def reset_password(self): user = None token = request.query.get("token") if token: query = self.auth._query_from_token(token) user = self.auth.db(query).select().first() if not user: raise HTTP(404) user = self.auth.db.auth_user(self.auth.user_id) form = Form( [ Field( "new_password", type="password", requires=self.auth.db.auth_user.password.requires, ), Field("new_password_again", type="password", requires=IS_NOT_EMPTY()), ], formstyle=self.formstyle, ) self._process_change_password_form(form, user) if form.accepted: self._postprocessing("reset_password", form, user) return form
def reset_password(self): form = Form([Field("password", type="password")]) user = None token = request.query.get("token") if token: query = self.auth._query_from_token(token) user = self.auth.db(query).select().first() if not user: raise HTTP(404) user = self.auth.db.auth_user(self.auth.user_id) form = Form( [ Field( "new_password", type="password", requires=self.auth.db.auth_user.password.requires, ), Field("new_password_again", type="password", requires=IS_NOT_EMPTY()), ] ) if form.submitted: new_password = form.post_vars.get("new_password") if form.post_vars["new_password_again"] != new_password: form.errors["new_password_again"] = "Passwords do not match" form.accepted = False else: res = self.auth.change_password( user, new_password, check=True, check_old_password=False ) form.errors = re.get("errors", {}) form.accepted = not res.get("errors") self._postprocessng("profile", form, user) return form
def edit_contact(person_id=None, phone_id=None): # read person p = db.person[person_id] if p is None: # nothing to edit redirect(URL('index')) # contact wasn't the created by the user if (p.user_email != auth.current_user.get('email')): redirect(URL('index')) else: row = db(db.phone.id == phone_id).select().as_list() form = Form([Field('number'), Field('kind')], record=dict(number=row[0].get('number'), kind=row[0].get('kind')), deletable=False, csrf_session=session, formstyle=FormStyleBulma) if form.accepted: db.phone.update_or_insert(((db.phone.id == phone_id)), number=form.vars.get('number'), kind=form.vars.get('kind')) redirect(URL('edit_phones', person_id)) # return variables person_row = db(db.person.id == person_id).select().as_list() first_name = person_row[0].get('first_name') last_name = person_row[0].get('last_name') return dict(form=form, first_name=first_name, last_name=last_name)
def reset_password(self): user = None token = request.query.get("token") if token: query = self.auth._query_from_token(token) user = self.auth.db(query).select().first() if not user: raise HTTP(404) form = Form( [ Field( "new_password", type="password", requires=self.auth.db.auth_user.password.requires, label=self.auth.param.messages["labels"].get("new_password"), ), Field( "new_password_again", type="password", requires=IS_EQUAL_TO(request.forms.get("new_password")), label=self.auth.param.messages["labels"].get("password_again"), ), ], formstyle=self.formstyle, submit_value=self.auth.param.messages["buttons"]["submit"], ) self._process_change_password_form(form, user, False) if form.accepted: self._set_flash("password-changed") self._postprocessing("reset_password", form, user) return form
def edit_phone(phone_id=None): # """Note that in the above declaration, the contact_id argument must match # the <contact_id> argument of the @action.""" # # We read the contact. p = db.phone[phone_id] if p is None: redirect(URL('index')) c = db.contact[p.contact_id] user_email = auth.current_user.get('email') if c.user_email != user_email: redirect(URL('index')) # Only display form if phone exists and contact belongs to logged in user form = Form([Field('number'), Field('name')], record=dict(name=p.name, number=p.number), csrf_session=session, formstyle=FormStyleBulma) if form.accepted: # Create phone and insert into table db.phone[phone_id] = dict(number=form.vars['number'], name=form.vars['name']) db.commit() redirect(URL('phone_numbers', c.id)) return dict(contact_id=c.id, form=form)
def edit_contact(person_id=None): # read person p = db.person[person_id] if p is None: # nothing to edit redirect(URL('index')) # contact wasn't the created by the user if (p.user_email != auth.current_user.get('email')): redirect(URL('index')) else: row = db(db.person.id == person_id).select().as_list() form = Form([ Field('first_name', requires=IS_NOT_EMPTY()), Field('last_name', requires=IS_NOT_EMPTY()) ], record=dict(first_name=row[0].get('first_name'), last_name=row[0].get('last_name')), deletable=False, csrf_session=session, formstyle=FormStyleBulma) if form.accepted: db.person.update_or_insert(((db.person.id == person_id)), first_name=form.vars.get('first_name'), last_name=form.vars.get('last_name')) redirect(URL('index')) return dict(form=form)
def change_password(self): self._check_logged("change_password") user = self.auth.db.auth_user(self.auth.user_id) form = Form( [ Field("old_password", type="password", requires=IS_NOT_EMPTY()), Field( "new_password", type="password", requires=self.auth.db.auth_user.password.requires, ), Field("new_password_again", type="password", requires=IS_NOT_EMPTY()), ] ) if form.submitted: old_password = form.post_vars.get("new_password") new_password = form.post_vars.get("new_password") if form.post_vars["new_password_again"] != new_password: form.errors["new_password_again"] = "Passwords do not match" form.accepted = False else: res = self.auth.change_password( user, new_password, old_password, check=True ) form.errors = re.get("errors", {}) form.accepted = not res.get("errors") self._postprocessng("profile", form, user) return form
