def reset_password(self):
user = None
token = request.query.get("token")
if token:
query = self.auth._query_from_token(token)
user = self.auth.db(query).select().first()
if not user:
raise HTTP(404)
user = self.auth.db.auth_user(self.auth.user_id)
form = Form(
[
Field(
"new_password",
type="password",
requires=self.auth.db.auth_user.password.requires,
),
Field("new_password_again",
type="password",
requires=IS_NOT_EMPTY()),
],
formstyle=self.formstyle,
)
self._process_change_password_form(form, user)
if form.accepted:
self._postprocessing("reset_password", form, user)
return form
def reset_password(self):
form = Form([Field("password", type="password")])
user = None
token = request.query.get("token")
if token:
query = self.auth._query_from_token(token)
user = self.auth.db(query).select().first()
if not user:
raise HTTP(404)
user = self.auth.db.auth_user(self.auth.user_id)
form = Form(
[
Field(
"new_password",
type="password",
requires=self.auth.db.auth_user.password.requires,
),
Field("new_password_again", type="password", requires=IS_NOT_EMPTY()),
]
)
if form.submitted:
new_password = form.post_vars.get("new_password")
if form.post_vars["new_password_again"] != new_password:
form.errors["new_password_again"] = "Passwords do not match"
form.accepted = False
else:
res = self.auth.change_password(
user, new_password, check=True, check_old_password=False
)
form.errors = re.get("errors", {})
form.accepted = not res.get("errors")
self._postprocessng("profile", form, user)
return form
def edit_contact(person_id=None, phone_id=None):
# read person
p = db.person[person_id]
if p is None:
# nothing to edit
redirect(URL('index'))
# contact wasn't the created by the user
if (p.user_email != auth.current_user.get('email')):
redirect(URL('index'))
else:
row = db(db.phone.id == phone_id).select().as_list()
form = Form([Field('number'), Field('kind')],
record=dict(number=row[0].get('number'),
kind=row[0].get('kind')),
deletable=False,
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
db.phone.update_or_insert(((db.phone.id == phone_id)),
number=form.vars.get('number'),
kind=form.vars.get('kind'))
redirect(URL('edit_phones', person_id))
# return variables
person_row = db(db.person.id == person_id).select().as_list()
first_name = person_row[0].get('first_name')
last_name = person_row[0].get('last_name')
return dict(form=form, first_name=first_name, last_name=last_name)
def reset_password(self):
user = None
token = request.query.get("token")
if token:
query = self.auth._query_from_token(token)
user = self.auth.db(query).select().first()
if not user:
raise HTTP(404)
form = Form(
[
Field(
"new_password",
type="password",
requires=self.auth.db.auth_user.password.requires,
label=self.auth.param.messages["labels"].get("new_password"),
),
Field(
"new_password_again",
type="password",
requires=IS_EQUAL_TO(request.forms.get("new_password")),
label=self.auth.param.messages["labels"].get("password_again"),
),
],
formstyle=self.formstyle,
submit_value=self.auth.param.messages["buttons"]["submit"],
)
self._process_change_password_form(form, user, False)
if form.accepted:
self._set_flash("password-changed")
self._postprocessing("reset_password", form, user)
return form
def edit_phone(phone_id=None):
