def register():
"""Process a registration.
After registration, the user must click a link in an email sent to the
address they registered with to confirm that it is valid.
"""
if flask.request.method != 'POST':
return flask.redirect(flask.url_for('router'))
flashes = []
if models.User.get_by_email(flask.request.form['email']) is not None:
flask.flash(('That email address already has an associated account. '
'Use the links below to verify your email or reset your '
'password.'), 'error')
return flask.redirect(flask.url_for('front.home'))
if ('password' not in flask.request.form
or 'confirm' not in flask.request.form or
flask.request.form['password'] != flask.request.form['confirm']):
flashes.append('Passwords do not match')
if ('forenames' not in flask.request.form
or flask.request.form['forenames'] == ''):
flashes.append('Forenames cannot be blank')
if ('surname' not in flask.request.form
or flask.request.form['surname'] == ''):
flashes.append('Surname cannot be blank')
if ('email' not in flask.request.form
or flask.request.form['email'] == ''):
flashes.append('Email cannot be blank')
if ('password' not in flask.request.form
or flask.request.form['password'] == ''):
flashes.append('Password cannot be blank')
elif len(flask.request.form['password']) < 8:
flashes.append('Password must be at least 8 characters long')
if ('phone' not in flask.request.form
or flask.request.form['phone'] == ''):
flashes.append('Phone cannot be blank')
# if (
# 'college' not in flask.request.form or
# flask.request.form['college'] == '---'
# ):
# flashes.append('Please select a college')
#
# if (
# 'affiliation' not in flask.request.form or
# flask.request.form['affiliation'] == '---'
# ):
# flashes.append('Please select an affiliation')
if APP.config['REQUIRE_USER_PHOTO'] and (
'photo' not in flask.request.files
or flask.request.files['photo'].filename == ''):
flashes.append('Please upload a photo')
if 'accept_terms' not in flask.request.form:
flashes.append('You must accept the Terms and Conditions')
if flashes:
flask.flash(('There were errors in your provided details. Please fix '
'these and try again'), 'error')
for msg in flashes:
flask.flash(msg, 'warning')
return flask.render_template(
'front/home.html',
form=flask.request.form,
colleges=models.College.query.all(),
affiliations=models.Affiliation.query.all())
if APP.config['REQUIRE_USER_PHOTO']:
photo = photos.save_photo(flask.request.files['photo'])
DB.session.add(photo)
DB.session.commit()
else:
photo = None
user = models.User(
flask.request.form['email'],
flask.request.form['password'],
flask.request.form['forenames'],
flask.request.form['surname'],
flask.request.form['phone'],
models.College.query.get_or_404(1), #flask.request.form['college']),
models.Affiliation.query.get_or_404(flask.request.form['affiliation']),
photo)
DB.session.add(user)
DB.session.commit()
APP.log_manager.log_event('Registered', user=user)
#todo: reinstate
APP.email_manager.send_template(
flask.request.form['email'],
'Confirm your Email Address',
'email_confirm.email',
name=user.forenames,
confirmurl=flask.url_for('front.confirm_email',
user_id=user.object_id,
secret_key=user.secret_key,
_external=True),
destroyurl=flask.url_for('front.destroy_account',
user_id=user.object_id,
secret_key=user.secret_key,
_external=True))
flask.flash('Your user account has been registered', 'success')
flask.flash(
('Before you can log in, you must confirm your email address. '
'Please check your email for further instructions. If the message '
'does not arrive, please check your spam/junk mail folder.'), 'info')
affiliation_logic.maybe_verify_affiliation(user)
return flask.redirect(flask.url_for('front.home'))
def update_profile():
"""Allow the user to update their personal details."""
if flask.request.method != 'POST':
return flask.redirect(flask.request.referrer
or flask.url_for('dashboard.profile'))
if not login.current_user.can_update_details():
flask.flash(
flask.Markup(
('You cannot currently change your details. Please contact '
'<a href="{0}">the ticketing officer</a> for assistance.'
