def changepassword(): form = PasswordChangeForm() if request.method == 'GET': return render_template('changepassword.html', form=form, name=current_user.email) else: if form.validate_on_submit(): if current_user.validate_password(form.currentpassword.data): local_object = db.session.merge(current_user) local_object.password = current_user.update_password( form.newpassword.data) db.session.add(local_object) db.session.commit() Mail_Service.send_email(current_user.email, "Password Changed", current_user, request.remote_addr) flash("Password Sucessfully Changed") else: flash("Incorrect Current Password") return render_template('changepassword.html', form=form, name=current_user.email) else: flash("Error with form") return render_template('changepassword.html', form=form, name=current_user.email) return redirect(url_for('account'))
def passwordChange(): form = PasswordChangeForm() if form.validate_on_submit(): old_pass = form.old_password.data new_pass = form.new_password.data conf_pass = form.new_password_confirm.data # Password change if new_pass == conf_pass and check_password_hash(current_user.password, old_pass): user = current_user user.password = generate_password_hash(new_pass) db.session.add(user) db.session.commit() flash(gettext('User password successfully changed.')) else: if new_pass != conf_pass: flash(gettext('New password must match confirmation!')) elif not check_password_hash(current_user.password, old_pass): flash(gettext('Current password is incorrect!')) return redirect(url_for('passwordChange')) return redirect(url_for('user')) return render_template('/settings/passwordchange.html', title=gettext("Password Change"), form=form)
def settings(): pw_form = PasswordChangeForm() set_form = SettingsForm() if 'pw_change' in request.form and pw_form.validate_on_submit(): try: g.user.set_password(pw_form.new_password.data) db.session.commit() flash(u'Passwort wurde geändert.') except: flash(u'Passwort konnte nicht geändert werden.') if 'settings_change' in request.form and set_form.validate_on_submit(): g.user.name = set_form.name.data db.session.commit() flash(u'Einstellungen wurde geändert.') return render_template('user/settings.html', pw_form=pw_form, set_form=set_form)
def changepassword(secretstring): form = PasswordChangeForm() if form.validate_on_submit(): if form.password.data: s = URLSafeSerializer('12fe454t') uname, uemail = s.loads(secretstring) user = Users.query.filter_by(username=uname).first() db.session.add(user) user.pwdhash = bcrypt.generate_password_hash(form.password.data) db.session.commit() flash('succsessful password reset') return redirect(url_for('login')) else: flash('Try again') return redirect(url_for('resetpassword')) return render_template('general/change_password.html', form=form)
def edit_user_password(user_id_number): # This form allows the administrator to change a user's password. error = None # Grabs user information from database based on user_id_number and assigns it to user user = User.query.get(user_id_number) form = PasswordChangeForm() if form.validate_on_submit() and request.method == 'POST': # Calls method to allow password to be changed based on form input. user.set_password(form.password.data) db.session.add(user) db.session.commit() flash("Password has been updated.") return render_template('edit_user_password.html', form=form, user=user)
def change_password(secretstring): form = PasswordChangeForm() if form.validate_on_submit(): if form.password.data: s = URLSafeSerializer('serliaizer_code') uname, uemail = s.loads(secretstring) user = Users.query.filter_by(username=uname).first() db.session.add(user) user.pwdhash = bcrypt.generate_password_hash(form.password.data) db.session.commit() flash(u'succsessful password reset') return redirect(url_for('login')) else: flash('Try again!') return redirect(url_for('reset_password')) return render_template('change_password.html', form=form)
def change_password(secretstring): form = PasswordChangeForm() if form.validate_on_submit(): if form.password.data: s = URLSafeSerializer("serliaizer_code") uname, uemail = s.loads(secretstring) user = Users.query.filter_by(username=uname).first() db.session.add(user) user.pwdhash = bcrypt.generate_password_hash(form.password.data) db.session.commit() flash(u"succsessful password reset") return redirect(url_for("login")) else: flash("Try again!") return redirect(url_for("reset_password")) return render_template("change_password.html", form=form)
def changepasswd(): session_id = request.cookies.get(SESSION_ID) if session_id is None: return redirect(url_for('logout')) if not session_db.exists(session_id): return redirect(url_for('logout')) form = PasswordChangeForm() hidden = request.cookies.get('login') if hidden is None: return render_template('problem.html') form.hidden = hidden if form.validate_on_submit(): ssid = request.cookies.get(SESSION_ID) user = session_db.get(ssid) user_data = dbc.getUserByLogin(user) user_id = user_data[0] dbc.updatePassword(user_id, hash_password(form.newpassword.data)) return render_template('changegood.html') return render_template('changepasswd.html', form=form)