# """Note that in the above declaration, the contact_id argument must match
# the <contact_id> argument of the @action."""
# # We read the contact.
p = db.phone[phone_id]
if p is None:
redirect(URL('index'))
c = db.contact[p.contact_id]
user_email = auth.current_user.get('email')
if c.user_email != user_email:
redirect(URL('index'))
# Only display form if phone exists and contact belongs to logged in user
form = Form([Field('number'), Field('name')],
record=dict(name=p.name, number=p.number),
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
# Create phone and insert into table
db.phone[phone_id] = dict(number=form.vars['number'],
name=form.vars['name'])
db.commit()
redirect(URL('phone_numbers', c.id))
return dict(contact_id=c.id, form=form)
def edit_contact(person_id=None):
# read person
p = db.person[person_id]
if p is None:
# nothing to edit
redirect(URL('index'))
# contact wasn't the created by the user
if (p.user_email != auth.current_user.get('email')):
redirect(URL('index'))
else:
row = db(db.person.id == person_id).select().as_list()
form = Form([
Field('first_name', requires=IS_NOT_EMPTY()),
Field('last_name', requires=IS_NOT_EMPTY())
],
record=dict(first_name=row[0].get('first_name'),
last_name=row[0].get('last_name')),
deletable=False,
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
db.person.update_or_insert(((db.person.id == person_id)),
first_name=form.vars.get('first_name'),
last_name=form.vars.get('last_name'))
redirect(URL('index'))
return dict(form=form)
def change_password(self):
self._check_logged("change_password")
user = self.auth.db.auth_user(self.auth.user_id)
form = Form(
[
Field("old_password", type="password", requires=IS_NOT_EMPTY()),
Field(
"new_password",
type="password",
requires=self.auth.db.auth_user.password.requires,
),
Field("new_password_again", type="password", requires=IS_NOT_EMPTY()),
]
)
if form.submitted:
old_password = form.post_vars.get("new_password")
new_password = form.post_vars.get("new_password")
if form.post_vars["new_password_again"] != new_password:
form.errors["new_password_again"] = "Passwords do not match"
form.accepted = False
else:
res = self.auth.change_password(
user, new_password, old_password, check=True
)
form.errors = re.get("errors", {})
form.accepted = not res.get("errors")
self._postprocessng("profile", form, user)
return form
def signature(self):
"""Returns a list of fields for a table signature"""
now = lambda: datetime.datetime.utcnow()
user = lambda s=self: s.get_user().get("id")
fields = [
Field("created_on", "datetime", default=now, writable=False, readable=True),
Field(
"created_by",
"reference auth_user",
default=user,
writable=False,
readable=True,
),
Field(
"modified_on",
"datetime",
update=now,
default=now,
writable=False,
readable=True,
),
Field(
"modified_by",
"reference auth_user",
default=user,
update=user,
writable=False,
readable=True,
),
Field("is_active", "boolean", default=True, readable=False, writable=False),
]
return fields
def change_password(self):
user = self.auth.db.auth_user(self.auth.user_id)
form = Form(
[
Field(
"old_password",
type="password",
requires=IS_NOT_EMPTY(),
label=self.auth.param.messages["labels"].get("old_password"),
),
Field(
"new_password",
type="password",
requires=self.auth.db.auth_user.password.requires,
label=self.auth.param.messages["labels"].get("new_password"),
),
Field(
"new_password_again",
type="password",
requires=IS_EQUAL_TO(request.forms.get("new_password")),
label=self.auth.param.messages["labels"].get("password_again"),
),
],
formstyle=self.formstyle,
submit_value=self.auth.param.messages["buttons"]["submit"],
)
self._process_change_password_form(form, user, True)
if form.accepted:
self._set_flash("password-changed")
self._postprocessing("change_password", form, user)
return form
def add_phone(contact_id=None):
# Retrieving First/Last name for header
contact = db.contacts[contact_id]
first_name = contact.first_name
last_name = contact.last_name
user_email = auth.current_user.get('email')
# Contact DNE or belongs to different user
if contact is None or contact.user_email != user_email:
