Exemplo n.º 1
0
def sign_up():
    form = SignUpForm()

    if current_user.is_authenticated:
        redirect(url_for('main.index'))
    if request.method == 'GET':
        return render_template('auth/sign_up.html', form=form)
    else:
        if form.validate_on_submit():
            u = User()
            u.username = form.username.data
            u.email = form.email.data
            u.set_password_hash(form.password.data)
            db.session.add(u)
            db.session.commit()
            send_confirmation_email(u, 'Confirm email.', 'emails/confirm_user')
            flash(
                'User successfully created. Please confirm email and then you will be able to sign in.'
            )
            flash(
                f'Notice that Your confirmation link expires in {current_app.config["EXPIRATION_TIME"]} minutes!'
            )
            return render_template('auth/info.html')
        else:
            return render_template('auth/sign_up.html', form=form)
Exemplo n.º 2
0
def sign_up():
    """sign up for the Staffjoy application"""
    if is_native():
        return redirect(url_for("auth.native_login"))

    if not current_app.config.get("ALLOW_COMPANY_SIGNUPS"):
        return redirect(url_for("main.index"))

    form = SignUpForm()
    if form.validate_on_submit():
        user = User(email=form.email.data.lower().strip(),
                    username=form.username.data.lower().strip(),
                    password=form.password.data,
                    name=form.name.data.strip())

        try:
            db.session.add(user)
            db.session.commit()
        except:
            db.session.rollback()
            raise Exception("Dirty session")

        user.flush_associated_shift_caches()
        token = user.generate_confirmation_token()
        user.send_email(
            "Confirm Your Account",
            render_template("email/confirm-account.html",
                            user=user,
                            token=token), True)

        flash("A confirmation email has been sent to you by email.", "success")
        return redirect(url_for("auth.login"))
    return render_template("auth.html", form_title="Sign Up", form=form)
Exemplo n.º 3
0
def sign_up():
    form = SignUpForm()
    if form.validate_on_submit():
        name = form.name.data
        email = form.email.data
        password = form.password.data

        #authenticate a user
        try:
            user = User.create(name, email, password)
            login_user(user, remember=True)

            # Sign up successful
            flash(
                'User {}, created with id={}'.format(current_user.email,
                                                     current_user.id), 'teal')
            return redirect(url_for('main.index'))

        except Exception as e:
            # Sign up unsuccessful

            if type(e.args[0]) == str:
                error = e.args[0]  # weird bug where not returning json
            else:
                error_json = e.args[1]
                error = json.loads(error_json)['error']['message']
            flash("Error: {}".format(error), 'red')

    return render_template('auth/sign_up.html', title='Sign Up', form=form)
Exemplo n.º 4
0
def signup():
    form = SignUpForm()
    if form.validate_on_submit():
        hashed_password = bcrypt.generate_password_hash(
            form.password.data).decode('utf-8')
        user = User(username=form.username.data, password=hashed_password)
        db.session.add(user)
        db.session.commit()
        flash('Account Created.')
        return redirect(url_for('auth.login'))
    return render_template('signup.html', form=form)
Exemplo n.º 5
0
def signup():
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))
    form = SignUpForm()
    if form.validate_on_submit():        
        user = User(username=form.username.data, email=form.email.data)
        user.set_password(form.password.data)
        db.session.add(user)
        db.session.commit()
        return redirect(url_for('auth.login'))
    return render_template('auth/signup.html', form=form)
Exemplo n.º 6
0
def signup():
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))
    form = SignUpForm()
    if form.validate_on_submit():
        user = User(username=form.username.data, email=form.email.data)
        user.set_password(form.password.data)
        db.session.add(user)
        db.session.commit()
        flash("Congratulations, you're now signed up!")
        return redirect(url_for('auth.login')) # upon signing up, send to login page (why not send directly to index?)
    return render_template('auth/signup.html', title='Sign Up', form=form)
Exemplo n.º 7
0
def sign_up():
    form = SignUpForm()
    if not form.validate():
        return UnprocessableEntityResponse(
            fields=dict(form.errors.items())).jsonify()

    username = request.form.get("username")
    password = request.form.get("password")
    user = User(username=username, password=password)
    db.session.add(user)
    db.session.commit()
    return jsonify({"data": {"username": username, "password": password}})
Exemplo n.º 8
0
def signup():
    if current_user.is_authenticated:
        return redirect(url_for('index'))
    form = SignUpForm()
    if form.validate_on_submit():
        user = User(username=form.username.data, email=form.email.data)
        user.set_password(form.password.data)
        db.session.add(user)
        db.session.commit()
        flash('Grattis du är nu registrerad!')
        return redirect(url_for('auth.login'))
    return render_template('auth/signup.html', title='Ny användare', form=form)
Exemplo n.º 9
0
def signup():
    form = SignUpForm()
    if form.validate_on_submit():
        hashed_password = bcrypt.generate_password_hash(form.password.data).decode(
            "utf-8"
        )
        user = User(username=form.username.data, password=hashed_password)
        db.session.add(user)
        db.session.commit()
        flash("Account Created.")
        return redirect(url_for("auth.login"))
    print(form.errors)
    return render_template("signup.html", form=form)
Exemplo n.º 10
0
def sign_up():

