def requestpswd(): if request.method == 'GET': return render_template('request-pswd.html', header_title='Request password') if request.method == 'POST': username = request.form.get('username') user = User.query.filter_by(username=username).first() if not user: flash(username + " is not a registered user", 'error') return redirect('/requestpswd') email = user.email temp = create_temp_pswd() temp_hashed = make_pw_hash(temp) user.pw_hash = temp_hashed db.session.add(user) db.session.commit() msg = Message('Important Message from Blogz', sender='*****@*****.**', recipients=[email]) msg.body = 'Hi There, ' + username + '!/n/nYour temporary Blogz password is: \n\t\t' + temp + '\nIf you did not initiate this request, you might want to call your mom.' mail.send(msg) flash( 'A temporary password has been sent to the email you have on file', 'success') flash('Development alert: temp password is ' + temp, 'error') session['temp-pswd'] = 'yes' return redirect('/')
def login(): if request.method == 'GET': return render_template('login.html') if request.method == 'POST': email = request.form['email'] password = request.form['password'] # VAILDATION # if email == '' or password == '': flash('Error: One or more fields left blank', category="is-warning") return redirect('/login') users = User.query.filter_by(email=email) if users.count() != 1: flash('Error: Email not in our system.', category="is-warning") return redirect("/login") user = users.first() pw_hash, salt = user.pw_hash.split(',') test_pw_hash, salt = make_pw_hash(password, salt).split(',') if test_pw_hash != pw_hash: flash('Error: Incorrect password', category="is-warning") return redirect("/login") # SUCCESS # session['user'] = user.email flash('Welcome Back, ' + user.email, category="is-primary") return redirect("/")
def post(self): username = self.request.get('username') password = self.request.get('password') verify = self.request.get('verify') email = self.request.get('email') params = {} has_error = False if not self.validate_username(username): has_error = True elif self.get_user_by_name(username): params['user_error'] = "That username already exists" has_error = True if not self.validate_pw(password): has_error = True elif password != verify: params['pw_error'] = "Your passwords do not match" has_error = True if not self.validate_email(email): has_error = True if has_error: self.render('signup.html', sign_up_active="active", page_title="Sign Up", **params) else: pw_hash = hashutils.make_pw_hash(username, password) u = User(username=username, pw_hash=pw_hash, email=email, sets=[]) u.put() self.login_user(u) self.redirect('/')
def post(self): """ Validate submitted data, creating a new user if all fields are valid. If data doesn't validate, render the form again with an error. This code is essentially identical to the solution to the Signup portion of the Formation assignment. The main modification is that we are now able to create a new user object and store it when we have valid data. """ submitted_username = self.request.get("username") submitted_password = self.request.get("password") submitted_verify = self.request.get("verify") submitted_email = self.request.get("email") username = self.validate_username(submitted_username) password = self.validate_password(submitted_password) verify = self.validate_verify(submitted_password, submitted_verify) email = self.validate_email(submitted_email) errors = {} existing_user = self.get_user_by_name(username) has_error = False if existing_user: errors[ 'username_error'] = "A user with that username already exists" has_error = True elif (username and password and verify and (email is not None)): # create new user object and store it in the database pw_hash = hashutils.make_pw_hash(username, password) user = User(username=username, pw_hash=pw_hash) user.put() # login our new user self.login_user(user) else: has_error = True if not username: errors['username_error'] = "That's not a valid username" if not password: errors['password_error'] = "That's not a valid password" if not verify: errors['verify_error'] = "Passwords don't match" if email is None: errors['email_error'] = "That's not a valid email" if has_error: t = jinja_env.get_template("signup.html") response = t.render(username=username, email=submitted_email, errors=errors) self.response.out.write(response) else: self.redirect('/blog/newpost')
