == 'POST':
#if the user clicked button to update profile
if request.form['submit'] == 'Update' and form.validate_on_submit():
phone = form.phone.data
email = form.email.data
user.phone = phone
user.email = email
db.session.commit()
return redirect('home')
#if user clicked change password
if request.form[
'submit'] == 'Change Password' and passform.validate_on_submit(
):
#generate hash
newpass = generate_password_hash(passform.password.data)
user.password_hash = newpass
db.session.commit()
return redirect('edit_profile')
return render_template('edit_profile.html',
form=form,
passform=passform,
user=user)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
old_password = form.password.data
new_password = form.new_password.data
cfm_password = form.confirm_password.data
user = User.query.filter_by(user_id=current_user.user_id,
password=old_password).first()
if user is not None:
if new_password == cfm_password:
# update admin password
insertSql = "UPDATE users SET password = :password WHERE user_id = :id"
insertParams = {
"password": new_password,
"id": current_user.user_id
}
db.engine.execute(text(insertSql), insertParams)
flash('Password changed successful!', 'success')
else:
flash('New Password and Confirm Password not match!')
else:
flash('incorrect password. please try again!')
return render_template('change-password.html',
auth=current_user,
form=form,
active='password')
def render_student_change_password():
if session['is_admin']:
return redirect("/admin_panel")
query = "SELECT si.rname, s.bid_point FROM student s NATURAL JOIN studentinfo si WHERE s.uname = '{}'".format(
current_user.uname)
real_name, bid_point = db.session.execute(query).fetchone()
form = ChangePasswordForm()
if form.validate_on_submit():
old_password = form.oldPassword.data
new_password = form.newPassword.data
confirm_password = form.confirmPassword.data
if new_password != confirm_password:
form.confirmPassword.errors.append(
"newPassword must be the same as the confirmPassword!")
else:
query = "SELECT password FROM users WHERE uname = '{}'".format(
current_user.uname)
password = db.session.execute(query).fetchone()[0]
if password != old_password:
form.oldPassword.errors.append("old password is incorrect!")
else:
query = "UPDATE users SET password = '******' WHERE uname = '{}'".format(
new_password, current_user.uname)
db.session.execute(query)
db.session.commit()
form.confirmPassword.errors.append("password updated!")
return render_template("student_profile_change_password.html",
username=real_name,
bid_point=bid_point,
form=form)
def render_admin_change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
old_password = form.oldPassword.data
new_password = form.newPassword.data
confirm_password = form.confirmPassword.data
if new_password != confirm_password:
form.confirmPassword.errors.append(
"newPassword must be the same as the confirmPassword!")
else:
query = "SELECT password FROM users WHERE uname = '{}'".format(
current_user.uname)
password = db.session.execute(query).fetchone()[0]
if password != old_password:
form.oldPassword.errors.append("old password is incorrect!")
else:
query = "UPDATE users SET password = '******' WHERE uname = '{}'".format(
new_password, current_user.uname)
db.session.execute(query)
db.session.commit()
form.confirmPassword.errors.append("password updated!")
form.oldPassword.data = ''
form.newPassword.data = ''
form.confirmPassword.data = ''
return render_template("admin_profile_change_password.html",
username=current_user.uname,
form=form)
def change_password():
"""Change user's password."""
form = ChangePasswordForm()
if form.validate_on_submit() and User.authenticate(
g.user.username, form.current_password.data):
data = {
'new_password': form.new_password.data,
'new_password_confirmed': form.new_password_confirmed.data
}
if g.user.change_password(**data):
g.user.change_password(**data)
db.session.commit()
flash("Password changed!", "success")
return redirect(url_for('profile'))
else:
flash("Invalid password", "danger")
return render_template('users/change_password.html',
form=form,
user=g.user)
else:
return render_template('users/change_password.html',
form=form,
user=g.user)
def recover_password(token):
s = URLSafeSerializer(app.config['SECRET_KEY'])
try:
token_data = s.loads(token)
except BadSignature:
flash('Failed to validate token.')