redirect(URL('index'))
# Creating form to add phone number
form = Form([Field('phone_number'), (Field('kind'))],
csrf_session=session,
formstyle=FormStyleBulma,
validation=validate_phone)
# Inserting phone number into phone_numbers table
# Redirecting to edit_phones page
if form.accepted:
phone_number = form.vars['phone_number']
kind = form.vars['kind']
db.phone_numbers.insert(phone_number=phone_number,
kind=kind,
contact_id=contact_id)
redirect(URL('edit_phones', contact_id))
return dict(form=form, first_name=first_name, last_name=last_name)
def login(self):
fields = [
Field(
"username",
),
Field(
"login_password",
type="password",
label=self.auth.param.messages["labels"].get("password"),
),
]
if self.auth.use_username:
fields[0].label = self.auth.db.auth_user.username.label
else:
fields[0].label = self.auth.db.auth_user.email.label
fields[1].label = self.auth.db.auth_user.password.label
button_name = self.auth.param.messages["buttons"]["sign-in"]
form = Form(
fields,
submit_value=button_name,
formstyle=self.formstyle,
)
user = None
self.auth.next["login"] = request.query.get("next")
if form.submitted:
user, error = self.auth.login(
form.vars.get("username"), form.vars.get("login_password")
)
form.accepted = not error
form.errors["username"] = error
if user:
self.auth.store_user_in_session(user["id"])
self._postprocessing("login", form, user)
top_buttons = []
for name, plugin in self.auth.plugins.items():
url = "../auth/plugin/" + name + "/login"
if self.auth.next["login"]:
url = url + "?next=" + self.auth.next["login"]
top_buttons.append(A(plugin.label + " Login", _href=url, _role="button"))
if self.auth.allows("register"):
form.param.sidecar.append(
A(self.auth.param.messages["buttons"]["sign-up"],
_href="../auth/register",
_class=self.auth.param.button_classes["sign-up"],
_role="button")
)
if self.auth.allows("request_reset_password"):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["lost-password"],
_href="../auth/request_reset_password",
_class=self.auth.param.button_classes["lost-password"],
_role="button",
)
)
form.structure.insert(0, DIV(DIV(*top_buttons)))
return form
def login(self):
top_buttons = self.login_buttons()
# if we do not allow we only display the plugin login buttons
if not self.auth.param.default_login_enabled:
return DIV(*top_buttons)
fields = [
Field("username", ),
Field(
"login_password",
type="password",
label=self.auth.param.messages["labels"].get("password"),
),
]
if self.auth.use_username:
fields[0].label = self.auth.db.auth_user.username.label
else:
fields[0].label = self.auth.db.auth_user.email.label
fields[1].label = self.auth.db.auth_user.password.label
button_name = self.auth.param.messages["buttons"]["sign-in"]
form = Form(
fields,
submit_value=button_name,
formstyle=self.formstyle,
)
user = None
self.auth.next["login"] = request.query.get("next")
if form.submitted:
user, error = self.auth.login(form.vars.get("username", ""),
form.vars.get("login_password", ""))
form.accepted = not error
form.errors["username"] = error
if user:
self.auth.store_user_in_session(user["id"])
self._postprocessing("login", form, user)
if self.auth.allows("register"):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["sign-up"],
_href="../auth/register",
_class=self.auth.param.button_classes["sign-up"],
_role="button",
))
if self.auth.allows("request_reset_password"):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["lost-password"],
_href="../auth/request_reset_password",
_class=self.auth.param.button_classes["lost-password"],
_role="button",
))
form.structure.insert(0, DIV(DIV(*top_buttons)))
return form
def insertt():
c = []
for i in db(db.company).select():
c.append(i.IAN_FULL_NAME)
form = Form(
[Field('company', requires=IS_IN_SET(c)),
Field('file', 'upload')],
validation=func,
formstyle=FormStyleBulma)
return dict(form=form)
def add_phone_number(contact_id=None):
form = Form([Field('number'), Field('type')],
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
db.phone_number.insert(contact_id=contact_id,
phone_number=form.vars['number'],
type=form.vars['type'])