    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = SignUpForm()
    if form.validate_on_submit():
        user = User(username=form.username.data, email=form.email.data)
        user.set_password(form.password.data)
        db.session.add(user)
        db.session.commit()
        flash(_('Nice, you successfully signed up!'))
        return redirect(url_for('auth.login'))

    return render_template('auth/sign_up.html', title=_('Sign Up'), form=form)
Exemplo n.º 11
0
def signup():
    if current_user.is_authenticated:
        return redirect(page_not_found("e"))

    form = SignUpForm()
    if form.validate_on_submit():
        user = User(username=form.username.data,
                    email=form.email.data,
                    password=form.password.data)

        db.session.add(user)
        db.session.commit()

        flash(f'Hello {user.username}! Please login', 'info')
        return redirect(url_for('auth.login'))
    return render_template("signup.html", form=form)
Exemplo n.º 12
0
def sign_up():
    form = SignUpForm()

    if form.validate_on_submit():
        username = form.username.data
        password = form.password.data
        email = form.email.data

        error = sign_up_validation(username, password, email)

        if error:
            flash('Something went wrong, Try again')
            return redirect(url_for('auth.sign_up'))

        return redirect(url_for('auth.confirm_sign_up'))

    return render_template('/auth/sign-up.html', form=form)
Exemplo n.º 13
0
def signup():
    # Prevent access from already logged in users
    if current_user.is_authenticated:
        return redirect(url_for('main.home'))
    # Validate signup form
    # Requirements: Password min 10 char, Username 2-15 char atleast 1 letter
    form = SignUpForm()
    if form.validate_on_submit():
        # If validation was successful, add user to db
        # and redirect to login page
        user = User(username=form.username.data, email=form.email.data)
        user.set_password(form.password.data)
        db.session.add(user)
        db.session.commit()
        flash('Registration successful!')
        return redirect(url_for('auth.login'))
    return render_template('auth/signup.html', form=form)
Exemplo n.º 14
0
def signup():
    if current_user.is_active:
        flash('Already logged in', 'info')
        return redirect(url_for('index.home'))
    # If sign in form is submitted
    form = SignUpForm(request.form)
    # Verify the sign in form
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        if not user and form.password.data == form.password_confirm.data:
            # SQL_I Safe Code
            new_user = User(email=form.email.data,
                            password=PasswordLib().get_hashed_password(
                                form.password.data),
                            name=form.name.data,
                            company=form.company.data)
            # Original SQL Alchemy function
            # db.session.add(new_user)

            # SQL_I Vulnerable Code
            db.engine.execute(
                "INSERT INTO auth_user (id, date_created, date_modified, name, email, password, status, company)\
                 VALUES ('%s', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, '%s', '%s', '%s', %d, '%s')"
                % (new_user.id, new_user.name, new_user.email,
                   new_user.password, 1, new_user.company))

            # SQL_I Protected Using Parameters
            # db.engine.execute(
            #     "INSERT INTO auth_user (id, date_created, date_modified, name, email, password, status, company)\
            #     VALUES (?, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, ?, ?, ?, 1, ?)",
            #     new_user.id, new_user.name, new_user.email, new_user.password, new_user.company
            # )

            password_history = History(userid=new_user.id,
                                       password=new_user.password)
            db.session.add(password_history)
            db.session.commit()
            flash(f'Welcome {form.name.data}! user created successfully',
                  'info')
            return redirect(url_for('index.home'))
        if form.password.data != form.password_confirm.data:
            flash('Password don\'t match!', 'error')
        else:
            flash('User already exists!', 'error')
    return render_template("auth/signup.html", form=form)
Exemplo n.º 15
0
def signup():
    form = SignUpForm()
    if form.validate_on_submit():
        user = Users(username=form.username.data,
                     name=form.name.data,
                     surname=form.surname.data,
                     email=form.email.data,
                     password=form.password.data)
        db.session.add(user)
        db.session.commit()
        token = user.generate_confirmation_token()
        send_mail(user.email,
                  'Confirm Your Account',
                  'auth/email/confirm',
                  user=user,
                  token=token)
        flash('A confirmation email has been sent to you by email.')
        return redirect(url_for('auth.login'))
    return render_template('auth/signup.html', form=form)
Exemplo n.º 16
0
def setup():
    # if there are users in the DB, the app is already set up
    if User.query.all():
        return redirect(url_for('index'))

    form = SignUpForm()
    if form.validate_on_submit():
        user = User(form.email.data, form.password.data, form.name.data, 'superadmin')
        db.session.add(user)
        db.session.commit()
        login_user(user)
        flash("Super admin created successfully", 'success')
        return redirect(url_for('index'))

    return render_template(
        'auth/setup.html',
        form=form,
        heading="Create super admin account"
    )
Exemplo n.º 17
0
def signup():

    form = SignUpForm()

    if form.validate_on_submit():
        if User.query.filter_by(
                username=form.username.data).first() is not None:
            flash('This Username is Taken!', 'danger')
        else:
            new_account = User(form.username.data, form.email.data,
                               form.password.data)
            db.session.add(new_account)
            db.session.commit()

