def edit_profile():
if 'username' not in session:
return redirect(url_for('login'))
update_form = forms.UpdateForm()
password_form = forms.PasswordForm()
user = database.get_user(session['username'])[0]
update_form.first_name.data = user[1]
update_form.last_name.data = user[2]
update_form.username.data = user[3]
update_form.email.data = user[4]
if request.method == 'POST':
if 'update_profile' in request.form:
update_form = forms.UpdateForm(request.form)
if update_form.validate():
update_form.save(session['username'])
session['username'] = update_form.username.data
elif 'change_password' in request.form:
password_form = forms.PasswordForm(request.form)
if password_form.validate():
password_form.save(session['username'])
elif 'remove' in request.form:
db = database.get_db()
db.execute('delete from users where id=?',
[database.get_user_id(session['username'])])
db.commit()
return redirect(url_for('logout'))
return render_template('edit_profile.html',
register_form=update_form,
password_form=password_form)
def settings_new_password():
if session['login']:
form = forms.PasswordForm()
user = db.member_info(session['user_id'])
if form.validate_on_submit():
if check_password_hash(user[0][2], form.currentpassword.data):
db.update_password(user[0][0], form.newpassword.data)
flash('New password set', 'success')
return redirect(url_for('settings'))
else:
flash("Incorrect Password!", "error")
return render_template('password_edit.html', form=form)
def reset_with_token(token):
try:
email = ts.loads(token, salt="recover-key", max_age=86400)
except:
abort(404)
form = forms.PasswordForm()
if form.validate_on_submit():
user = models.User.get(models.User.email == email)
q = models.User.update(password=generate_password_hash(form.password.data)).where(models.User.email == email)
q.execute()
return redirect(url_for('login'))
return render_template('reset_with_token.html', form=form, token=token, user=current_user)