).format(APP.config['TICKETS_EMAIL_LINK'])), 'error')
return flask.redirect(flask.request.referrer
or flask.url_for('dashboard.profile'))
flashes = []
if ('forenames' not in flask.request.form
or flask.request.form['forenames'] == ''):
flashes.append('Forename(s) cannot be blank')
if ('surname' not in flask.request.form
or flask.request.form['surname'] == ''):
flashes.append('Surname cannot be blank')
if ('phone' not in flask.request.form
or flask.request.form['phone'] == ''):
flashes.append('Phone cannot be blank')
if ('college' not in flask.request.form
or flask.request.form['college'] == '---'):
flashes.append('Please select a college')
if ('affiliation' not in flask.request.form
or flask.request.form['affiliation'] == '---'):
flashes.append('Please select an affiliation')
if flashes:
flask.flash(('There were errors in your provided details. Please fix '
'these and try again'), 'error')
for msg in flashes:
flask.flash(msg, 'warning')
return flask.redirect(flask.request.referrer
or flask.url_for('dashboard.profile'))
login.current_user.forenames = flask.request.form['forenames']
login.current_user.surname = flask.request.form['surname']
if login.current_user.phone != flask.request.form['phone']:
login.current_user.phone_verified = False
login.current_user.phone = flask.request.form['phone']
affiliation_logic.update_affiliation(
login.current_user,
models.College.query.get_or_404(flask.request.form['college']),
models.Affiliation.query.get_or_404(flask.request.form['affiliation']))
DB.session.commit()
APP.log_manager.log_event('Updated Details', user=login.current_user)
flask.flash('Your details have been updated', 'success')
affiliation_logic.maybe_verify_affiliation(login.current_user)
return flask.redirect(flask.request.referrer
or flask.url_for('dashboard.profile'))
def profile():
"""Allow the user to edit their personal details.
Displays a form and processes it to update the users details.
"""
if flask.request.method == 'POST':
valid = True
flashes = []
if (flask.request.form['email'] != login.current_user.email
and models.User.get_by_email(
flask.request.form['email']) is not None):
flashes.append('That email address is already in use. ')
valid = False
if ('oldpassword' in flask.request.form
and flask.request.form['oldpassword'] != ''):
if not login.current_user.check_password(
flask.request.form['oldpassword']):
flashes.append('Current password is not correct')
valid = False
if ('password' not in flask.request.form
or 'confirm' not in flask.request.form
or flask.request.form['password'] == ''
or (flask.request.form['password'] !=
flask.request.form['confirm'])):
flashes.append('New passwords do not match')
valid = False
if len(flask.request.form['password']) < 8:
flashes.append('Password must be at least 8 characters long')
valid = False
if ('forenames' not in flask.request.form
or flask.request.form['forenames'] == ''):
flashes.append('First Name cannot be blank')
valid = False
if ('surname' not in flask.request.form
or flask.request.form['surname'] == ''):
flashes.append('Surname cannot be blank')
valid = False
if ('email' not in flask.request.form
or flask.request.form['email'] == ''):
flashes.append('Email cannot be blank')
valid = False
if ('phone' not in flask.request.form
or flask.request.form['phone'] == ''):
flashes.append('Phone cannot be blank')
valid = False
if ('college' not in flask.request.form
or flask.request.form['college'] == '---'):
flashes.append('Please select a college')
valid = False
if ('affiliation' not in flask.request.form
or flask.request.form['affiliation'] == '---'):
flashes.append('Please select an affiliation')
valid = False
if not valid:
flask.flash(
('There were errors in your provided details. Please fix '
'these and try again'), 'error')
for msg in flashes:
flask.flash(msg, 'warning')
else:
if flask.request.form['email'] != login.current_user.email:
login.current_user.new_email = flask.request.form['email']
login.current_user.secret_key = util.generate_key(64)
login.current_user.secret_key_expiry = (
datetime.datetime.utcnow() + datetime.timedelta(days=7))
APP.email_manager.send_template(
flask.request.form['email'],
'Confirm your Email Address',
'email_change_confirm.email',
name=login.current_user.forenames,
confirmurl=flask.url_for(
'front.confirm_email',
user_id=login.current_user.object_id,
secret_key=login.current_user.secret_key,
_external=True))
flask.flash(
('You must confirm your new email address to make '
'sure that we can contact you if necessary. Please '
'check your email for further instructions.'), 'info')
if ('oldpassword' in flask.request.form
and flask.request.form['oldpassword'] != ''):
login.current_user.set_password(flask.request.form['password'])
login.current_user.forenames = flask.request.form['forenames']
login.current_user.surname = flask.request.form['surname']
login.current_user.phone = flask.request.form['phone']
affiliation_logic.update_affiliation(
login.current_user,
models.College.get_by_id(flask.request.form['college']),
models.Affiliation.get_by_id(
flask.request.form['affiliation']))
DB.session.commit()
APP.log_manager.log_event('Updated Details', [],
login.current_user)
flask.flash('Your details have been updated', 'success')
affiliation_logic.maybe_verify_affiliation(login.current_user)
return flask.render_template('dashboard/profile.html',
colleges=models.College.query.all(),
affiliations=models.Affiliation.query.all())
def profile():
"""Allow the user to edit their personal details.
