def profile(): if not flask.g.user: return flask.redirect( '/') # so we dont get stuck in infinite loop when signing out form = forms.ProfileForm(flask.request.form) if flask.request.method == 'POST' and form.validate(): user = flask.g.user new_email = form.email.data new_password = form.new_password.data if new_email: user.email = form.email.data if new_password: if form.current_password.data != user.password_hash: flask.flash( flask.Markup( '<strong>Password change failed!</strong> Incorrect password.' ), 'danger') return flask.redirect('/profile') user.password_hash = form.new_password.data db.session.add(user) db.session.commit() flask.g.user = user flask.session['user_id'] = user.id return flask.render_template('profile.html', form=form)
def profile(): if not flask.g.user: # so we don't get stuck in infinite loop when signing out return flask.redirect(flask.url_for('main.home')) form = forms.ProfileForm(flask.request.form) if flask.request.method == 'POST': if form.authorized_submit and form.validate(): user = flask.g.user new_email = form.email.data.strip() new_password = form.new_password.data if new_email: if form.current_password.data != user.password_hash: flask.flash( flask.Markup( '<strong>Email change failed!</strong> Incorrect password.' ), 'danger') return flask.redirect('/profile') user.email = form.email.data flask.flash( flask.Markup( '<strong>Email successfully changed!</strong>'), 'success') if new_password: if form.current_password.data != user.password_hash: flask.flash( flask.Markup( '<strong>Password change failed!</strong> Incorrect password.' ), 'danger') return flask.redirect('/profile') user.password_hash = form.new_password.data flask.flash( flask.Markup( '<strong>Password successfully changed!</strong>'), 'success') db.session.add(user) db.session.commit() flask.g.user = user return flask.redirect('/profile') elif form.submit_settings: user = flask.g.user if user.preferences is None: preferences = models.UserPreferences(user.id) db.session.add(preferences) db.session.commit() user.preferences.hide_comments = form.hide_comments.data flask.flash( flask.Markup( '<strong>Preferences successfully changed!</strong>'), 'success') db.session.add(user) db.session.commit() flask.g.user = user return flask.redirect('/profile') return flask.render_template('profile.html', form=form)
def profile(): if not flask.g.user: return flask.redirect( '/') # so we dont get stuck in infinite loop when signing out form = forms.ProfileForm(flask.request.form) level = 'Regular' if flask.g.user.is_admin: level = 'Moderator' if flask.g.user.is_superadmin: # check this second because we can be admin AND superadmin level = 'Administrator' elif flask.g.user.is_trusted: level = 'Trusted' if flask.request.method == 'POST' and form.validate(): user = flask.g.user new_email = form.email.data.strip() new_password = form.new_password.data if new_email: # enforce password check on email change too if form.current_password.data != user.password_hash: flask.flash( flask.Markup( '<strong>Email change failed!</strong> Incorrect password.' ), 'danger') return flask.redirect('/profile') user.email = form.email.data flask.flash( flask.Markup('<strong>Email successfully changed!</strong>'), 'success') if new_password: if form.current_password.data != user.password_hash: flask.flash( flask.Markup( '<strong>Password change failed!</strong> Incorrect password.' ), 'danger') return flask.redirect('/profile') user.password_hash = form.new_password.data flask.flash( flask.Markup( '<strong>Password successfully changed!</strong>'), 'success') db.session.add(user) db.session.commit() flask.g.user = user return flask.redirect('/profile') _user = models.User.by_id(flask.g.user.id) username = _user.username current_email = _user.email return flask.render_template('profile.html', form=form, name=username, email=current_email, level=level)
def profile(): if not flask.g.user: # so we don't get stuck in infinite loop when signing out return flask.redirect(flask.url_for('main.home')) form = forms.ProfileForm(flask.request.form) if flask.request.method == 'POST' and form.validate(): user = flask.g.user new_email = form.email.data.strip() new_password = form.new_password.data if new_email: # enforce password check on email change too if form.current_password.data != user.password_hash: flask.flash( flask.Markup( '<strong>Email change failed!</strong> Incorrect password.' ), 'danger') return flask.redirect('/profile') user.email = form.email.data flask.flash( flask.Markup('<strong>Email successfully changed!</strong>'), 'success') if new_password: if form.current_password.data != user.password_hash: flask.flash( flask.Markup( '<strong>Password change failed!</strong> Incorrect password.' ), 'danger') return flask.redirect('/profile') user.password_hash = form.new_password.data flask.flash( flask.Markup( '<strong>Password successfully changed!</strong>'), 'success') db.session.add(user) db.session.commit() flask.g.user = user return flask.redirect('/profile') return flask.render_template('profile.html', form=form)