Exemplo n.º 1
0
def user():
  dbuser = db.session.query(User).filter_by(username=current_user.id).first()
  if dbuser is None:
    abort(401)

  if request.method == "POST":
    # update user info
    new_user = UserDecoder().decode(request.json)
    if new_user is None:
      print "Failed to decode request.json"
      abort(400)
    dbuser.update_with_user(new_user)

    # change password
    if len(request.json.get("oldpassword", "")) > 0 \
        and len(request.json.get("newpassword", "")) > 0:
      # check old password
      if current_user.check_password(request.json["oldpassword"]):
        current_user.set_password(request.json["newpassword"])
        dbuser.password_hash = current_user.pw_hash

    db.session.commit()
    return jsonify({})

  return render_template("user.html", current_dbuser=dbuser)
Exemplo n.º 2
0
def user():
  dbuser = db.session.query(User).filter_by(username=current_user.id).first()
  if dbuser is None:
    abort(401)

  if request.method == "POST":
    # update user info
    new_user = UserDecoder().decode(request.json)
    if new_user is None:
      print "Failed to decode request.json"
      abort(400)
    dbuser.update_with_user(new_user)

    # change password
    if len(request.json.get("oldpassword", "")) > 0 \
        and len(request.json.get("newpassword", "")) > 0:
      # check old password
      if current_user.check_password(request.json["oldpassword"]):
        current_user.set_password(request.json["newpassword"])
        dbuser.password_hash = current_user.pw_hash

    db.session.commit()
    return jsonify({})

  return render_template("user.html", current_dbuser=dbuser)
Exemplo n.º 3
0
def settings():
    class SettingsForm(Form):
        password = PasswordField("Mot de passe")
        password_bis = PasswordField("Mot de passe (Bis)")

        def validate(self):
            rv = Form.validate(self)
            if not rv:
                return False

            if form.password.data != form.password_bis.data:
                self.password_bis.errors.append(
                    'Les mot de passe ne correspondent pas')
                return False

            return True

    form = SettingsForm()
    if form.validate_on_submit():
        current_user.set_password(form.password.data)
        flash("Mot de passe changé")
        return redirect('/browser')
    else:
        flash("Les mot de passe ne corresponds pas")