Displays a form and processes it to update the users details.
"""
if flask.request.method == 'POST':
valid = True
flashes = []
if (
flask.request.form['email'] != login.current_user.email and
models.User.get_by_email(
flask.request.form['email']
) is not None
):
flashes.append('That email address is already in use. ')
valid = False
if (
'oldpassword' in flask.request.form and
flask.request.form['oldpassword'] != ''
):
if not login.current_user.check_password(
flask.request.form['oldpassword']
):
flashes.append('Current password is not correct')
valid = False
if (
'password' not in flask.request.form or
'confirm' not in flask.request.form or
flask.request.form['password'] == '' or
(
flask.request.form['password'] !=
flask.request.form['confirm']
)
):
flashes.append('New passwords do not match')
valid = False
if len(flask.request.form['password']) < 8:
flashes.append('Password must be at least 8 characters long')
valid = False
if (
'forenames' not in flask.request.form or
flask.request.form['forenames'] == ''
):
flashes.append('First Name cannot be blank')
valid = False
if (
'surname' not in flask.request.form or
flask.request.form['surname'] == ''
):
flashes.append('Surname cannot be blank')
valid = False
if (
'email' not in flask.request.form or
flask.request.form['email'] == ''
):
flashes.append('Email cannot be blank')
valid = False
if (
'phone' not in flask.request.form or
flask.request.form['phone'] == ''
):
flashes.append('Phone cannot be blank')
valid = False
if (
'college' not in flask.request.form or
flask.request.form['college'] == '---'
):
flashes.append('Please select a college')
valid = False
if (
'affiliation' not in flask.request.form or
flask.request.form['affiliation'] == '---'
):
flashes.append('Please select an affiliation')
valid = False
if not valid:
flask.flash(
(
'There were errors in your provided details. Please fix '
'these and try again'
),
'error'
)
for msg in flashes:
flask.flash(msg, 'warning')
else:
if flask.request.form['email'] != login.current_user.email:
login.current_user.new_email = flask.request.form['email']
login.current_user.secret_key = util.generate_key(64)
login.current_user.secret_key_expiry = (
datetime.datetime.utcnow() + datetime.timedelta(days=7))
APP.email_manager.send_template(
flask.request.form['email'],
'Confirm your Email Address',
'email_change_confirm.email',
name=login.current_user.forenames,
confirmurl=flask.url_for(
'front.confirm_email',
user_id=login.current_user.object_id,
secret_key=login.current_user.secret_key,
_external=True
)
)
flask.flash(
(
'You must confirm your new email address to make '
'sure that we can contact you if necessary. Please '
'check your email for further instructions.'
),
'info'
)
if (
'oldpassword' in flask.request.form and
flask.request.form['oldpassword'] != ''
):
login.current_user.set_password(flask.request.form['password'])
login.current_user.forenames = flask.request.form['forenames']
login.current_user.surname = flask.request.form['surname']
login.current_user.phone = flask.request.form['phone']
affiliation_logic.update_affiliation(
login.current_user,
models.College.get_by_id(flask.request.form['college']),
models.Affiliation.get_by_id(flask.request.form['affiliation'])
)
DB.session.commit()
APP.log_manager.log_event(
'Updated Details',
[],
login.current_user
)
flask.flash(
'Your details have been updated',
'success'
)
affiliation_logic.maybe_verify_affiliation(login.current_user)
return flask.render_template(
'dashboard/profile.html',
colleges=models.College.query.all(),
affiliations=models.Affiliation.query.all()
)
def register():
"""Process a registration.
After registration, the user must click a link in an email sent to the
address they registered with to confirm that it is valid.