return redirect(url_for('index'))
if token_data['time'] + 600 < int(time.time()):
flash('That link has expired')
return redirect(url_for('forgot'))
form = ChangePasswordForm()
if form.validate_on_submit():
try:
user = User.get(User.email == token_data['email'])
except User.DoesNotExist:
flash('That user does not exist.')
return redirect(url_for('index'))
user.password = generate_password_hash(form.password.data)
user.save()
flash('Your password has been updated.')
return redirect(url_for('login'))
else:
return render_template(
'recover_password.html',
form=form,
token_data=token_data,
token=token,
)
def changePassword():
"""
Change the users password
"""
form2 = ChangePasswordForm()
email = form2.email.data
if form2.validate_on_submit():
# check whether employee exists in the database and whether
user = User.query.filter_by(email=email).first()
if user is not None:
user = User.query.filter_by(email=email).first_or_404()
user.password_hash = generate_password_hash(form2.password.data)
db.session.commit()
flash(
'You have successfully changed your password! You may now login.'
)
return redirect(url_for('auth.login'))
# when email doesn't exist
else:
flash('Invalid email')
return render_template('auth/change-password-email.html',
form=form2,
title='Change Password')
def changePassword():
form = ChangePasswordForm()
if form.validate_on_submit():
if form.newPassword.data != form.newPassword2.data:
flash("Passwords must match")
return redirect(url_for('changePassword'))
connection = sqlite3.connect('data/site.db')
cur = connection.cursor()
for row in cur.execute("SELECT username, password from user_data"):
if (current_user.id == row[0]):
presentPassword = row[1]
if bcrypt.checkpw(form.currentPassword.data.encode(),
presentPassword):
id = current_user.id
salt = bcrypt.gensalt()
newPassword = bcrypt.hashpw(
form.newPassword2.data.encode(), salt)
cur.execute(
"Update user_data set password=? where username=?",
(newPassword, id))
connection.commit()
cur.close()
logout_user()
flash(
"You have been logged out. Your password has been changed !"
)
return redirect('/')
else:
flash("Wrong Password")
return redirect('/changePassword')
return render_template('changePassword.html', form=form)
def change_password(username):
# Make sure the logged in user is the authorized user to view this page.
if "username" not in session or username != session['username']:
raise Unauthorized()
user = User.query.filter_by(username=username).first()
user_id = user.id
form = ChangePasswordForm()
if form.validate_on_submit():
current_password = form.current_password.data
new_password = form.new_password.data
# If user's current password is true, update password.
if User.change_password(user_id, current_password, new_password):
User.change_password(user_id, current_password, new_password)
flash("Password updated.", "success")
return redirect('/')
else:
flash("Incorrect Password.", "danger")
return render_template('/user/change_password.html', form=form)
else:
return render_template('/user/change_password.html', form=form)
def change_password():
user = None
if current_user.is_authenticated:
if not login_fresh():
return login_manager.needs_refresh()
user = current_user
elif 'activation_key' in request.values and 'email' in request.values:
activation_key = request.values['activation_key']
email = request.values['email']
user = User.query.filter_by(activation_key=activation_key) \
.filter_by(email=email).first()
if user is None:
abort(403)
form = ChangePasswordForm(activation_key=user.activation_key)
if form.validate_on_submit():
user.password = form.password.data
user.activation_key = None
db.session.add(user)
db.session.commit()
flash("Your password has been changed, please log in again", "success")
return redirect(url_for("frontend.login"))
return render_template("frontend/change_password.html", form=form)
def change_password_view():
if not session["is_auth"]:
return redirect(url_for('main_view'))
form = ChangePasswordForm()
if request.method == "POST":
if form.validate_on_submit():
user = db.session.query(User).get(session["user"]["id"])
if user.password_valid(form.password.data):
form.password.errors.append("Вы используете старый пароль!")