    return render_template("settings.html",
                           form=form)
Exemplo n.º 4
0
def change_password():
    form = ChangePasswordForm()
    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        current_user.save()
        flash('Your password has been changed.', 'success')
        return redirect(url_for('users.settings'))
    return settings(passwordForm=form)
Exemplo n.º 5
0
def change_password():
    form = ChangePasswordForm()
    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        current_user.save()
        flash('Your password has been changed.', 'success')
        return redirect(url_for('users.settings'))
    return settings(passwordForm=form)
Exemplo n.º 6
0
def account_settings():
    form = ChangePasswordForm(user=current_user)
    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        db.session.commit()
        flash("Your password is successfully changed.", 'success')
        return redirect(url_for('home'))
    return render_template('users/settings.html', form=form)
Exemplo n.º 7
0
def account_settings():
    form = ChangePasswordForm(user=current_user)
    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        db.session.commit()
        flash("Your password is successfully changed.", 'success')
        return redirect(url_for('home'))
    return render_template('users/settings.html', form=form)
Exemplo n.º 8
0
def update_password(password=None):
	if request.method == 'POST':
		current_user.set_password(request.form['password'])
		db.session.add(current_user)
		db.session.commit()
		app.logger.info("\n\nSuccessfully updated password for user %s" % current_user.id)
		return index()
	else:
		return render_template('update_password.html')
Exemplo n.º 9
0
def reset_password():
    form = ResetPasswordForm()
    if form.validate_on_submit():
        current_user.set_password(form.password.data)
        db.session.add(current_user)
        db.session.commit()
        flash('Your password changed successfully.')
        return redirect(url_for('main.index'))
    return render_template('auth/reset_password.html', form=form)
Exemplo n.º 10
0
def profile():
    form = ProfileForm()
    if request.method == 'POST':
        form = ProfileForm(request.form)
        if form.validate():
            current_user.set_password(form.new_password.data)
            current_user.save()
            flash({'type':'success', 'text':'Password updated'})
            return redirect('/')
    return render_template("/auth/profile.html", **locals())
Exemplo n.º 11
0
def update_password():
    update_password_form = UpdatePasswordForm()
    if update_password_form.validate_on_submit():
        current_user.set_password(update_password_form.password.data)
        db.session.commit()
        flash('Password updated', 'info')
        return redirect(url_for('account'))
    else:
        #flash(update_password_form.messages)
        return redirect(url_for('account'))
Exemplo n.º 12
0
def update_password(password=None):
    if request.method == 'POST':
        current_user.set_password(request.form['password'])
        db.session.add(current_user)
        db.session.commit()
        app.logger.info("\n\nSuccessfully updated password for user %s" %
                        current_user.id)
        return index()
    else:
        return render_template('update_password.html')
Exemplo n.º 13
0
def me_edit_login():
	form = UserEditLoginForm(obj=current_user)
	if form.validate_on_submit():
		if not current_user.check_password(form.old_password.data):
			form.old_password.errors.append('Incorrect Password')
		else:
			current_user.username = form.username.data
			current_user.set_password(form.password.data)
			db.session.commit()
			return redirect('.me')
	return render_template('users/me_edit_login.html', user=current_user, form=form)
Exemplo n.º 14
0
def change_password():
    """
    Change logged in user's password.
    """
    form = ChangePasswordForm(request.json_multidict)
    if not form.validate_on_submit():
        return api_error(form.errors)
    if not current_user.check_password(form.current.data):
        return api_error(dict(form=['Current password is incorrect.']))
    current_user.set_password(form.new_password.data)
    current_user.save()
    return '', 200
Exemplo n.º 15
0
def profile():
    form = ChangePass()
    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        current_user.save()
        return redirect(url_for(resolve_confirm_status(current_user)))
    return set_template('panelbuilder.html',
                        form,
                        '.profile',
                        panel_args=dict(
                            patex=current_app.config['PAHDS']['profile'],
                            tadata=current_app.config['TADATA']['profile']))
Exemplo n.º 16
0
def change_password():
    form = ChangePasswordForm()
    if form.validate_on_submit():
        if current_user.verify_password(form.old_password.data):
            current_user.set_password(form.password.data)
            db.session.add(current_user)
            db.session.commit()
            flash('Your password has been updated.')
            return redirect(url_for('index'))
        else:
            flash('Invalid password.')
    return render_template("auth/change_password.html", form=form)
Exemplo n.º 17
0
def change_password():
    form = NewPasswordForm()
    if form.validate_on_submit():
        current_user.set_password(form.password.data)
        db.session.add(current_user)
        db.session.commit()

        flash("Password changed successfully!", "success")
        return redirect(url_for("core.profile"))
    else:
        flash_errors(form)
    return render_template("core/change_password.html", form=form)
Exemplo n.º 18
0
def service_reset_password():
    params = json.loads(request.get_data(cache=False, as_text=True))
    form = ResetPasswordForm.from_json(params)
    if form.validate_on_submit():
        current_user.set_password(form.password.data)
        db.session.add(current_user)
        db.session.commit()
        data = { 'message' : 'Your password changed successfully.',
                 'success': True }
    else:
        data = { 'error' : form.errors, 'success': False }
    return jsonify(data)
Exemplo n.º 19
0
def change_password():
    form = ChangePasswordForm()
    if form.validate_on_submit():
        if current_user.verify_password(form.old_password.data):
            current_user.set_password(form.password.data)
            db.session.add(current_user)
            db.session.commit()
            flash('Your password has been updated.')
            return redirect(url_for('index'))
        else:
            flash('Invalid password.')
    return render_template("auth/change_password.html", form=form)
Exemplo n.º 20
0
def passwd(args, pass_=None):