"""
if flask.request.method != "POST":
return flask.redirect(flask.url_for("router"))
affiliations = models.Affiliation.query.all()
alumni_affiliation_ids = [
str(affiliation.object_id) for affiliation in affiliations
if "Alumnus" in affiliation.name
]
alumni_affiliation_ids_json = json.dumps(alumni_affiliation_ids)
flashes = []
if models.User.get_by_email(flask.request.form["email"]) is not None:
flask.flash(
("That email address already has an associated account. "
"Use the links below to verify your email or reset your "
"password."),
"error",
)
return flask.redirect(flask.url_for("front.home"))
if ("password" not in flask.request.form
or "confirm" not in flask.request.form or
flask.request.form["password"] != flask.request.form["confirm"]):
flashes.append("Passwords do not match")
if "forenames" not in flask.request.form or flask.request.form[
"forenames"] == "":
flashes.append("Forenames cannot be blank")
if "surname" not in flask.request.form or flask.request.form[
"surname"] == "":
flashes.append("Surname cannot be blank")
if "email" not in flask.request.form or flask.request.form["email"] == "":
flashes.append("Email cannot be blank")
if "password" not in flask.request.form or flask.request.form[
"password"] == "":
flashes.append("Password cannot be blank")
elif len(flask.request.form["password"]) < 8:
flashes.append("Password must be at least 8 characters long")
if "phone" not in flask.request.form or flask.request.form["phone"] == "":
flashes.append("Phone cannot be blank")
if "college" not in flask.request.form or flask.request.form[
"college"] == "---":
flashes.append("Please select a college")
if ("affiliation" not in flask.request.form
or flask.request.form["affiliation"] == "---"):
flashes.append("Please select an affiliation")
if flask.request.form["affiliation"] in alumni_affiliation_ids and (
"alumni-number" not in flask.request.form or
not re.match(r"^8-\d{8}$", flask.request.form["alumni-number"])):
flashes.append(
"Please enter a valid alumni number, starting with '8-' and with 8 digits (e.g. 8-12345678)"
)
if APP.config["REQUIRE_USER_PHOTO"] and (
"photo" not in flask.request.files
or flask.request.files["photo"].filename == ""):
flashes.append("Please upload a photo")
if "accept_terms" not in flask.request.form:
flashes.append("You must accept the Terms and Conditions")
if flashes:
flask.flash(
("There were errors in your provided details. Please fix "
"these and try again"),
"error",
)
for msg in flashes:
flask.flash(msg, "warning")
return flask.render_template(
"front/home.html",
form=flask.request.form,
colleges=models.College.query.all(),
affiliations=affiliations,
alumni_affiliation_ids=alumni_affiliation_ids_json,
)
if APP.config["REQUIRE_USER_PHOTO"]:
photo = photos.save_photo(flask.request.files["photo"])
DB.session.add(photo)
DB.session.commit()
else:
photo = None
user = models.User(
flask.request.form["email"],
flask.request.form["password"],
flask.request.form["forenames"],
flask.request.form["surname"],
flask.request.form["phone"],
models.College.get_by_id(flask.request.form["college"]),
models.Affiliation.get_by_id(flask.request.form["affiliation"]),
photo,
)
if flask.request.form["affiliation"] in alumni_affiliation_ids:
user.alumni_number = flask.request.form["alumni-number"]
DB.session.add(user)
DB.session.commit()
APP.log_manager.log_event("Registered", user=user)
APP.email_manager.send_template(
flask.request.form["email"],
"Confirm your Email Address",
"email_confirm.email",
name=user.forenames,
confirmurl=flask.url_for(
"front.confirm_email",
user_id=user.object_id,
secret_key=user.secret_key,
_external=True,
),
destroyurl=flask.url_for(
"front.destroy_account",
user_id=user.object_id,
secret_key=user.secret_key,
_external=True,
),
)
flask.flash("Your user account has been registered", "success")
flask.flash(
("Before you can log in, you must confirm your email address. "
"Please check your email for further instructions. If the message "
"does not arrive, please check your spam/junk mail folder."),
"info",
)
affiliation_logic.maybe_verify_affiliation(user)
return flask.redirect(flask.url_for("front.home"))
def update_profile():
"""Allow the user to update their personal details."""
if flask.request.method != "POST":
return flask.redirect(
flask.request.referrer or flask.url_for("dashboard.profile")
)
if not login.current_user.can_update_details():
flask.flash(
flask.Markup(
(
"You cannot currently change your details. Please contact "
'<a href="{0}">the ticketing officer</a> for assistance.'