def register(): email = "" email_error = "" password_error = "" verify_error = "" if request.method == "POST": email = request.form["email"] password = request.form["password"] verify = request.form["verify"] email_error = "" password_error = "" verify_error = "" if password == "": password_error = "Password cannot be blank. " elif len(password) < 3 or len(password) > 20: password = "" verify = "" password_error = password_error + \ "Password must be between 3 and 20 characters in length. " if verify == "": verify_error = "Password cannot be blank. " if " " in email: email_error = email_error + "Username cannot contain spaces. " if " " in password: password = "" verify = "" password_error = password_error + "Password cannot contain spaces. " if password != verify: password = "" verify = "" verify_error = verify_error + "Does not match password. " # TODO: Validate user data if not email_error and not password_error and not verify_error: existing_user = User.query.filter_by(email=email).first() if not existing_user: new_user = User(email, make_pw_hash(password)) db.session.add(new_user) db.session.commit() session["email"] = email return redirect("/add-post") else: # TODO: use a better message here return "<h1>Duplicate user</h1>" return render_template("register.html", email_error=email_error, password_error=password_error, verify_error=verify_error, email=email)
def post(self): submitted_username = self.request.get("username") submitted_password = self.request.get("password") submitted_verify = self.request.get("verify") submitted_email = self.request.get("email") username = self.validate_username(submitted_username) password = self.validate_password(submitted_password) verify = self.validate_verify(submitted_password, submitted_verify) email = self.validate_email(submitted_email) errors = {} existing_user = self.get_user_by_name(username) has_error = False if existing_user: errors['username_error'] = "Sorry, that username already exists." has_error = True elif (username and password and verify and (email is not None)): # create new user object and store it in the database pw_hash = hashutils.make_pw_hash(username, password) user = User(username=username, email=email, pw_hash=pw_hash) user.put() # login our new user self.login_user(user) else: has_error = True if not username: errors['username_error'] = "That's not a valid username" if not password: errors['password_error'] = "That's not a valid password" if not verify: errors['verify_error'] = "Passwords don't match" if email is None: errors['email_error'] = "That's not a valid email" if has_error: try: thisUser = str(self.user.username) except: thisUser = "" t = jinja_env.get_template("signup.html") response = t.render(username=username, email=email, errors=errors, thisUser=thisUser) self.response.out.write(response) else: self.redirect('/blog/newpost')
def signup(): noerrors = True if request.method == 'POST': #submitted form #get form variables username = request.form['email'] password = request.form['password'] verify = request.form['verify'] #set error variables _error = "" usererror = "" passerror = "" #validate username _error = validate_(username) if _error != "": noerrors = False usererror = "Username " + _error flash( "Username <strong>{0}</strong> is not valid. {1}".format( username, usererror), 'danger') #validate password _error = password_verify_same(password, verify) if _error == "": #matching passwords _error = validate_( password) #check password meets required validation rules if _error != "": noerrors = False passerror = "Password" + _error flash("{0}".format(passerror), 'danger') else: #non matching passwords noerrors = False passerror = "Password" + _error flash("{0}".format(passerror), 'danger') if noerrors: existing_user = User.query.filter_by(username=username).first() if not existing_user: #not existing #add new user to db is all validation passed password = make_pw_hash(password) new_user = User(username, password) db.session.add(new_user) db.session.commit() session['email'] = username return redirect('/newpost') else: #here if is existing user flash( "The email <strong>{0}</strong> is already registered". format(username), 'danger') #return render_template('signup.html') #GET request return render_template('signup.html')
def __init__(self, username, password, email, company, catchphrase, state, dustmask): self.username=username self.hashpass=make_pw_hash(password) self.email=email self.company=company self.catchphrase=catchphrase self.state=state self.dustmask=dustmask self.benefactor=0 self.lastsink=0 self.memberlevel=0
def post(self): """ User is trying to register """ submitted_teamname = self.request.get("teamname") submitted_password = self.request.get("password") submitted_verify = self.request.get("verify") submitted_members = self.request.get("members") submitted_discords = self.request.get("discords") teamname = self.validate_teamname(submitted_teamname) password = self.validate_password(submitted_password) verify = self.validate_verify(submitted_password, submitted_verify) members = self.validate_members(submitted_members) discords = self.validate_discords(submitted_discords) errors = {} existing_team = self.get_team_by_name(teamname) has_error = False if existing_team: errors['teamname_error'] = "A team with that name already exists" has_error = True elif (teamname and password and verify and members and discords): # create new user object pw_hash = hashutils.make_pw_hash(teamname, password) team = Team(teamname=teamname, pw_hash=pw_hash) team.put() self.login_user(team) else: has_error = True if not teamname: errors['teamname_error'] = "That's not a valid teamname" if not password: errors['password_error'] = "That's not a valid password" if not verify: errors['verify_error'] = "Passwords don't match" if not members: errors['members_error'] = "That's not a valid list of members" if not discords: errors['discords_error'] = "That's not a valid discord tag" if has_error: t = jinja_env.get_template("register.html") response = t.render(teamname=teamname, errors=errors) self.response.out.write(response) else: self.redirect('/teampage')
