def logout(): db = sqlite3_connection() db.execute_sql_cmd("""UPDATE users SET logged_in = 0 WHERE name = ?""", (Session.get_session_by_name("username"), )) db.close_connection() Session.clear_all() return redirect(url_for("home_app.home"))
def change_password(): username = Session.get_session_by_name("username") if request.method == "POST": if username: db = sqlite3_connection() current_password = db.get_one("SELECT password FROM users WHERE name =?", (username, )) if Password.check_password(current_password["password"], request.form["password"]): hashed_password = Password.hash_passwd(request.form["new_password"]) db.execute_sql_cmd("""UPDATE users set password = ? WHERE name = ?""", (hashed_password, username)) Session.clear_all() flash("Your password has been successfully changed. You may now login with the new password") db.close_connection() return redirect(url_for("login_app.login")) flash("The password you entered does not match the current password") db.close_connection() return render_template("password/new_password.html")
def admin(*args, **kwargs): if not Session.get_session_by_name("admin"): return redirect(url_for("home_app.home")) return f(*args, **kwargs)
def login(*args, **kwargs): if Session.get_session_by_name("username") is None: return redirect(url_for("login_app.login")) return f(*args, **kwargs)
def is_user_logged_in(*args, **kwargs): if Session.get_session_by_name("username"): return redirect(url_for("home_app.home")) return f(*args, **kwargs)