def reset_password_data(id): if (session["admin"] or session["userid"] == id) and session["csrf_token"] == request.form["csrf_token"]: users.set_password(request.form["newpassword"], id=id) if session["userid"] == id: return redirect("/view") return redirect("/admin") return "Ei oikeuksia"
def settings(): if request.method == "POST": button = request.form['button'] if button == 'update_pw_button': current = request.form['existing_pass'] if users.check_password(userdb, session['email'], current): pw1 = request.form['new_pass_one'] pw2 = request.form['new_pass_two'] print pw1, pw2 if pw1 == pw2: if users.set_password(userdb, session['uuid'], pw1): msg = gettext("Your password has been updated") else: msg = gettext("Something went wrong when setting your new password. Please try again") else: msg = gettext("Please ensure that your new passwords match") else: msg = gettext("Please enter you current password correctly") flash(msg) elif button == 'update_lang_button': print "lang" msg = gettext("Your default language settings have been updated") flash(msg) return render_template('settings.html')
def forget_pwd(request): # 如果GET请求 if request.method == "GET": return render(request, "users/forgetpassword.html") # 如果是POST请求 if request.method == "POST": # 获得表单提交的数据 data = request.POST form = ForgetPassword(data) # 如果正确 if form.is_valid(): # 获取手机号码 tel = form.cleaned_data.get("tel") # 将更新的密码加密 pwd = set_password(form.cleaned_data.get("password")) # 更新密码 Users.objects.filter(tel=tel).update(password=pwd) # 跳转到登录页面 return redirect(reverse("user:login")) else: context = {"errors": form.errors} # 渲染页面 return render(request, "users/forgetpassword.html", context=context)
def recover(): if request.method == 'POST': uuid = users.get_uuid(userdb, request.form['email']) if uuid is not None: newpass = password.generate() if users.set_password(userdb, session['uuid'], newpass): subject = gettext("SUPERHUB Project :: New Password") content = gettext( "The password for the following email address: {email} was reset. You should now be able to log into the journey diary and record your journeys using the password: {newpass}." ).format(email=request.form['email'], newpass=newpass) mail.send(app.config['email_address'], app.config['email_password'], request.form['email'], subject, content) msg = gettext("An email was sent to {arg}").format( arg=request.form['email']) else: msg = gettext( "We were not able to update the password for this account. Please contact [email protected]" ) else: msg = gettext( "There is no SUPERHUB account associated with the email address:" ) flash(msg) return redirect(url_for('.root')) return render_template('recover.html')
def create_account(): username = request.json['username'] password = request.json['password'] # Do the username-check inside of transaction try: users.set_password(username, password) except users.AlreadyExists: return jsonify(error='already exists'), 403 session['logged_in_as'] = username expiration = datetime.datetime.utcnow() + datetime.timedelta(seconds=300) pomodoro_sessions[username] = { 'expiration': expiration, 'status': 'busy', 'notes': 'Busy playing on the internet', } return jsonify(success=True, new_path=url_for('spy_on_someone', spied_token=username))
def clean_password(self): #验证密码是否存在 password = set_password(self.cleaned_data.get('password')) flag = Users.objects.filter(password=password).exists() #密码存在 if flag: return password #密码不存在 else: raise forms.ValidationError("旧密码错误")
def clean(self): # 验证用户名 username = self.cleaned_data.get('username') # 查询数据库 try: user = Users.objects.get(username=username) except Users.DoesNotExist: raise forms.ValidationError({'username': '******'}) # 验证密码 password = self.cleaned_data.get('password','') if user.password != set_password(password): raise forms.ValidationError({'password': '******'}) # 返回清洗的数据 self.cleaned_data['user'] = user return self.cleaned_data
def post(self, request): # post请求 接受参数 data = request.POST # 表单验证 form = RegisterModelForm(data) # 表单验证成功 if form.is_valid(): # 操作数据库 cleande_data = form.cleaned_data user = Users() user.num = cleande_data.get('num') user.password = set_password(cleande_data.get('password')) user.save() return redirect('users:登录') else: return render(request, 'users/reg.html', context={'form': form})
def clean(self): # 验证用户名 num = self.cleaned_data.get('num') # 查询数据库 try: user = Users.objects.get(num=num) except Users.DoesNotExist: raise forms.ValidationError({'num': '手机号码错误'}) # 验证密码 password = self.cleaned_data.get('password', '') if user.password != set_password(password): raise forms.ValidationError({'password': '******'}) # 返回所有清洗后的数据 self.cleaned_data['user'] = user return self.cleaned_data
def recover(): if request.method == 'POST': uuid = users.get_uuid(userdb, request.form['email']) if uuid is not None: newpass = password.generate() if users.set_password(userdb, session['uuid'], newpass): subject = gettext("SUPERHUB Project :: New Password") content = gettext("The password for the following email address: {email} was reset. You should now be able to log into the journey diary and record your journeys using the password: {newpass}.").format(email=request.form['email'], newpass=newpass) mail.send(app.config['email_address'], app.config['email_password'], request.form['email'], subject, content) msg = gettext("An email was sent to {arg}").format(arg=request.form['email']) else: msg = gettext("We were not able to update the password for this account. Please contact [email protected]") else: msg = gettext("There is no SUPERHUB account associated with the email address:") flash(msg) return redirect(url_for('.root')) return render_template('recover.html')
def post(self, request): # 接收数据 data = request.POST form = ForgetpasswordModelForm(data) # 验证表单成功 if form.is_valid(): cleaned_data = form.cleaned_data # 操作数据库 num = cleaned_data.get('num') password = cleaned_data.get('password') newpassword = cleaned_data.get('newpassword') # 更新到数据库 Users.objects.filter(num=num).update( password=set_password(newpassword)) return redirect('users:登录') else: return render(request, 'users/forgetpassword.html', context={'form': form})
def post(self, request): # 注册 # 接收参数 data = request.POST # 验证是否合法 form = RegisterModelForm(data) if form.is_valid(): # 操作数据库 # 获取清洗数据 cleaned_data = form.cleaned_data # 创建用户 user = Users() user.username = cleaned_data.get('username') user.password = set_password(cleaned_data.get('password')) user.save() # 跳转页面 return redirect('用户:login') else: # 合成响应 return render(request, 'users/reg.html', context={'form': form})