def login():
form = LoginForm()
if form.validate_on_submit():
user = User.objects(email=form.email.data).first()
if user is not None and user.password_hash is not None and user.verify_password(
form.password.data):
login_user(user, form.remember_me.data)
flash(_('You are now logged in. Welcome back!'), 'success')
return redirect(request.args.get('next') or url_for('main.index'))
else:
flash(_('Invalid email or password.'), 'form-error')
return render_template('auth/login.html', form=form)
def registerUser():
if not request.json or not 'name' in request.json or not 'pwd' in request.json:
return jsonify({'err': 'Request not Json or miss name/pwd'})
elif User.objects(name=request.json['name']).first():
return jsonify({'err': 'Name is already existed.'})
else:
user = User(
user_id=User.objects().count() + 1,
name=request.json['name'],
email=request.json['email'] if 'email' in request.json else "",
pwd=request.json['pwd'],
createtime=datetime.now())
try:
user.save()
login_user(user)
except Exception as e:
print(e)
return jsonify({'err': 'Register error.'})
return jsonify({
'status': 0,
'user_id': user['user_id'],
'msg': 'Register success.'
})
def login():
if not request.json or not 'name' in request.json or not 'pwd' in request.json:
return jsonify({'err': 'Request not Json or miss name/pwd'})
else:
user = User.objects(name=request.json['name'],
pwd=request.json['pwd']).first()
if user:
login_user(user)
return jsonify({
'status': 0,
'user_id': user.get_id(),
'msg': 'Login success.'
})
else:
return jsonify({'err': 'Login fail.'})
def reset_password(token):
"""Reset an existing user's password."""
if not current_user.is_anonymous:
return redirect(url_for('main.index'))
form = ResetPasswordForm()
if form.validate_on_submit():
user = User.objects(email=form.email.data).first()
if user is None:
flash('Invalid email address.', 'form-error')
return redirect(url_for('main.index'))
if user.reset_password(token, form.new_password.data):
flash('Your password has been updated.', 'form-success')
return redirect(url_for('account.login'))
else:
flash('The password reset link is invalid or has expired.',
'form-error')
return redirect(url_for('main.index'))
return render_template('account/reset_password.html', form=form)
def setup_general():
"""Runs the set-up needed for both local development and production.
Also sets up first admin user."""
Role.insert_roles()
role_admin = Role.objects(name='Administrator').first()
if role_admin is not None:
if User.objects(email=Config.ADMIN_EMAIL).first() is None:
user = User(user_name='admin',
password_hash=generate_password_hash(
Config.ADMIN_PASSWORD),
role_id=role_admin.pkid,
confirmed=True,
email=Config.ADMIN_EMAIL,
user_info=dict(
first_name='Admin',
last_name='Account',
))
user.save()
print('Added administrator {}'.format(user.to_json()))
def forgot_password_request():
"""Respond to existing user's request to reset their password."""
if not current_user.is_anonymous:
return redirect(url_for('main.index'))
form = RequestResetPasswordForm()
if form.validate_on_submit():
user = User.objects(email=form.email.data).first()
if user:
token = user.generate_password_reset_token()
reset_link = url_for(
'account.reset_password', token=token, _external=True)
get_queue().enqueue(
send_email,
recipient=user.email,
subject=_('Reset Your Password'),
template='account/email/reset_password',
user=user,
reset_link=reset_link,
next=request.args.get('next'))
flash(_('A password reset link has been sent to {}.').format(
form.email.data), 'warning')
return redirect(url_for('auth.login'))
return render_template('account/reset_password.html', form=form)
def validate_email(self, field):
if User.objects(email=field.data).first():
raise ValidationError('Email already registered. (Did you mean to '
'<a href="{}">log in</a> instead?)'.format(
url_for('auth.login')))
def validate_email(self, field):
if User.objects(email=field.data).first():
raise ValidationError('Email already registered.')
