def login(): if not current_user.is_anonymous(): return redirect(url_for('index')) session = Session() if session.query(User).filter(User.is_admin).count() == 0: return redirect(url_for('setup')) if request.method == 'GET': return render_template('login.html', form=LoginForm()) form = LoginForm(request.form) if form.validate_on_submit(): session = Session() user = session.query(User).filter( User.needs_activation == False).filter( User.username == form.username.data).first() if user and user.check_password(form.password.data): if login_user(user, remember=True): return redirect(request.args.get("next") or url_for("index")) else: flash('Unknown error', 'danger') else: flash('Invalid username/password.', 'danger') else: flash('The form contains one or more errors', 'danger') return render_template('login.html', form=form)
def delete_user(id): session = Session() user = get_or_404(session.query(User), id) session.delete(user) session.commit() flash("User deleted", 'info') return redirect(url_for('administrate_users'))
def confirm(confirmation_token): username = get_username_from_confirmation_token(app, confirmation_token) if not username: flash('Invalid confirmation link', 'danger') return redirect(url_for('login')) session = Session() user = session.query(User).filter(User.username == username).first() if not user.needs_activation: flash('Account already confirmed', 'warning') return redirect(url_for('login')) if request.method == 'POST': form = SelectPasswordForm(request.form) else: flash("Please create a password to confirm your account.", 'info') form = SelectPasswordForm() if form.validate_on_submit(): user.change_password(form.password.data) user.needs_activation = False session.commit() flash("Account confirmed. You may now login.", 'success') return redirect(url_for('login')) return render_template('user/select_password.html', form=form)
def free_mailbox(mailbox_id): session = Session() mailbox = session.query(Mailbox).options( joinedload('user')).filter(Mailbox.id == mailbox_id).first() username = mailbox.user.username mailbox.user = None session.commit() flash('%s removed from mailbox %d' % (username, mailbox.id), 'success') return redirect(url_for('administrate_mailboxes'))
def setup(): session = Session() if session.query(User).filter(User.is_admin).count() > 0: return redirect(url_for('index')) if request.method == 'POST': form = CreateAdministratorForm(request.form) else: form = CreateAdministratorForm() if form.validate_on_submit(): session = Session() user = User(username=form.username.data, password=form.password.data) user.email = form.email.data user.is_admin = True user.needs_password_reset = False user.needs_activation = False session.add(user) session.commit() flash('Administrator user created. You may now log in.', 'success') return redirect(url_for('login')) else: flash('Please create an administrator user to get started.', 'info') return render_template('admin/setup.html', form=form)
def user_profile(): if request.method == 'POST': form = UserEmailForm(request.form) else: form = UserEmailForm(obj=current_user) if form.validate_on_submit(): current_user.email = form.email.data session = object_session(current_user) if not session: session = Session() session.add(current_user) session.commit() flash('Email updated', 'success') return render_template('user/user_profile.html', form=form)
def put(self, mailbox_id): args = self.parser.parse_args() new_rfid = args.rfid has_mail = args.has_mail session = Session() mailbox = get_or_404(session.query(MailboxModel), mailbox_id) if new_rfid: if not new_rfid in [key.rfid for key in mailbox.keys]: key = MailboxKey() key.mailbox = mailbox key.rfid = new_rfid if has_mail != None: mailbox.has_mail = has_mail session.commit() return mailbox
def recover_account(recovery_token): username = get_username_from_recovery_token(app, recovery_token) if not username: flash('Invalid recovery token.', 'danger') return redirect(url_for('login')) if request.method == 'POST': form = SelectPasswordForm(request.form) else: form = SelectPasswordForm() if form.validate_on_submit(): session = Session() user = session.query(User).filter(User.username == username).first() user.change_password(form.password.data) flash('Password reset. You may now login.', 'success') return redirect(url_for('login')) return render_template('/user/select_password.html', form=form)
def administrate_mailboxes(): session = Session() if request.method == 'POST': form = AssignMailboxForm(request.form) if form.validate_on_submit(): user = session.query(User).get(form.user.data) mailbox = session.query(Mailbox).get(form.mailbox.data) user.mailbox = mailbox session.commit() flash('Mailbox %d assigned to %s' % (mailbox.id, user.username), 'success') mailboxes = session.query(Mailbox).options(joinedload('user')).all() users = session.query(User).filter(User.is_admin == False).filter( User.mailbox == None).filter(User.needs_activation == False).all() return render_template('admin/mailboxes.html', mailboxes=mailboxes, users=users, form=AssignMailboxForm())
def account_recovery(): if request.method == 'POST': form = AccountRecoveryForm(request.form) else: form = AccountRecoveryForm() if form.validate_on_submit(): session = Session() status = False #There may be multiple accounts associated with this email. for user in session.query(User).filter( User.email == form.email.data).all(): if user.is_active(): status = send_account_recovery_mail(app, user) if status: flash( 'Account recovery instructions has been sent to %s' % user.email, 'success') else: flash('Unable to send confirmation to %s' % user.email, 'danger') return render_template('user/reset_password.html', form=form)
def create_user(): if request.method == 'POST': form = UserForm(request.form) else: form = UserForm() if form.validate_on_submit(): session = Session() user = User(username=form.username.data, password="") user.email = form.email.data user.needs_activation = True session.add(user) if send_user_confirmation_mail(app, user): flash( 'User created. Activation instructions has been sent to %s' % user.email, 'success') session.commit() else: flash('Unable to send confirmation to %s' % user.email, 'danger') return redirect(url_for('administrate_users')) return render_template('admin/create_user.html', form=form)
def view_mailbox(): if current_user.is_admin: abort(401) if current_user.mailbox == None: return render_template('view_mailbox.html') mailbox = current_user.mailbox if request.method == 'POST': form = MailboxLCDTextForm(request.form) else: form = MailboxLCDTextForm(obj=mailbox) if form.validate_on_submit(): session = object_session(mailbox) if not session: session = Session() session.add(mailbox) mailbox.display_text = '%s\n%s' % (form.first_line.data, form.second_line.data) print mailbox.display_text session.commit() flash('LCD updated', 'success') return render_template('view_mailbox.html', mailbox=mailbox, form=form)
def validate_username(self, field): session = Session() if session.query(User).filter(User.username == field.data).count() > 0: raise ValidationError('Username must be unique')
def get_list(self): session = Session() return session.query(MailboxModel).all()
def administrate_users(): session = Session() users = session.query(User).filter(User.is_admin == False) return render_template('admin/users.html', users=users)
def load_user(user_id): session = Session() return session.query(User).get(user_id)
def validate_user(self, field): session = Session() if session.query(Mailbox).filter(User.id == field.data).count() == 0: raise ValidationError('Mailbox id out of range.')
def get_single(self, mailbox_id): session = Session() return get_or_404(session.query(MailboxModel), mailbox_id)
def validate_email(self, field): session = Session() if session.query(User).filter(User.email == field.data).count() == 0: raise ValidationError('Could not find an account with that email.')
def post(self): session = Session() mailbox = MailboxModel() session.add(mailbox) session.commit() return mailbox