def check_auth(email, password):
"""
Checks the user's email and password against the user db
"""
if users.check_password(userdb, email, password):
return True
return False
def settings():
if request.method == "POST":
button = request.form['button']
if button == 'update_pw_button':
current = request.form['existing_pass']
if users.check_password(userdb, session['email'], current):
pw1 = request.form['new_pass_one']
pw2 = request.form['new_pass_two']
print pw1, pw2
if pw1 == pw2:
if users.set_password(userdb, session['uuid'], pw1):
msg = gettext("Your password has been updated")
else:
msg = gettext("Something went wrong when setting your new password. Please try again")
else:
msg = gettext("Please ensure that your new passwords match")
else:
msg = gettext("Please enter you current password correctly")
flash(msg)
elif button == 'update_lang_button':
print "lang"
msg = gettext("Your default language settings have been updated")
flash(msg)
return render_template('settings.html')
def settings():
if request.method == "POST":
button = request.form['button']
if button == 'update_pw_button':
current = request.form['existing_pass']
if users.check_password(userdb, session['email'], current):
pw1 = request.form['new_pass_one']
pw2 = request.form['new_pass_two']
print pw1, pw2
if pw1 == pw2:
if users.set_password(userdb, session['uuid'], pw1):
msg = gettext("Your password has been updated")
else:
msg = gettext("Something went wrong when setting your new password. Please try again")
else:
msg = gettext("Please ensure that your new passwords match")
else:
msg = gettext("Please enter you current password correctly")
flash(msg)
elif button == 'update_lang_button':
print "lang"
msg = gettext("Your default language settings have been updated")
flash(msg)
return render_template('settings.html')
def check_auth(email, password):
"""
Checks the user's email and password against the user db
"""
if users.check_password(userdb, email, password):
return True
return False
def change_group_password():
users.check_csrf()
users.require_role(1)
if not users.check_password(session["user_id"], request.form["own_password"]):
return render_template("error.html", message="Oma salasanasi oli virheellinen, tarkista salasana")
if subfunctions.check_password(request.form["new_password1"], request.form["new_password2"]) != "ok":
return render_template("error.html", message=subfunctions.check_password(request.form["new_password1"], request.form["new_password2"]))
if group.change_group_password(request.form["new_password1"], request.form["own_password"], session["user_id"]):
return redirect("/settings")
return render_template("error.html", message="Uuden salasanan rekisteröinti ei onnistunut")
def login():
if request.method == "POST":
usrn = request.form["username"]
pw = request.form["password"]
if (usrn == '') or (pw == ''):
flash('I think you forget something')
return redirect(url_for('login'))
else:
if users.check_password(usrn, pw):
session["username"] = usrn
return redirect(url_for("main"))
flash("Invalid username or password!", "error")
return redirect(url_for("login"))
return render_template("login.html")
def login_data():
user = users.get_userdata(username=request.form["username"])
if user == None:
return render_template("login.html",
message="VIRHE: tunnusta ei ole olemassa")
if users.check_password(user[2], request.form["password"]):
session["userid"] = int(user[0])
session["username"] = user[1]
session["csrf_token"] = urandom(16).hex()
session["admin"] = user[3]
session["filters"] = None
session["filtersOthers"] = None
return redirect("/view")
return render_template("login.html", message="VIRHE: salasana on väärin")
def acc(db):
"""validates password"""
info = {'title': 'Account', 'bannerMessage': ''}
info1 = {'title': 'Account', 'bannerMessage': 'Wrong Password'}
password = request.forms.get("password")
usern = users.session_user(db)
result = users.check_password(db, usern,
database.password_hash(db, password, usern))
if (result):
return {'result': str(True)}
# return template('account', info, authenticated=users.session_user(db), validated=True, invalidPword=False)
else:
return {'result': str(False)}
def leave_campaign(id):
campaign_list = campaigns.get_campaigns()
user_id = session.get("user_id", 0)
if not campaigns.has_access(id, user_id):
return render_template(
"error.html",
error="You don't have access to this campaign",
campaigns=campaign_list
)
if session.get("role", 0) == 2:
return redirect("/campaign/" + str(id) + "/delete")
this_campaign = campaigns.get_campaign_info(id)
players = campaigns.get_campaign_players(id)
if request.method == "GET":
return render_template(
"leave.html",
campaign=this_campaign,
players=players,
campaigns=campaign_list)
if request.method == "POST":
username = session.get("username")
password = request.form["password"]
if users.check_password(username, password):
if campaigns.remove_user_from_campaign(id, user_id):
return redirect("/")
else:
return render_template(
"error.html",
error="Could not remove player from campaign",
campaigns=campaign_list
)
else:
return render_template(
"leave.html",
campaign=this_campaign,
players=players,
error="Password was incorrect",
campaigns=campaign_list)
def change_password():
users.check_csrf()
users.require_role(2)
user_id = session["user_id"]
changing_password = [
request.form["old_password"], request.form["new_password1"],
request.form["new_password2"]
]
if not users.check_password(user_id, changing_password[0]):
return render_template(
"error.html",
message=
"Vanha salasana meni väärin tai oli tyhjä, tarkista salasana")
if subfunctions.check_password(changing_password[1],
changing_password[2]) != "ok":
return render_template("error.html",
message=subfunctions.check_password(
changing_password[1], changing_password[2]))
if not users.change_password(user_id, changing_password[1]):
return render_template(
"error.html",
message="Uuden salasanan rekisteröinti ei onnistunut")
return redirect("/settings")
def _authenticate(self, password: str) -> bool:
input = getpass("Please enter your password: ")
return check_password(input, password)