def add_user(): # add a new user to the User Table in DB new_user = User() new_user.username = request.json["username"] plain_text_password = request.json["password"] salt = make_salt() # save unique salts in the db with each user new_user.salt = salt # salt and hash all passwords being entered into db new_user.password = make_pw_hash(salt, plain_text_password) db.session.add(new_user) db.session.commit() # add the user to session session['user'] = new_user.username return jsonify({"username": new_user.username})
def register(): if request.method == 'POST': email = str(request.json['email']) password = str(request.json['password']) verify = str(request.json['verify']) if password != verify: return "Passwords do not match", 401 user = get_user(email) if len(user) != 0: return "Account with this email already exists", 409 try: create_user(email, make_pw_hash(password)) return "Account added successfully", 200 except: return "Something went wrong, account not added", 400
def post(self): """ User is trying to register """ submitted_username = self.request.get("username") submitted_password = self.request.get("password") submitted_verify = self.request.get("verify") username = self.validate_username(submitted_username) password = self.validate_password(submitted_password) verify = self.validate_verify(submitted_password, submitted_verify) errors = {} existing_user = self.get_user_by_name(username) has_error = False if existing_user: errors[ 'username_error'] = "A user with that username already exists" has_error = True elif (username and password and verify): # create new user object pw_hash = hashutils.make_pw_hash(username, password) user = User(username=username, pw_hash=pw_hash) user.put() self.login_user(user) else: has_error = True if not username: errors['username_error'] = "That's not a valid username" if not password: errors['password_error'] = "That's not a valid password" if not verify: errors['verify_error'] = "Passwords don't match" if has_error: t = jinja_env.get_template("register.html") content = t.render(username=username, errors=errors) self.response.out.write(content) else: self.redirect('/')
def edit_profile(): curr_username = session['username'] if request.method == 'GET': return render_template('profile.html', curr_username=curr_username) if request.method == 'POST': user = User.query.filter_by(username=session['username']).first() original = request.form.get('old_password') if check_pw_hash(original, user.pw_hash): new = request.form.get('password') name = request.form.get('username') if name != '': # validate user name if len(name) < 3: flash('Valid username must be at least 3 characters', 'error') return redirect('/editprofile?curr_username='******'The username ' + name + ' is already in use', 'error') return redirect('/editprofile?curr_username='******'You changed your username!', 'success') if new != '': verify = request.form.get('verify') if new != verify: flash('The passwords do not match', 'error') return redirect('/editprofile?curr_username='******'&username='******'temp-pswd' in session: del session['temp-pswd'] flash('You changed your password!', 'success') db.session.add(user) db.session.commit() session['username'] = user.username return redirect('/') else: flash('incorrect password', 'error') return redirect('/editprofile?curr_username=' + curr_username)
def register(): if request.method == 'GET': return render_template('register.html') if request.method == 'POST': email = request.form['email'] username = request.form['username'] password = request.form['password'] verify = request.form['verify'] # VALIDATION # if email == '' or username == '' or password == '' or verify == '': flash('Error: One or more fields left blank', category="is-warning") return render_template("register.html", email=email, username=username) if not is_email(email): flash( 'Error: Entered email is not formatted like an email address', category="is-warning") return render_template("register.html", email=email, username=username) if not is_valid_username(username): flash( 'Error: Usernames can only include: hyphens, underscores, letters and numbers', category="is-warning") return render_template("register.html", email=email, username=username) email_db_count = User.query.filter_by(email=email).count() if email_db_count > 0: flash('Error: Email is already taken.', category="is-warning") return render_template("register.html", email=email, username=username) username_db_count = User.query.filter_by(username=username).count() if username_db_count > 0: flash('Error: Username is already taken.', category="is-warning") return render_template("register.html", email=email, username=username) if len(email) < 3 or len(username) < 3 or len(password) < 3: flash( 'Error: Email, username or password has fewer than three characters', category="is-warning") return render_template("register.html", email=email, username=username) if password != verify: flash('Error: Passwords entered do not match.', category="is-warning") return render_template("register.html", email=email, username=username) # SUCCESS # pw_hash = make_pw_hash(password) user = User(email=email, username=username, pw_hash=pw_hash) db.session.add(user) db.session.commit() session['user'] = user.email flash('Successfully registered, ' + user.email, category="is-primary") return redirect("/")
def __init__(self, username, password, first_name, last_name, user_level): self.username = username self.password_hash = make_pw_hash(password) self.first_name = first_name self.last_name = last_name self.user_level = user_level
def __init__(self, email, password): self.email = email self.pw_hash = make_pw_hash(password)
def __init__(self, email, password, nickname): self.db_email = email self.db_password = make_pw_hash(password) self.db_nickname = nickname self.db_postcount = 0
def __init__(self, email, password, username): self.email = email self.username = username self.password = make_pw_hash(password)
def __init__(self, first_name, last_name, email, password): self.first_name = first_name self.last_name = last_name self.email = email self.pw_hash = make_pw_hash(password)
def __init__(self, name, password): self.name = name self.pw_hash = make_pw_hash(password)
def post(self): """ Validate submitted data, creating a new user if all fields are valid. If data doesn't validate, render the form again with an error. This code is essentially identical to the solution to the Signup portion of the Formation assignment. The main modification is that we are now able to create a new user object and store it when we have valid data. """ submitted_username = self.request.get( "username" ) #request user submitted data from the browser's post request submitted_password = self.request.get("password") submitted_verify = self.request.get("verify") submitted_email = self.request.get("email") username = self.validate_username( submitted_username ) #run the validation fuc created at beginning of this class password = self.validate_password(submitted_password) verify = self.validate_verify(submitted_password, submitted_verify) email = self.validate_email(submitted_email) errors = {} #Create empty dictionary for potential errors existing_user = self.get_user_by_name( username) #Check to see if the submitted username already exists has_error = False if existing_user: #1st verification step: if a user by that name exists, create an error errors[ 'username_error'] = "A user with that username already exists" has_error = True elif (username and password and verify and (email is not None)): #If all user inputs check out... # create new user object and store it in the database, including username and hashed pw pw_hash = hashutils.make_pw_hash(username, password) user = User(username=username, pw_hash=pw_hash) user.put() # login our new user using the generic method from the BlogHandler self.login_user(user) else: has_error = True #if there are errors, add them to errors dict if not username: errors['username_error'] = "That's not a valid username" if not password: errors['password_error'] = "That's not a valid password" if not verify: errors['verify_error'] = "Passwords don't match" if email is None: errors['email_error'] = "That's not a valid email" if has_error: t = jinja_env.get_template( "signup.html") #render signup with error messages response = t.render(username=username, email=email, errors=errors) self.response.out.write(response) else: self.redirect( '/blog/newpost' ) #After successful and signup and login, redirect to newpost
def __init__(self, username, password): self.username = username self.pw_hash = make_pw_hash(password) #checking salted and hashed pass
def __init__(self, username, password): self.username = username self.pw_hash = make_pw_hash(password)
def __init__(self, username, password, email): self.username = username self.pw_hash = make_pw_hash(password) self.email = email
def __init__(self, user, password): self.user = user self.pw_hash = make_pw_hash(password)
def __init__(self, email, password, store_num): self.email = email self.pw_hash = make_pw_hash(password) self.store_num = store_num
def __init__(self, username, password): self.username = username print(password) pw_hash = make_pw_hash(password) print(pw_hash) self.pw_hash = pw_hash