    if pass_ is None:
        print 'Resetting password for "%s".' % current_user.name
        pass_ = getpass.getpass('New password: '******'Verify password: '******'Passwords do not match.'
            return 1

    current_user.set_password(pass_)
    db.session.commit()
    print 'Password updated.'
Exemplo n.º 21
0
 def post(self):
     form = ChangePasswordForm()
     if not form.validate():
         return render_template(self.template, form=form)
     if current_user.verify_password(form.old_password.data):
         current_user.set_password(form.password.data)
         current_user.save()
         flash('Your password has been updated.')
         logout_user()
         return redirect(url_for('auth.login'))
     else:
         flash('Invalid password.')
     return redirect(url_for('user.account'))
Exemplo n.º 22
0
def mypage():
    form = MypageForm(request.form)
    if request.method == 'GET':
        form.realname.data = current_user.realname
        form.nickname.data = current_user.nickname
    next = request.args.get('next') or url_for('frontend.index')
    if request.method == 'POST' and form.validate():
        current_user.realname = form.realname.data
        current_user.nickname = form.nickname.data
        current_user.set_password(form.password.data)
        db.session.commit()
        return redirect(next)
    return render_template('mypage.html', form=form, next=next)
Exemplo n.º 23
0
def settings():
    form = None
    if current_user.service == 'local':
        form = SettingsForm(request.form, current_user)
    if request.method == 'POST' and form.validate():
        current_user.email = form.email.data
        current_user.name = form.name.data
        if form.password.data != None:
            current_user.set_password(form.password.data)
            flash("You updated your password.")
        current_user.save()
        flash("You updated your settings.")
    return render_template('settings.html', form=form)
Exemplo n.º 24
0
def change_password():
    """Change password form."""

    form = ChangePasswordForm()
    if form.validate_on_submit():
        current_user.set_password(form.password.data)
        current_user.activation = None
        db.session.add(current_user)
        db.session.commit()
        flash("Password changed.", 'success')
        return redirect(url_for('index'))

    return dict(form=form)
Exemplo n.º 25
0
def edit_profile():
  form = EditProfileForm(username=current_user.username,\
                         email=current_user.email,\
                         api_key=current_user.api_key)
  if form.validate_on_submit():
    current_user.email = form.email.data
    if len(form.password.data)>5 and form.password.data == form.password2.data:
      current_user.set_password(form.password.data)

    db.session.commit()
    flash('Your profile has been updated.')
    return redirect(url_for('main.index'))
  return render_template('user/edit_profile.html', form=form)
Exemplo n.º 26
0
def mypage():
    form = MypageForm(request.form)
    if request.method == 'GET':
        form.realname.data = current_user.realname
        form.nickname.data = current_user.nickname
    next = request.args.get('next') or url_for('frontend.index')
    if request.method == 'POST' and form.validate():
        current_user.realname = form.realname.data
        current_user.nickname = form.nickname.data
        current_user.set_password(form.password.data)
        db.session.commit()
        return redirect(next)
    return render_template('mypage.html', form=form, next=next)
Exemplo n.º 27
0
def profile():
    form = ChangePass()
    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        current_user.save()
        return redirect(url_for(
            resolve_confirm_status(current_user)
        ))
    return set_template('panelbuilder.html', form, '.profile',
                        panel_args=dict(
                            patex=current_app.config['PAHDS']['profile'],
                            tadata=current_app.config['TADATA']['profile']
                        ))
Exemplo n.º 28
0
def edit_profile():
    form = EditProfileForm(username=current_user.username,\
                           email=current_user.email,\
                           api_key=current_user.api_key)
    if form.validate_on_submit():
        current_user.email = form.email.data
        if len(form.password.data
               ) > 5 and form.password.data == form.password2.data:
            current_user.set_password(form.password.data)