return render_template("change_password.html", form=form)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('account_view'))
return render_template("change_password.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
current_user.password = form.password.data
db.session.add(current_user)
db.session.commit()
flash('Password changed successfully', 'success')
return redirect(url_for('.index', name=current_user.name))
return render_template('user/change_password.html', form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
current_user.password = form.new_password.data
db.session.add(current_user)
db.session.commit()
flash('your password change successful.')
return redirect(url_for('main.index'))
return render_template('auth/change_password.html', form=form)
def change_password():
changePass = ChangePasswordForm()
if changePass.validate_on_submit():
if login_db.verify(session["username"], changePass.oldPassword.data):
login_db.update(session["username"], changePass.newPassword.data)
flash("pass-updated")
else:
flash("bad-old")
return render_template("change_pass.html", subheading="Account Settings", message=None, changePass=changePass,
page="settings")
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user and current_user.verify_password(
current_user.password_hash, form.old_password.data):
current_user.password = form.password.data
flash(u"Change password successfully!", 'success')
return redirect(url_for('admin.index'))
flash(u"Old Password error!", 'error')
return render_template('admin/change_password.html', form=form)
def index():
form = ChangePasswordForm()
if form.validate_on_submit():
user = models.User.query.filter_by(name="Admin").first()
if user.check_password(form.current_password.data):
user.set_password(form.new_password.data)
db.session.commit()
else:
flash('Verify your password', 'error')
return render_template('index.html', form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
current_user.password = form.password.data
db.session.add(current_user)
db.session.commit()
send_mail(current_user.email, 'Password was change', 'mail/change_password_mail', user = current_user)
flash('Email about changing password has been sent to you by email.')
return redirect(url_for('login'))
return render_template('change_password.html', form = form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if check_password_hash(current_user.password, form.old_password.data):
return password_change(form.new_password.data)
else:
flash("The old password does not match.")
return render_template('config.html',
form=form,
config_func='login_system.change_password')
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.verify_hash(form.current_password.data,
current_user.password):
current_user.set_password(form.new_password.data)
current_user.save_to_db(db)
return redirect("/profile")
return render_template("change_password.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.check_password(form.old_password.data):
current_user.password = form.password.data
current_user.save()
flash('Your password has been updated.')
return redirect(url_for('main.index'))
else:
flash('Invalid password.')
return render_template("auth/change_password.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.verify_password(form.old_password.data):
current_user.password = form.password.data
db.session.add(current_user)
flash('You password have been update','success')
return redirect(url_for('main.index'))
else:
flash('Invalid password')
return render_template('auth/change_password.html',form = form)
def profile():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.verify_password(form.current_password.data):
current_user.password = form.new_password.data
db.session.commit()
flash('Your password has been updated.', 'success')
return redirect(url_for('main.profile'))
else:
flash('Original password is invalid.', 'danger')
return render_template("profile.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.verify_password(form.old_password.data):
current_user.password = form.password.data
db.session.add(current_user)
flash('你的密码已经更改了')
return redirect(url_for('main.index'))
else:
flash('密码错误')
return render_template('auth/change_password.html', form=form)
def change_password(user_id):
form = ChangePasswordForm()
if form.validate_on_submit():
current_password = form.current_password.data
new_password = form.new_password.data
User.change_password(user_id, current_password, new_password)
flash("Password updated.", "success")
return redirect('/')
else:
return render_template('/users/change_password.html', form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if check_password_hash(current_user.password, form.old_password.data):
current_user.update_password(form.new_password.data)
db.session.commit()
message = "Your password has been changed."
return render_template("message.html", active_page='none', message=message)
else:
form.old_password.errors = ["Old password incorrect."]
return render_template('change_password.html', active_page='none', form=form)
def profile():
form = ChangePasswordForm()
if form.validate_on_submit():
g.user.set_password(form.new_password.data)
db.session.add(g.user)
db.session.commit()
flash('password has been changed')
return redirect(url_for('index'))
return render_template('profile.html',
title='Profile',
form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.check_password(form.oldpassword.data):
current_user.set_password(form.password.data)
db.session.commit()
flash('Your password has been reset.')