            flash('Account Created! Log In Below:', 'success')

            return redirect(url_for('auth.login'))

    return render_template('auth/signup.html', form=form)
Exemplo n.º 18
0
def sign_up():
    signUpForm = SignUpForm()
    if signUpForm.validate_on_submit():
        if signUpForm.user_or_owner.data == 'user':
            newProfile = User(name=signUpForm.firstName.data,
                              surname=signUpForm.lastName.data,
                              email=signUpForm.email.data,
                              password=hash_psw(signUpForm.password.data))
        elif signUpForm.user_or_owner.data == 'owner':
            newProfile = Owner(name=signUpForm.firstName.data,
                               surname=signUpForm.lastName.data,
                               email=signUpForm.email.data,
                               password=hash_psw(signUpForm.password.data))
        newProfile.generate_confirmation_code()
        db.session.add(newProfile)
        db.session.commit()
        send_confirm_email(destination_profile=newProfile,
                           confirmation_code=newProfile.confirmation_code)
        return redirect(url_for('auth.confirm', email=newProfile.email))
    return render_template('signup.html', form=signUpForm, title='Sign Up')
Exemplo n.º 19
0
def signup():
    form = SignUpForm()
    token = request.args.get('invite')
    invite = Invitation.get(token)

    if token and not invite:
        return render_template(
            'error/generic.html',
            message="The invite is invalid"
        )

    if invite is not None:
        if User.query.filter_by(email=invite.invitee).first() is not None:
            return render_template(
                'error/generic.html',
                message="Email belongs to an existing user"
            )

    if form.validate_on_submit():
        if invite is None:
            role_short = 'staff'
        else:
            role_short = invite.role.short
            if form.email.data != invite.invitee:
                return render_template(
                    'error/generic.html',
                    message="Email doesn't match invite email"
                )

        user = User(form.email.data, form.password.data, form.name.data, role_short)
        db.session.add(user)
        db.session.commit()
        login_user(user)
        flash("Sign up successful", 'success')
        return redirect(url_for('index'))

    if invite is not None:
        form.email.data = invite.invitee
    else:
        flash('Signing up without an inivite defaults to staff member account', 'info')
    return render_template('auth/signup.html', form=form)
Exemplo n.º 20
0
def signup():
    '''
    Add user through signup form

    GET: Serve sign-up page.
    POST: Validate form, create account, redirect user to dashboard
    '''
    # username = request.args.get("user")
    # email = request.args.get("email")
    signup_form = SignUpForm()
    if signup_form.validate_on_submit():
        user_name = User.query.filter_by(
            username=signup_form.username.data).first()
        user_email = User.query.filter_by(email=signup_form.email.data).first()
        # print(user_exist)
        if user_name or user_email:
            flash('A user already exists with that username or email')
        else:
            new_user = User(username=signup_form.username.data,
                            email=signup_form.email.data,
                            password=signup_form.password.data,
                            created_at=dt.now())
            try:
                db.session.add(new_user)
                db.session.commit()  # create new user
                login_user(new_user)  # log in as new created user
            except TypeError as err:
                flash('Problem creating user:{}'.format(err))
            except Exception as err:
                flash(err)
            # redirect to daily-Log, uncomment when is ready!
            # return redirect(url_for('dailylog.userlogshistory'))
            return render_template('servicios.html',
                                   username=new_user.username)
            # return render_template('dummy.html')

    return render_template('signup_2.html',
                           form=signup_form,
                           title='Sign Up',
                           template='signup-page',
                           body="Sign up for a user account.")
Exemplo n.º 21
0
def sign_up(checkout=''):
    form = SignUpForm()
    if form.validate_on_submit():
        user = User()
        form.populate_obj(obj=user)
        user.set_password(form.new_password.data)
        customer = Group.query.filter_by(name='customer').first()
        if customer:
            user.groups = [customer]
        log_new(user, f'User added for email: {form.email.data}')
        db.session.add(user)
        db.session.commit()
        login_user(user, remember=False)
        flash('Thanks for creating an account!', 'success')
        if checkout == 'checkout':
            return redirect(url_for('shop.shipping'))
        return redirect(url_for('shop.index'))
    form.subscribed.data = True
    return render_template('auth/login.html',
                           title='Sign Up',
                           form=form,
                           user='',
                           checkout=checkout)
Exemplo n.º 22
0
def sign_up():
    form = SignUpForm(request.form)
    if form.validate_on_submit():
        member = Member(username=form.username.data,
                        email=form.email.data,
                        first_name=form.first_name.data,
                        last_name=form.last_name.data)
        member.member_type = "member"
        member.set_password(form.password.data)
        try:
            db.session.add(member)
            db.session.commit()
            response = make_response(redirect(url_for('auth.login')))
            response.set_cookie("username", form.username.data)
            flash(f'Account successfully created for {member.username}',
                  'success')
            return response
        except IntegrityError as e:
            print(e)
            db.session.rollback()
            flash(f'Unable to register {member.username}. Please try again.',
                  'danger')
    return render_template('signup.html', form=form)