        db.session.commit()
        flash('Your profile has been updated.')
        return redirect(url_for('main.index'))
    return render_template('user/edit_profile.html', form=form)
Exemplo n.º 29
0
def password():
    """
    Changing the password is only supported for the current user.
    """

    chpwd_form = ChangePasswordForm()
    if chpwd_form.setpwd.data:
        if chpwd_form.validate():
            current_user.set_password(chpwd_form.password.data)
            db.session.add(current_user)
            db.session.commit()
            flash('Your password has been updated', 'info')
        else:
            flash_errors(chpwd_form)
    chpwd_form.update_data(current_user)

    return render_template("users/password.html", chpwd_form=chpwd_form)
Exemplo n.º 30
0
def password_post():
    form = forms.Password(request.form)
    if form.validate():
        current_user.set_password(form.data['password'])

        # Expire all stored keys, so this can't be used as an attack vector
        for key in current_user.keys:
            key.access_token = ''
            key.refresh_token = ''
            key.secret = ''
            key.service_user_id = ''
            key.expires = datetime.datetime.now()

        models.db.session.add(current_user)
        models.db.session.commit()
        return redirect(url_for('services'))
    else:
        return render_template('password.html', form=form)
Exemplo n.º 31
0
def password_post():
    form = forms.Password(request.form)
    if form.validate():
        current_user.set_password(form.data['password'])

        # Expire all stored keys, so this can't be used as an attack vector
        for key in current_user.keys:
            key.access_token = ''
            key.refresh_token = ''
            key.secret = ''
            key.service_user_id = ''
            key.expires = datetime.datetime.now()

        models.db.session.add(current_user)
        models.db.session.commit()
        return redirect(url_for('services'))
    else:
        return render_template('password.html', form=form)
Exemplo n.º 32
0
def profile():
    form = ProfileForm()

    if form.validate_on_submit():
        language = form.language.data
        password = form.password.data
        current_user.language = language
        # Save password only if it's the same
        if password:
            current_user.set_password(password)
        db_session.commit()
        flash(_('Profile settings saved successfully!'), 'success')
        return redirect('/')
    else:
        form.language.data = current_user.language

    return snapins.render_sidebar_template('users/profile.html',
                                           version='0.1',
                                           form=form)
Exemplo n.º 33
0
def change_password():
    form = PasswordChangeForm(request.form)
    if request.method == 'POST' and form.validate():
        # Check current pasword
        if current_user.hash_password(form.current_password.data) != current_user.password:
            flash('Your current password is incorrect', 'error')
        else:
            current_user.set_password(form.password.data)
            current_user.save()
            flash('Password changed successfully', 'success')
        return redirect(url_for('user.password'))

    context = {
        'title': 'Change Password',
        'description': 'Change your BreezeMinder.com account password',
        'form': form
    }

    return render_template('user/password.html', **context)
Exemplo n.º 34
0
Arquivo: app.py Projeto: tooxie/blatt
def profile_confirmation():
    secret_key = app.config['SECRET_KEY']
    confirmation_form = ProfileConfirmationForm(request.form,
                                                secret_key=secret_key)

    if confirmation_form.validate():
        current_user.name = request.form.get('name')
        current_user.email = request.form.get('email')

        if request.form.get('password'):
            current_user.set_password(request.form.get('password'))

        session.add(current_user)
        session.commit()

        flash(u'Perfil actualizado con éxito')

        return redirect('profile')

    return render_template('profile_confirmation.html', form=confirmation_form)
Exemplo n.º 35
0
def profile():
    form = ProfileForm(request.form)
    if request.method == "GET":  #populate registration form with the existing profile
        form.username.data = current_user.username
        form.email.data = current_user.email
        form.registrationkey.data = "DS106TestKey"
        form.atomfeed.data = current_user.atomfeed
        form.password.data = current_user.password

