def register():
if request.method == 'POST':
username = request.form['username']
if not User.query.filter_by(username=username).first():
password = request.form['password']
if password == request.form['confirm_password']:
if is_valid_password(password):
user_dict = {}
for k in request.form:
if k not in ('confirm_password', ):
user_dict[k] = request.form[k]
user = User(**user_dict)
db.session.add(user)
db.session.commit()
# create default welcome message
sender = User.query.get(1)
receiver = user
subject = 'Welcome to PwnedHub!'
content = "We're glad you've chosen PwnedHub to help you take your next step in becoming a more efficient security consultant. We're here to help. If you have any questions or concerns, please don't hesitate to reach out to this account for assistance. Together, we can make seurity testing great again!"
mail = Mail(content=content,
subject=subject,
sender=sender,
receiver=receiver)
db.session.add(mail)
db.session.commit()
flash('Account created. Please log in.')
return redirect(url_for('ph_bp.login'))
else:
flash('Password does not meet complexity requirements.')
else:
flash('Passwords do not match.')
else:
flash('Username already exists.')
return render_template('register.html', questions=QUESTIONS)
def profile_change():
user = g.user
if set(['password', 'question', 'answer']).issubset(request.values):
password = request.values['password']
if is_valid_password(password):
question = request.values['question']
answer = request.values['answer']
user.password = password
user.question = question
user.answer = answer
db.session.add(user)
db.session.commit()
flash('Account information successfully changed.')
else:
flash('Password does not meet complexity requirements.')
return redirect(url_for('profile'))
def profile_change():
user = g.user
if set(['password', 'question', 'answer']).issubset(request.values):
password = request.values['password']
if is_valid_password(password):
name = request.values['name']
question = request.values['question']
answer = request.values['answer']
user.name = name
user.password = password
user.question = question
user.answer = answer
db.session.add(user)
db.session.commit()
flash('Account information successfully changed.')
else:
flash('Password does not meet complexity requirements.')
return redirect(url_for('profile'))
def reset_password():
# enforce flow control
if not session.get('reset_id'):
flash('Reset improperly initialized.')
return redirect(url_for('reset_init'))
if request.method == 'POST':
password = request.form['password']
if password == request.form['confirm_password']:
if is_valid_password(password):
user = User.query.get(session.pop('reset_id'))
user.password = password
db.session.add(user)
db.session.commit()
flash('Password reset. Please log in.')
return redirect(url_for('login'))
else:
flash('Invalid password.')
else:
flash('Passwords do not match.')
return render_template('reset_password.html')
def reset_password():
# enforce flow control
if not session.get('reset_id'):
flash('Reset improperly initialized.')
return redirect(url_for('reset_init'))
if request.method == 'POST':
password = request.form['password']
if password == request.form['confirm_password']:
if is_valid_password(password):
user = User.query.get(session.pop('reset_id'))
user.password = password
db.session.add(user)
db.session.commit()
flash('Password reset. Please log in.')
return redirect(url_for('login'))
else:
flash('Invalid password.')
else:
flash('Passwords do not match.')
return render_template('reset_password.html')
def register():
if request.method == 'POST':
username = request.form['username']
if not User.query.filter_by(username=username).first():
password = request.form['password']
if password == request.form['confirm_password']:
if is_valid_password(password):
user_dict = {}
for k in request.form:
if k not in ('confirm_password', ):
user_dict[k] = request.form[k]
user = User(**user_dict)
db.session.add(user)
db.session.commit()
flash('Account created. Please log in.')
return redirect(url_for('login'))
else:
flash('Password does not meet complexity requirements.')
else:
flash('Passwords do not match.')
else:
flash('Username already exists.')
return render_template('register.html', questions=QUESTIONS)
def register():
if request.method == 'POST':
username = request.form['username']
if not User.query.filter_by(username=username).first():
password = request.form['password']
if password == request.form['confirm_password']:
if is_valid_password(password):
user_dict = {}
for k in request.form:
if k not in ('confirm_password',):
user_dict[k] = request.form[k]
user = User(**user_dict)
db.session.add(user)
db.session.commit()
flash('Account created. Please log in.')
return redirect(url_for('login'))
else:
flash('Password does not meet complexity requirements.')
else:
flash('Passwords do not match.')
else:
flash('Username already exists.')
return render_template('register.html', questions=QUESTIONS)