def change_login():
db = get_db()
account_info = db.execute('SELECT * FROM user'
' WHERE id = ?', (g.user['id'], )).fetchone()
if request.method == 'GET':
return render_template('account/change-login.html',
account_info=account_info)
elif request.method == 'POST':
email = request.form['email']
email_confirm = request.form['email_confirm']
new_pw = request.form['new_pw']
new_pw_confirm = request.form['new_pw_confirm']
old_pw = request.form['old_pw']
db = get_db()
error = None
if not old_pw:
error = 'Password is required.'
if email != "" and email != account_info['email']:
if email != email_confirm:
error = "The confirmation e-mail doesn't match."
if db.execute('SELECT id FROM user WHERE email = ?',
(email, )).fetchone() is not None:
error = 'Email {} is already registered.'.format(email)
if email_confirm != "" and email != email_confirm:
error = "The confirmation e-mail doesn't match."
if new_pw != "":
if len(new_pw) < 6 or not any(str.isdigit(c)
for c in new_pw) or not any(
str.isalpha(c) for c in new_pw):
error = 'New password must contain at least one number and one letter and must be at least six characters long.'
elif new_pw != new_pw_confirm:
error = "The provided passwords don't match."
if error is None:
if not check_password_hash(account_info['password'], old_pw):
error = 'Incorrect password.'
if error is None:
if new_pw != "":
db.execute(
'UPDATE user'
' SET email = ?,'
' PASSWORD = ?'
' WHERE id = ?',
(email, generate_password_hash(new_pw), g.user['id']))
else:
db.execute('UPDATE user'
' SET email = ?'
' WHERE id = ?', (email, g.user['id']))
db.commit()
return redirect(url_for('study_timer.account'))
else:
flash(error)
return render_template('account/change-login.html',
account_info=account_info)
def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
g.user = get_db().execute('SELECT * FROM user WHERE id = ?',
(user_id, )).fetchone()
def save_settings():
username = request.form['account_username']
weekdays = ""
dark_mode = 'no'
if request.form.get('mon') is not None:
weekdays += 'mon'
if request.form.get('tue') is not None:
weekdays += 'tue'
if request.form.get('wed') is not None:
weekdays += 'wed'
if request.form.get('thu') is not None:
weekdays += 'thu'
if request.form.get('fri') is not None:
weekdays += 'fri'
if request.form.get('sat') is not None:
weekdays += 'sat'
if request.form.get('sun') is not None:
weekdays += 'sun'
if request.form['account_study_time'].isnumeric():
goal = int(request.form['account_study_time'])
else:
goal = 60
if request.form.get('dark_mode') is not None:
dark_mode = 'yes'
error = None
db = get_db()
user_id = g.user['id']
if len(username) < 6 or len(username) > 15:
error = 'Username must be between 6 and 15 characters.'
elif goal < 1 or goal > 1440:
error = 'Invalid study goal time.'
elif username != g.user['username'] and db.execute(
'SELECT * from user'
' WHERE username = ?', (username, )).fetchone() is not None:
error = 'This username is already in use.'
else:
db.execute(
'UPDATE user'
' SET username = ?,'
' min_study_time = ?,'
' weekdays = ?,'
' dark_mode = ?'
' WHERE id = ?', (username, goal, weekdays, dark_mode, user_id))
db.commit()
if error is not None:
flash(error)
return redirect(url_for('study_timer.account'))
def register():
if request.method == 'POST':
username = request.form['username']
email = request.form['email']
email_confirm = request.form['email_confirm']
password = request.form['password']
password_confirm = request.form['password_confirm']
db = get_db()
error = None
if not username:
error = 'Username is required.'
elif not email:
error = 'E-mail is required.'
elif not password:
error = 'Password is required.'
elif len(username) < 6 or len(username) > 15:
error = 'Username must be between 6 and 15 characters.'
elif len(password) < 6 or len(password) > 15 or not any(
str.isdigit(c) for c in password) or not any(
str.isalpha(c) for c in password):
error = 'Password must contain at least one number and one letter and must have between 6 and 15 characters.'
elif email != email_confirm:
error = 'The confirmation e-mail doesn\'t match.'
elif password != password_confirm:
error = 'The provided passwords don\'t match.'
elif db.execute('SELECT id FROM user WHERE username = ?',
(username, )).fetchone() is not None:
error = 'User {} is already registered.'.format(username)
elif db.execute('SELECT id FROM user WHERE email = ?',
(email, )).fetchone() is not None:
error = 'Email {} is already registered.'.format(email)
if error is None:
db.execute(
'INSERT INTO user (username, email, password) VALUES (?, ?, ?)',
(username, email, generate_password_hash(password)))
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def login():
if request.method == 'POST':
identification = request.form['identification']
password = request.form['password']
db = get_db()
error = None
user = db.execute('SELECT * FROM user WHERE username = ?',
(identification, )).fetchone()
if user is None:
user = db.execute('SELECT * FROM user WHERE email = ?',
(identification, )).fetchone()
if user is None:
error = 'Incorrect username or email.'
elif not check_password_hash(user['password'], password):
error = 'Incorrect password.'
if error is None:
session.clear()
session['user_id'] = user['id']
return redirect(url_for('index'))
flash(error)
return render_template('auth/login.html')