    if form.validate_on_submit():
        current_user.email = form.email.data
        current_user.atomfeed = form.atomfeed.data
        current_user.set_password(form.password.data)
        db.session.commit()
        flash("Profile modified", 'success')
        return redirect(url_for('public.home'))
    else:
        flash_errors(form)

    return render_template("users/profile.html", user=current_user, form=form)
Exemplo n.º 36
0
def profile():
    form = ProfileForm(request.form)
    if request.method == "GET": #populate registration form with the existing profile
        form.username.data = current_user.username
        form.email.data = current_user.email
        form.registrationkey.data = "DS106TestKey"
        form.atomfeed.data = current_user.atomfeed
        form.password.data = current_user.password

    if form.validate_on_submit():
        current_user.email = form.email.data
        current_user.atomfeed = form.atomfeed.data
        current_user.set_password(form.password.data)
        db.session.commit()
        flash("Profile modified", 'success')
        return redirect(url_for('public.home'))
    else:
        flash_errors(form)
        
    return render_template("users/profile.html",user=current_user, form=form)
Exemplo n.º 37
0
def ajax_change_password():
    if not current_user.is_authenticated():
        abort(403)

    old_password = request.form['old_password']
    new_password = request.form['new_password']
    new_password_repeat = request.form['new_password_repeat']

    #check old password
    m = hashlib.sha256()
    m.update(old_password.encode("UTF-8"))
    m.update(SALT.encode("UTF-8"))

    #old password is wrong
    if m.hexdigest() != current_user.mongodb_user['password']:
        abort(403)

    if new_password != new_password_repeat:
        abort(403)

    if new_password == "":
        abort(400)

    #change password
    m = hashlib.sha256()
    m.update(new_password.encode("UTF-8"))
    m.update(SALT.encode("UTF-8"))

    try:
        current_user.set_password(new_password=m.hexdigest())
    except OperationError as e:
        app.logger.error("Could not save password to database")
        abort(500)
    except Exception as inst:
        app.logger.error("Could not change password %s: %s" % (type(inst), type))
        abort(500)

    return ""
Exemplo n.º 38
0
def user_settings():
    if current_user.source == "manual":
        form = SettingsFormPassword(obj=current_user)
    elif current_user.source == "ldap":
        form = SettingsFormLdap(obj=current_user)
    else:
        abort(404)

    if form.validate_on_submit():
        current_user.preferred_language = form.preferred_language.data
        current_user.autowatch = form.autowatch.data
        current_user.allow_invitation_mails = form.allow_invitation_mails.data

        if current_user.source == "manual":
            form.populate_obj(current_user)
            if form.password1.data:
                current_user.set_password(form.password1.data)

        db.session.commit()
        flash(gettext("Your user settings were updated."), "success")
        return redirect(url_for('user_settings'))

    return render_template("user/settings.html", form=form)
Exemplo n.º 39
0
def user_settings():
    if current_user.source == "manual":
        form = SettingsFormPassword(obj=current_user)
    elif current_user.source == "ldap":
        form = SettingsFormLdap(obj=current_user)
    else:
        abort(404)

    if form.validate_on_submit():
        current_user.preferred_language = form.preferred_language.data
        current_user.autowatch = form.autowatch.data
        current_user.allow_invitation_mails = form.allow_invitation_mails.data

        if current_user.source == "manual":
            form.populate_obj(current_user)
            if form.password1.data:
                current_user.set_password(form.password1.data)

        db.session.commit()
        flash(gettext("Your user settings were updated."), "success")
        return redirect(url_for('user_settings'))

    return render_template("user/settings.jade", form=form)
Exemplo n.º 40
0
def account():
    if request.method == "GET":
        form = AccountForm(obj=current_user)
    else:
        form = AccountForm(request.form)
    try:
        subscribed = Subscription.objects.get(user=current_user.pk)
    except Subscription.DoesNotExist:
        subscribed = None