def password_change(): form = PasswordChangeForm() if form.validate_on_submit(): user_id = current_user.get_id() user = User.query.get(user_id) if user and not bcrypt.check_password_hash(user.Password, form.old_password.data): flash('Old password is incorrect.', 'danger') else: hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user.Password = hashed_password db.session.add(user) db.session.commit() flash('Your password has been changed.', 'success') return render_template('password-change.html', title='Change Password', form=form)
def password_reset(): from datetime import datetime form = PasswordChangeForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: reset_timer = user.reset_timer current_time = datetime.now() reset_check = (current_time.day + 100) - reset_timer print "*" * 30 print "Reset Check: ", reset_check print "*" * 30 if (reset_check <= 3): user.set_password(form.password.data) user.reset_key = "" user.reset_timer = "" db.session.commit() return redirect(url_for('login')) return render_template('password_reset.html', form=form)
def account(): # Get basic database and forms ready to return bsdb = get_bsdb() acct = AccountSettings(session['user_num']) account_settings_change_form = AccountSettingsChangeForm() password_change_form = PasswordChangeForm() account_settings = bsdb.get_account_settings(session["user_num"]) show_account_modal = False show_password_modal = False # Check against requests to change account settings if (req.method == 'POST' and account_settings_change_form.submit_account_change.data): show_account_modal = True app.logger.info(f"request received to change user settings for " + f"user {session['user_num']}") # Check to make sure form was valid, return form if it was not if not account_settings_change_form.validate_on_submit(): app.logger.warning(f"Settings change form failed validation") flash("Your information wouldn't work. Try again?", "warning") return render_template( 'user/user-home.html', account_settings=account_settings, account_settings_change_form=account_settings_change_form, password_change_form=password_change_form, show_account_modal=show_account_modal, show_password_modal=show_password_modal ) # Check that the username isn't changing or is available if acct.is_username_valid(session['user_num'], account_settings_change_form.username.data): app.logger.info("username is valid") try: acct.set_account_information( session['user_num'], account_settings_change_form) flash("Account information updated.", "success") app.logger.info("returning new account info:") account_settings = bsdb.get_account_settings( session["user_num"]) show_account_modal = False account_settings = bsdb.get_account_settings( session["user_num"]) except Exception: flash("Error updating your information. Try again?", "warning") else: flash("Username is already taken", "warning") # Check against request to change password elif req.method == 'POST' and password_change_form.submit.data: show_password_modal = True app.logger.info(f"request received to change password for " + f"user {session['user_num']}") if not password_change_form.validate_on_submit(): app.logger.warning(f"Password change form failed verification") flash("Your infromation wouldn't work. Try again?", "warning") return render_template( 'user/user-home.html', account_settings=account_settings, account_settings_change_form=account_settings_change_form, password_change_form=password_change_form, show_account_modal=show_account_modal, show_password_modal=show_password_modal ) try: correct_password = acct.is_password_correct(session["user_num"], password_change_form) if not correct_password: flash("Original password was not correct. Please try again.", "warning") else: app.logger.info("Original password was entered correctly.") try: acct.set_password(session["user_num"], password_change_form) app.logger.info("New Password set") flash("New Password Sucessfully Set.", "success") show_password_modal = False except Exception: app.logger.error("Error setting new password") flash("Error setting new password. Try again?", "warning") except Exception: flash("Error determining if the original password is correct. Try again?", "warning") app.logger.error("Error checking original password.") # We got here either by being GET or succeeding making changes. # Refill account_setting and account_settings_change_form account_settings_change_form = acct.fill_account_settings_change_form() account_settings = bsdb.get_account_settings(session["user_num"]) return render_template( 'user/user-home.html', account_settings=account_settings, account_settings_change_form=account_settings_change_form, password_change_form=password_change_form, show_account_modal=show_account_modal, show_password_modal=show_password_modal )