).format(APP.config["TICKETS_EMAIL_LINK"])
),
"error",
)
return flask.redirect(
flask.request.referrer or flask.url_for("dashboard.profile")
)
flashes = []
if "forenames" not in flask.request.form or flask.request.form["forenames"] == "":
flashes.append("Forename(s) cannot be blank")
if "surname" not in flask.request.form or flask.request.form["surname"] == "":
flashes.append("Surname cannot be blank")
if "phone" not in flask.request.form or flask.request.form["phone"] == "":
flashes.append("Phone cannot be blank")
if "college" not in flask.request.form or flask.request.form["college"] == "---":
flashes.append("Please select a college")
if (
"affiliation" not in flask.request.form
or flask.request.form["affiliation"] == "---"
):
flashes.append("Please select an affiliation")
alumni_affiliation_ids = [
str(affiliation.object_id)
for affiliation in models.Affiliation.query.all()
if "Alumnus" in affiliation.name
]
if flask.request.form["affiliation"] in alumni_affiliation_ids and (
"alumni-number" not in flask.request.form
or not re.match(r"^8-\d{8}$", flask.request.form["alumni-number"])
):
flashes.append(
"Please enter a valid alumni number, starting with '8-' and with 8 digits (e.g. 8-12345678)"
)
if flashes:
flask.flash(
(
"There were errors in your provided details. Please fix "
"these and try again"
),
"error",
)
for msg in flashes:
flask.flash(msg, "warning")
return flask.redirect(
flask.request.referrer or flask.url_for("dashboard.profile")
)
login.current_user.forenames = flask.request.form["forenames"]
login.current_user.surname = flask.request.form["surname"]
if login.current_user.phone != flask.request.form["phone"]:
login.current_user.phone_verified = False
login.current_user.phone = flask.request.form["phone"]
login.current_user.alumni_number = flask.request.form["alumni-number"]
affiliation_logic.update_affiliation(
login.current_user,
models.College.get_by_id(flask.request.form["college"]),
models.Affiliation.get_by_id(flask.request.form["affiliation"]),
)
affiliation_logic.match_to_affiliation_list(login.current_user)
DB.session.commit()
APP.log_manager.log_event("Updated Details", user=login.current_user)
flask.flash("Your details have been updated", "success")
affiliation_logic.maybe_verify_affiliation(login.current_user)
return flask.redirect(flask.request.referrer or flask.url_for("dashboard.profile"))
def update_profile():
"""Allow the user to update their personal details."""
if flask.request.method != 'POST':
return flask.redirect(flask.request.referrer or
flask.url_for('dashboard.profile'))
if not login.current_user.can_update_details():
flask.flash(
flask.Markup(
(
'You cannot currently change your details. Please contact '
'<a href="{0}">the ticketing officer</a> for assistance.'
).format(
APP.config['TICKETS_EMAIL_LINK']
)
),
'error'
)
return flask.redirect(flask.request.referrer or
flask.url_for('dashboard.profile'))
flashes = []
if (
'forenames' not in flask.request.form or
flask.request.form['forenames'] == ''
):
flashes.append('Forename(s) cannot be blank')
if (
'surname' not in flask.request.form or
flask.request.form['surname'] == ''
):
flashes.append('Surname cannot be blank')
if (
'phone' not in flask.request.form or
flask.request.form['phone'] == ''
):
flashes.append('Phone cannot be blank')
if (
'college' not in flask.request.form or
flask.request.form['college'] == '---'
):
flashes.append('Please select a college')
if (
'affiliation' not in flask.request.form or
flask.request.form['affiliation'] == '---'
):
flashes.append('Please select an affiliation')
if flashes:
flask.flash(
(
'There were errors in your provided details. Please fix '
'these and try again'
),
'error'
)
for msg in flashes:
flask.flash(msg, 'warning')
return flask.redirect(flask.request.referrer or
flask.url_for('dashboard.profile'))
login.current_user.forenames = flask.request.form['forenames']
login.current_user.surname = flask.request.form['surname']
if login.current_user.phone != flask.request.form['phone']:
login.current_user.phone_verified = False
login.current_user.phone = flask.request.form['phone']
affiliation_logic.update_affiliation(
login.current_user,
models.College.get_by_id(flask.request.form['college']),
models.Affiliation.get_by_id(flask.request.form['affiliation'])
)
DB.session.commit()
APP.log_manager.log_event(
'Updated Details',
user=login.current_user
)
flask.flash(
'Your details have been updated',
'success'
)
affiliation_logic.maybe_verify_affiliation(login.current_user)
return flask.redirect(flask.request.referrer or
flask.url_for('dashboard.profile'))
def register():
"""Process a registration.