    if not request.method == 'POST' or not form.validate():
        context = {'form': form, 'subscribed': subscribed}
        return render_template('account.html', **context)

    if form.username.data: current_user.username = form.username.data
    if form.email.data: current_user.email = form.email.data
    if form.phone.data: current_user.phone = form.phone.data
    if form.address.data: current_user.address = form.address.data
    if form.subscribe.data: current_user.subscribe = form.subscribe.data
    if form.password.data: current_user.set_password(form.password.data)
    try:
        current_user.save()
    except Exception, e:
        print str(e)
Exemplo n.º 41
0
def update_details():
    valid = True
    flashes = []

    if (
        flask.request.form['email'] != current_user.email and
        models.User.get_by_email(flask.request.form['email']) is not None
    ):
        flashes.append(u'That email address is already in use. ')
        valid = False

    if (
        'oldpassword' in flask.request.form and
        flask.request.form['oldpassword'] != ''
    ):
        if not current_user.check_password(flask.request.form['oldpassword']):
            flashes.append(u'Current password is incorrect')
            valid = False

        if (
            'password' not in flask.request.form or
            'confirm' not in flask.request.form or
            flask.request.form['password'] == '' or
            flask.request.form['password'] != flask.request.form['confirm']
        ):
            flashes.append(u'New passwords do not match')
            valid = False

        if len(flask.request.form['password']) < 8:
            flashes.append(u'Password must be at least 8 characters long')
            valid = False

    if (
        'firstname' not in flask.request.form or
        flask.request.form['firstname'] == ''
    ):
        flashes.append(u'First Name cannot be blank')
        valid = False

    if (
        'surname' not in flask.request.form or
        flask.request.form['surname'] == ''
    ):
        flashes.append(u'Surname cannot be blank')
        valid = False

    if (
        'email' not in flask.request.form or
        flask.request.form['email'] == ''
    ):
        flashes.append(u'Email cannot be blank')
        valid = False

    if (
        'phone' not in flask.request.form or
        flask.request.form['phone'] == ''
    ):
        flashes.append(u'Phone cannot be blank')
        valid = False

    if (
        'postcode' not in flask.request.form or
        flask.request.form['postcode'] == ''
    ):
        flashes.append(u'Postcode cannot be blank')
        valid = False

    location = models.Location.get_by_postcode(flask.request.form['postcode'])

    if not location:
        flashes.append(u'Postcode not recognised')
        valid = False

    if not valid:
        flash(
            (
                u'There were errors in your provided details. Please fix '
                u'these and try again'
            ),
            'error'
        )
        for msg in flashes:
            flash(msg, 'warning')
    else:
        current_user.firstname = flask.request.form['firstname']
        current_user.surname = flask.request.form['surname']
        current_user.location_id = location.id

        if flask.request.form['email'] != current_user.email:
            current_user.email = flask.request.form['email']
            current_user.email_verified = False
            current_user.email_verification_key = str(random.randint(100000, 999999))
            current_user.send_email_verification()

        if flask.request.form['phone'] != current_user.phone:
            current_user.phone = flask.request.form['phone']
            current_user.sms_verified = False
            current_user.sms_verification_key = str(random.randint(100000, 999999))
            current_user.send_sms_verification()

        if (
            'password' in flask.request.form and
            flask.request.form['password'] != ""
        ):
            current_user.set_password(flask.request.form['password'])

        database.DB.session.commit()

        flask.flash(u'Your details have been updated', 'success')

        return flask.redirect(flask.url_for('.index'))
Exemplo n.º 42
0
def profile_edit():
    """The form page for the user to edit their profile.

    For the accounts from third-party authentication providers, some fields
    of the form may be locked and cannot be modified.  This feature isn't
    implemented here, but in :mod:`railgun.website.userauth`.

    You may refer to :func:`railgun.website.userauth.AuthProvider.init_form`
    for more details.