return redirect(url_for('edit_profile'))
flash('Old password incorrect', 'error')
return render_template('change_password.html', form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if check_password_hash(current_user.password, form.last_password.data):
current_user.password = generate_password_hash(
form.new_password1.data, method="pbkdf2:sha256", salt_length=8)
flash("Password changed successfully.")
db.session.commit()
else:
form.last_password.errors.append("Your password is invalid.")
return render_template("chat/change_password.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.check_password(form.old_password.data):
current_user.password = form.password.data
db.session.add(current_user)
flash('Your password has been updated.')
return redirect(url_for('main.index'))
else:
flash('Invalid password.')
return render_template("change_password.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.check_password(form.current_password.data):
current_user.password = form.new_password.data
db.session.add(current_user)
db.session.commit()
flash(u'新密码已设置。', 'success')
return redirect(url_for('.index'))
else:
flash(u'原密码有误,请重新输入。', 'warning')
return render_template('settings/change-password.html', form=form)
def change_password():
'''
application for changing the password of a user
'''
form = ChangePasswordForm()
if form.validate_on_submit():
password = request.form['password']
functions.edit_password(password, session['id'])
return redirect('/profile/settings/')
return render_template('change_password.html',
form=form,
username=session['username'])
def changepassword():
form = ChangePasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(user_name=form.username.data).first()
user.password = form.password.data
db.session.merge(user)
db.session.commit()
return redirect(url_for('home'))
return render_template('changepassword.html', form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
current_user.password = form.password.data
current_user.password = generate_password_hash(current_user.password,
method='sha256')
db.session.add(current_user)
db.session.commit()
flash('Your password has been updated.')
return redirect(url_for('main.index'))
return render_template("change_password.html", form=form)
def settings():
channels = models.Channel.query.filter(
models.Channel.admin_id == current_user.id)
req = 0
for i in current_user.channels.all():
for j in i.requests.all():
req += 1
tu = TopUpBalanceForm()
form = ChangePasswordForm()
if form.validate_on_submit():
if check_password_hash(current_user.password,
form.current_password.data):
new_hashed_password = generate_password_hash(
form.new_password.data, method='sha256')
curr = db.session.query(
models.User).filter_by(email=current_user.email).first()
curr.password = new_hashed_password
db.session.commit()
flash('Successfully updated your password')
return redirect(url_for('settings'))
else:
flash('Current password is wrong')
return redirect(url_for('settings'))
if tu.validate_on_submit() and request.method == 'POST':
customer = stripe.Customer.create(email=request.form['stripeEmail'],
source=request.form['stripeToken'])
charge = stripe.Charge.create(customer=customer,
amount=tu.amount.data,
currency='usd',
description='Posting')
curr = db.session.query(
models.User).filter_by(email=current_user.email).first()
curr.current_balance = curr.current_balance + form.amount.data
db.session.commit()
flash('Successfully replenished your balance!')
