def get_email_verify(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/homepage")
return render_template("auth_email_verify.html")
def post_token(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/auth/login")
from utils.format_checker import nyu_email_check
email = request.form.get("email")
print("email_received:", email)
if not nyu_email_check(email):
logbook.info("[GET EMAIL TOKEN] Wrong email format")
return {"status": False, "message": "Email is of wrong format. Please provide NYU email"}
query = User.select().where(User.email == email)
if request.form.get("reset_password") == "true" and not(query.exists()):
return {"status": False, "message": "This email has not been registered yet. Please register first"}
if request.form.get("reset_password") != "true" and query.exists():
return {"status": False, "message": "This email has been registered"}
token = TokenGenerator.generate()
session["token"] = token
session["email"] = email
session.expire(600)
email_helper = EmailHelper(receiver_email=email)
email_helper.send_token(token)
return {"status": True, "message": "A token has been sent to your mail box"}
def get_reset_password_email_verify(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("email_verified") == "true":
return redirect("/auth/reset_password")
return render_template("reset_password_email_verify.html")
def get_register(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/homepage")
if session.get("email_verified") != "true":
return redirect("/auth/email_verify")
return render_template("auth_register.html")
def post_email_verify(self):
session = Session()
if session.get("login"):
session.extend()
return redirect("/homepage")
token = request.form.get("token")
stored_token = session.get("token")
if stored_token is not None and stored_token == token:
session["email_verified"] = "true"
session.expire(900)
return {"status": True, "message": "Email verify succeeds"}
else:
return {"status": False, "message": "Wrong token"}
def post_reset_password_email_verify(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("reset_password_email_verified") == "true":
return redirect("/auth/reset_password")
token = request.form.get("token")
stored_token = session.get("token")
if stored_token is not None and stored_token == token:
session["reset_password_email_verified"] = "true"
session.expire(900)
return redirect("/auth/reset_password")
else:
return {"status": False, "message": "Wrong token"}
def get_reset_password(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("reset_password_email_verified") != "true":
return redirect("/auth/reset_password_email_verify")
email = session.get("email")
password = request.form.get("password")
from utils.format_checker import (
password_checker
)
password_check = password_checker(password)
if not password_check:
return {"status": False, "message": "Bad password format"}
hashed_pwd = MD5Helper.hash(password)
User.update(password=hashed_pwd).where(User.email == email).execute()
def post_register(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("email_verified") != "true":
return redirect("/auth/email_verify")
username = request.form.get("username")
password = request.form.get("password")
email = session.get("email")
from utils.format_checker import (
password_checker,
username_checker
)
username_check = username_checker(username)
password_check = password_checker(password)
if not username_check["status"]:
return {"status": False, "message": username_check["error"]}
if not password_check:
return {"status": False, "message": "Bad password format"}
from utils.MD5_helper import MD5Helper
user_id = User.insert(
email=email,
password=MD5Helper.hash(password)
).execute()
Profile.insert(
username=username,
user=user_id
).execute()
print(f"[REGISTER] Register Success. username: {username}, email: {email}")
session["logged_in"] = "true"
session.extend()
return redirect("/auth/login")
def post_login(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/homepage")
email = request.form.get("email")
input_password = request.form.get("password")
query = User.select().where(User.email == email)
if query.exists():
stored_password_hash = [ _ for _ in query][0].password
if MD5Helper.evaluate(input_password, stored_password_hash):
session["logged_in"] = "true"
session["email"] = email
session.extend()
logbook.info(f"[LOGIN] Login Succeed: [user_email: {email}]")
print(f"[LOGIN] Login Succeed: [user_email: {email}]")
return redirect("/homepage")
else:
logbook.info("[LOGIN] Login Failed: wrong password.")
return {"status": False, "message": "wrong password"}
else:
logbook.info("[LOGIN] Login Failed: user not found.")
return {"status": False, "message": "Email not found"}
def inner(*args, **kwargs):
session = Session()
if session.get("logged_in") != "true":
return redirect("/auth/login")
session.extend()
return func(*args, **kwargs)