    :route: /profile/edit/
    :method: GET, POST
    :template: profile_edit.html
    :form: :class:`railgun.website.forms.ProfileForm`
    """
    # Profile edit should use typeahead.js
    g.scripts.deps('typeahead.js')

    # Create the profile form.
    # Note that some fields cannot be edited in certain auth providers,
    # which should be stripped from from schema.
    form = ProfileForm(obj=current_user.dbo)
    if current_user.provider:
        auth_providers.init_form(current_user.provider, form)

    if form.validate_on_submit():
        # Set password if passwd field exists
        if 'password' in form:
            pwd = form.password.data
            if pwd:
                current_user.set_password(pwd)
            del form['password']
            del form['confirm']
        else:
            pwd = None
        # Copy values into current_user object
        form.populate_obj(current_user.dbo)
        # Commit to main database and auth provider
        try:
            if current_user.provider:
                auth_providers.push(current_user.dbo, pwd)
            db.session.commit()
            flash(_('Profile saved.'), 'info')
        except Exception:
            app.logger.exception('Cannot update account %s' %
                                 current_user.name)
            flash(_("I'm sorry but we may have met some trouble. Please try "
                    "again."), 'warning')
        return redirect(url_for('profile_edit'))

    # If form has errors, flash message to notify the user
    if form.errors:
        flash(
            _("You've got some errors in the form, please check your input."),
            'warning'
        )

    # Clear password & confirm here is ok.
    if 'password' in form:
        form.password.data = None
        form.confirm.data = None

    mongo_user = app.config['USERS_COLLECTION'].find_one({"_id":current_user.name})
    mongo_user_course = mongo_user['course']
    if len(mongo_user_course) == 0:
        mongo_user_course = _('Empty course')
    return render_template('profile_edit.html', locale_name=str(get_locale()),form=form,course = mongo_user_course)
Exemplo n.º 43
0
def password_edit():
    form = PasswordEditForm()
    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        return redirect(url_for('user.index'))
    return render_template('user/password_edit.html', form=form)
Exemplo n.º 44
0
def profile_edit():
    """The form page for the user to edit their profile.

    For the accounts from third-party authentication providers, some fields
    of the form may be locked and cannot be modified.  This feature isn't
    implemented here, but in :mod:`railgun.website.userauth`.

    You may refer to :func:`railgun.website.userauth.AuthProvider.init_form`
    for more details.

    :route: /profile/edit/
    :method: GET, POST
    :template: profile_edit.html
    :form: :class:`railgun.website.forms.ProfileForm`
    """
    # Profile edit should use typeahead.js
    g.scripts.deps('typeahead.js')

    # Create the profile form.
    # Note that some fields cannot be edited in certain auth providers,
    # which should be stripped from from schema.
    form = ProfileForm(obj=current_user.dbo)
    if current_user.provider:
        auth_providers.init_form(current_user.provider, form)

    if form.validate_on_submit():
        # Set password if passwd field exists
        if 'password' in form:
            pwd = form.password.data
            if pwd:
                current_user.set_password(pwd)
            del form['password']
            del form['confirm']
        else:
            pwd = None

        # Copy values into current_user object
        form.populate_obj(current_user.dbo)

        # Commit to main database and auth provider
        try:
            if current_user.provider:
                auth_providers.push(current_user.dbo, pwd)
            db.session.commit()
            flash(_('Profile saved.'), 'info')
        except Exception:
            app.logger.exception('Cannot update account %s' %
                                 current_user.name)
            flash(_("I'm sorry but we may have met some trouble. Please try "
                    "again."), 'warning')
        return redirect(url_for('profile_edit'))

    # If form has errors, flash message to notify the user
    if form.errors:
        flash(
            _("You've got some errors in the form, please check your input."),
            'warning'
        )

    # Clear password & confirm here is ok.
    if 'password' in form:
        form.password.data = None
        form.confirm.data = None

    return render_template('profile_edit.html', locale_name=str(get_locale()),
                           form=form)