return redirect('/settings')
return render_template('settings.html',
form=form,
channels=channels,
user=current_user,
req=req,
tu=tu)
def changepassword():
form= ChangePasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(user_name = form.username.data).first()
user.password=form.password.data
db.session.merge(user)
db.session.commit()
return redirect(url_for('home'))
return render_template('changepassword.html', form=form)
def accessrights():
form = ChangePasswordForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=g.user.email).first()
if user:
user.password = bcrypt.generate_password_hash(form.password.data)
db.session.commit()
flash('Password successfully changed.', 'success')
return redirect(url_for('edit'))
else:
flash('Password change was unsuccessful.', 'danger')
return redirect(url_for('edit'))
return redirect(url_for('edit'))
def change_password():
"""Changing password """
form = ChangePasswordForm()
if form.validate_on_submit():
if form.password.data != form.retype_password.data:
flash('Passwords are not same')
else:
user = current_user
user.password = bcrypt.generate_password_hash(form.password.data)
db.session.add(user)
db.session.commit()
return redirect(url_for("logout"))
return render_template("change_password.html", form=form)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.is_correct_password(form.currentpass.data):
current_user.password = form.password.data
db.session.commit()
flash("Password changed!", "success")
login_user(current_user, remember=True)
return redirect(url_for("index"))
else:
flash("Current password incorrect, try again", "error")
return render_template("change_password.html", form=form)
def changepassword():
form = ChangePasswordForm()
title="Change Password"
user = User.query.get_or_404(g.user.id)
if form.validate_on_submit():
if check_password_hash(g.user.password, form.oldpassword.data):
g.user.password = generate_password_hash(form.password.data)
db.session.add(g.user)
db.session.commit()
flash('Your password was successfully changed!', category='success')
return redirect(url_for('changepassword'))
else:
flash("Your old password is incorrect!", category='danger')
return redirect(url_for('changepassword'))
return render_template('changepassword.html',title=title,form=form,user=user)
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(username=current_user.username).first()
if user.is_correct_password(form.old_password.data) and form.new_password.data == form.new_password_confirm.data:
user.password = form.new_password.data
db.session.commit()
return redirect(url_for('index'))
if not user.is_correct_password(form.old_password.data):
form.old_password.errors.append("Old password is incorrect")
if form.new_password.data != form.new_password_confirm.data:
form.new_password.errors.append("New passwords do not match")
form.new_password_confirm.errors.append("New passwords do not match")
return render_template("change_password.html", form=form)
def modifypwd():
form = ChangePasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email = current_user.email).first()
if not user.verify_password(form.oldpassword.data):
flash(u'旧密码输入错误')
else:
if user.verify_password(form.newpassword.data):
flash(u'新旧密码不能相同,请使用其他密码')
else:
user.password = form.newpassword.data
db.session.add(user)
db.session.commit()
flash(u'你刚刚修改了密码')
return redirect(url_for('main.index'))
return render_template('auth/modifypwd.html', form = form)
def change_password():
form = ChangePasswordForm() if request.method == 'POST' else ChangePasswordForm(request.args)
if form.validate_on_submit():
user = db.session.query(User).filter_by(name=g.user.name).filter_by(password=form.current_password.data).first()
if user is None:
flash('Incorrect password, please try again, or email philiphouse2015 at u.northwestern.edu.')
return render_template('smallgroup/change_password.html', form=form, user=g.user)
user.password = form.new_password.data
db.session.commit()
flash(('Password changed succesfully!!.'))
if g.user.scope == 12345:
return redirect(url_for('family_group_overview'))
return redirect(url_for('family_group_leader_manage', fg_id=g.user.scope))
elif(form.errors):
flash((form.errors))
return render_template('smallgroup/change_password.html', form=form, user=g.user)
def change_password():
"""
Change a user's password
"""
# form = ChangePasswordForm(request.form)
# if request.method == 'POST' and form.validate():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.check_password(form.old_password.data):
current_user.update_password(form.new_password.data)
current_user.save()
flash("Your password has been updated.", category="index_page")
return redirect(url_for(".list_projects"))
else:
flash("Your password does not match.", category="error")
return render_template("change_password.html", form=form)
return render_template("change_password.html", form=form)
def change_password(user_id=None):
form = ChangePasswordForm()
if user_id is not None and not is_admin():
return 'You are not authorised', 403
if user_id is None:
user_id = current_user.get_id()
user = User.query.filter_by(id=user_id).first_or_404()
if form.validate_on_submit():
if current_user.check_password(form.current_password.data):
user.set_password(form.new_password.data)
db.session.commit()
return redirect(url_for('view_frontend'))
else:
form.current_password.errors.append('Wrong password')
return render_template('user_change_password.html',
form=form,
user=current_user.to_dict() if is_logged_in() else None,
user_id=user_id)