After registration, the user must click a link in an email sent to the
address they registered with to confirm that it is valid.
"""
if flask.request.method != 'POST':
return flask.redirect(flask.url_for('router'))
flashes = []
if models.User.get_by_email(flask.request.form['email']) is not None:
flask.flash(
(
'That email address already has an associated account. '
'Use the links below to verify your email or reset your '
'password.'
),
'error'
)
return flask.redirect(flask.url_for('front.home'))
if (
'password' not in flask.request.form or
'confirm' not in flask.request.form or
flask.request.form['password'] != flask.request.form['confirm']
):
flashes.append('Passwords do not match')
if (
'forenames' not in flask.request.form or
flask.request.form['forenames'] == ''
):
flashes.append('Forenames cannot be blank')
if (
'surname' not in flask.request.form or
flask.request.form['surname'] == ''
):
flashes.append('Surname cannot be blank')
if (
'email' not in flask.request.form or
flask.request.form['email'] == ''
):
flashes.append('Email cannot be blank')
if (
'password' not in flask.request.form or
flask.request.form['password'] == ''
):
flashes.append('Password cannot be blank')
elif len(flask.request.form['password']) < 8:
flashes.append('Password must be at least 8 characters long')
if (
'phone' not in flask.request.form or
flask.request.form['phone'] == ''
):
flashes.append('Phone cannot be blank')
if (
'college' not in flask.request.form or
flask.request.form['college'] == '---'
):
flashes.append('Please select a college')
if (
'affiliation' not in flask.request.form or
flask.request.form['affiliation'] == '---'
):
flashes.append('Please select an affiliation')
if APP.config['REQUIRE_USER_PHOTO'] and (
'photo' not in flask.request.files or
flask.request.files['photo'].filename == ''
):
flashes.append('Please upload a photo')
if 'accept_terms' not in flask.request.form:
flashes.append('You must accept the Terms and Conditions')
if flashes:
flask.flash(
(
'There were errors in your provided details. Please fix '
'these and try again'
),
'error'
)
for msg in flashes:
flask.flash(msg, 'warning')
return flask.render_template(
'front/home.html',
form=flask.request.form,
colleges=models.College.query.all(),
affiliations=models.Affiliation.query.all()
)
if APP.config['REQUIRE_USER_PHOTO']:
photo = photos.save_photo(flask.request.files['photo'])
DB.session.add(photo)
DB.session.commit()
else:
photo = None
user = models.User(
flask.request.form['email'],
flask.request.form['password'],
flask.request.form['forenames'],
flask.request.form['surname'],
flask.request.form['phone'],
models.College.get_by_id(flask.request.form['college']),
models.Affiliation.get_by_id(flask.request.form['affiliation']),
photo
)
DB.session.add(user)
DB.session.commit()
APP.log_manager.log_event(
'Registered',
user=user
)
APP.email_manager.send_template(
flask.request.form['email'],
'Confirm your Email Address',
'email_confirm.email',
name=user.forenames,
confirmurl=flask.url_for(
'front.confirm_email',
user_id=user.object_id,
secret_key=user.secret_key,
_external=True
),
destroyurl=flask.url_for(
'front.destroy_account',
user_id=user.object_id,
secret_key=user.secret_key,
_external=True
)
)
flask.flash('Your user account has been registered', 'success')
flask.flash(
(
'Before you can log in, you must confirm your email address. '
'Please check your email for further instructions. If the message '
'does not arrive, please check your spam/junk mail folder.'
),
'info'
)
affiliation_logic.maybe_verify_affiliation(user)
return flask.redirect(flask.url_for('front.home'))