# We always want POST requests to be redirected as GETs.
redirect(URL('index'))
return dict(form=form)
def add_contact():
form = Form([
Field('first_name', requires=IS_NOT_EMPTY()),
Field('last_name', requires=IS_NOT_EMPTY())
],
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
db.person.insert(first_name=form.vars.get('first_name'),
last_name=form.vars.get('last_name'),
phone_numbers="")
redirect(URL('index'))
return dict(form=form)
def login(self):
form = Form([Field("username"), Field("password", type="password")])
user = None
if form.submitted:
user, error = self.auth.login(
form.vars.get("username"), form.vars.get("password")
)
form.accepted = not error
form.errors["username"] = error
if user:
self.auth.store_user_in_session(user["id"])
self._postprocessng("login", form, user)
return form
def _set_tile(self):
self.tile = Field.Method(
'tile',
lambda row, zoom, classic=True: get_tile(*wkt.loads(row[
self._tablename].geom)["coordinates"],
zoom=zoom,
classic=classic))
def test_form(self):
table = [Field("name")]
form_name = 'testing_form'
f = Form(table,form_name=form_name)
value = f.formkey
post_vars = dict(_formname=form_name, _form_key=value)
self.assertTrue(f._verify_form(post_vars))
def register(self):
self.auth.db.auth_user.password.writable = True
fields = [field for field in self.auth.db.auth_user if field.writable]
for k, field in enumerate(fields):
if field.type == "password":
fields.insert(k + 1, Field("password_again", "password"))
break
form = Form(fields, submit_value="Sign Up", formstyle=self.formstyle)
user = None
if form.submitted:
res = self.auth.register(form.vars)
form.accepted = not res.get("errors")
form.errors = res.get("errors")
if not form.errors:
self.auth.flash.set("User registered succesfully")
self._postprocessing("register", form, user)
form.param.sidecar.append(
A("Sign In", _href="../auth/login", _class="info", _role="button"))
form.param.sidecar.append(
A(
"Lost Password",
_href="../auth/request_reset_password",
_class="info",
_role="button",
))
return form
def search_form():
user = auth.get_user()
form = Form([Field('search_string')], formstyle=FormStyleBulma)
if form.accepted:
print(URL('search', vars=form.vars))
redirect(URL('search', vars=form.vars))
return dict(form=form)
def friends():
# a search form (simply by first name)
form = Form([Field("name", required=True)])
users = []
if form.accepted:
# select users based on the tokens in the search input
query = None
for token in form.vars.get("name").split():
q = db.auth_user.first_name.lower().startswith(
token.lower()) | db.auth_user.last_name.lower().startswith(
token.lower())
query = query & q if query else q
if query:
users = db(query).select()
# make list of requests
alphabetical = db.auth_user.first_name + db.auth_user.last_name
query_received = (db.friend_request.to_user == auth.user_id) & (
db.friend_request.from_user == db.auth_user.id)
requests_received = db(query_received).select(orderby=alphabetical)
# make list of requests sent
query_sent = (db.friend_request.from_user == auth.user_id) & (
db.friend_request.to_user == db.auth_user.id)
requests_sent = db(query_sent).select(orderby=alphabetical)
# return the form, lists, and button factories
return locals()
def hcaptcha_form():
form = Form(
[
Field(
"dummy_form",
"string",
)
]
)
form.structure.append(
XML('<div class="h-captcha" data-sitekey="{}"></div>'.format(HCAPTCHA_SITE_KEY))
)
if form.accepted:
r = hCaptcha(request.forms.get("g-recaptcha-response"))
if r == True:
# do something with form data
form.structure.append(
XML(
'<div style="color:green">Captcha was solved succesfully!</font></div>'
)
)
else:
form.structure.append(
XML('<div class="py4web-validation-error">invalid captcha</div>')
)
return dict(form=form)
def request_reset_password(self):
form = Form(
[
Field(
"email",
label=self.auth.param.messages["labels"].get("username_or_email"),
requires=IS_NOT_EMPTY(),
)
],
submit_value=self.auth.param.messages["buttons"]["request"],
formstyle=self.formstyle,
)
if form.accepted:
email = form.vars.get("email", "")
self.auth.request_reset_password(email, send=True, next="")
self._set_flash("password-reset-link-sent")
self._postprocessing("request_reset_password", form, None)
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["sign-in"],
_href="../auth/login",
_class=self.auth.param.button_classes["sign-in"],
_role="button",
)
)
if self.auth.allows("register"):
form.param.sidecar.append(
A(
self.auth.param.messages["buttons"]["sign-up"],
_href="../auth/register",
_class=self.auth.param.button_classes["sign-up"],
_role="button",
)
)
return form
def add_contact(person_id):
user = auth.current_user.get('email')
person = db.contact[person_id]
if person is None or person.user_email!=user:
redirect(URL('index'))
else:
form = Form([Field('number',requires=IS_NOT_EMPTY()), Field('name')],
deletable=False,
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
# We always want POST requests to be redirected as GETs.
db.phone.insert(
phone_number=form.vars['number'],phone_name=form.vars['name'],person_id=person_id
)
redirect(URL('list_phone',person_id))
return dict(form=form,user=auth.user)
def _set_hashid(self, fieldname, first, *ofields):
setattr(
self, fieldname,
Field.Virtual(
fieldname, lambda row: self._extra['encoder'].encode(
row[self._tablename][first],
*map(lambda ff: row[self._tablename][ff], ofields))))
def test_form(self):
session = Session()
session.initialize()
table = [Field("name")]
form_name = 'testing_form'
f = Form(table, form_name=form_name, csrf_session=session)
value = f.formkey
post_vars = dict(_formname=form_name, _formkey=value)
self.assertTrue(f._verify_form(post_vars))
def edit_phone(person_id=None, phone_id=None):
logged_in_user = auth.current_user.get('email')
person = db.person[person_id]
phone_number = db.phone[phone_id]
if person is None:
redirect(URL('index'))
elif(person.user_email == logged_in_user):
# good part here
form = Form([Field('number'), Field('name')], record=phone_number, deletable=False,
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
db(db.phone.id == phone_id).update(
number=form.vars["number"], name=form.vars["name"]
)
redirect(URL('list_phone', person_id))
return dict(form=form, name=person.first_name + " " + person.last_name, user=auth.user)
else:
redirect(URL('index'))
def add_phone(contact_id=None):
# We read the contact.
c = db.contact[contact_id]
user_email = auth.current_user.get('email')
if c is None or c.user_email != user_email:
# Contact does not exist or wrong user
redirect(URL('index'))
form = Form([Field('number'), Field('name')],
csrf_session=session,
formstyle=FormStyleBulma)
if form.accepted:
# Create phone and insert into table
db.phone.insert(name=form.vars['name'],
number=form.vars['number'],
contact_id=contact_id)
db.commit()
# We always want POST requests to be redirected as GETs.
redirect(URL('phone_numbers', contact_id))
return dict(contact_id=contact_id, form=form)
def mycomponent():
# create a form object
form = Form([Field("your_name")])
# if the form is not submmitted show a welcome flash message
if not request.forms:
flash.set("Welcome")
# if the form is submitted and accepted display another message
elif form.accepted:
flash.set("Welcome " + request.forms["your_name"])
# return the form if it has not already been submitted and accepted
return DIV(form if not form.accepted else "done!").xml()
def edit_phone(contact_id=None, phone_id=None):
# Validation
contact = db.contacts[contact_id]
user_email = auth.current_user.get('email')
# Contact DNE or belongs to different user
if contact is None or contact.user_email != user_email:
redirect(URL('index'))
# Retrieving First/Last name for header
first_name = contact.first_name
last_name = contact.last_name
# Getting the current phone number
phone = db.phone_numbers[phone_id]
phone_number = phone.phone_number
kind = phone.kind
# Create form to display
# Retrieve current phone_number, kind values
form = Form([Field('phone_number'), Field('kind')],
record=dict(phone_number=phone_number, kind=kind),
deletable=False,
csrf_session=session,
formstyle=FormStyleBulma,
validation=validate_phone)
if form.accepted:
# Retriving updated values from form
phone_number = form.vars['phone_number']
kind = form.vars['kind']
# Updating values in phone_number table
phone.update_record(phone_number=phone_number, kind=kind)
redirect(URL('edit_phones', contact_id))
return dict(form=form, first_name=first_name, last_name=last_name)