def signature(self): """Returns a list of fields for a table signature""" now = lambda: datetime.datetime.utcnow() user = lambda s=self: s.get_user().get("id") fields = [ Field("created_on", "datetime", default=now, writable=False, readable=True), Field( "created_by", "reference auth_user", default=user, writable=False, readable=True, ), Field( "modified_on", "datetime", update=now, default=now, writable=False, readable=True, ), Field( "modified_by", "reference auth_user", default=user, update=user, writable=False, readable=True, ), Field("is_active", "boolean", default=True, readable=False, writable=False), ] return fields
def change_password(self): user = self.auth.db.auth_user(self.auth.user_id) form = Form( [ Field( "old_password", type="password", requires=IS_NOT_EMPTY(), label=self.auth.param.messages["labels"].get("old_password"), ), Field( "new_password", type="password", requires=self.auth.db.auth_user.password.requires, label=self.auth.param.messages["labels"].get("new_password"), ), Field( "new_password_again", type="password", requires=IS_EQUAL_TO(request.forms.get("new_password")), label=self.auth.param.messages["labels"].get("password_again"), ), ], formstyle=self.formstyle, submit_value=self.auth.param.messages["buttons"]["submit"], ) self._process_change_password_form(form, user, True) if form.accepted: self._set_flash("password-changed") self._postprocessing("change_password", form, user) return form
def add_phone(contact_id=None): # Retrieving First/Last name for header contact = db.contacts[contact_id] first_name = contact.first_name last_name = contact.last_name user_email = auth.current_user.get('email') # Contact DNE or belongs to different user if contact is None or contact.user_email != user_email: redirect(URL('index')) # Creating form to add phone number form = Form([Field('phone_number'), (Field('kind'))], csrf_session=session, formstyle=FormStyleBulma, validation=validate_phone) # Inserting phone number into phone_numbers table # Redirecting to edit_phones page if form.accepted: phone_number = form.vars['phone_number'] kind = form.vars['kind'] db.phone_numbers.insert(phone_number=phone_number, kind=kind, contact_id=contact_id) redirect(URL('edit_phones', contact_id)) return dict(form=form, first_name=first_name, last_name=last_name)
def login(self): fields = [ Field( "username", ), Field( "login_password", type="password", label=self.auth.param.messages["labels"].get("password"), ), ] if self.auth.use_username: fields[0].label = self.auth.db.auth_user.username.label else: fields[0].label = self.auth.db.auth_user.email.label fields[1].label = self.auth.db.auth_user.password.label button_name = self.auth.param.messages["buttons"]["sign-in"] form = Form( fields, submit_value=button_name, formstyle=self.formstyle, ) user = None self.auth.next["login"] = request.query.get("next") if form.submitted: user, error = self.auth.login( form.vars.get("username"), form.vars.get("login_password") ) form.accepted = not error form.errors["username"] = error if user: self.auth.store_user_in_session(user["id"]) self._postprocessing("login", form, user) top_buttons = [] for name, plugin in self.auth.plugins.items(): url = "../auth/plugin/" + name + "/login" if self.auth.next["login"]: url = url + "?next=" + self.auth.next["login"] top_buttons.append(A(plugin.label + " Login", _href=url, _role="button")) if self.auth.allows("register"): form.param.sidecar.append( A(self.auth.param.messages["buttons"]["sign-up"], _href="../auth/register", _class=self.auth.param.button_classes["sign-up"], _role="button") ) if self.auth.allows("request_reset_password"): form.param.sidecar.append( A( self.auth.param.messages["buttons"]["lost-password"], _href="../auth/request_reset_password", _class=self.auth.param.button_classes["lost-password"], _role="button", ) ) form.structure.insert(0, DIV(DIV(*top_buttons))) return form
def login(self): top_buttons = self.login_buttons() # if we do not allow we only display the plugin login buttons if not self.auth.param.default_login_enabled: return DIV(*top_buttons) fields = [ Field("username", ), Field( "login_password", type="password", label=self.auth.param.messages["labels"].get("password"), ), ] if self.auth.use_username: fields[0].label = self.auth.db.auth_user.username.label else: fields[0].label = self.auth.db.auth_user.email.label fields[1].label = self.auth.db.auth_user.password.label button_name = self.auth.param.messages["buttons"]["sign-in"] form = Form( fields, submit_value=button_name, formstyle=self.formstyle, ) user = None self.auth.next["login"] = request.query.get("next") if form.submitted: user, error = self.auth.login(form.vars.get("username", ""), form.vars.get("login_password", "")) form.accepted = not error form.errors["username"] = error if user: self.auth.store_user_in_session(user["id"]) self._postprocessing("login", form, user) if self.auth.allows("register"): form.param.sidecar.append( A( self.auth.param.messages["buttons"]["sign-up"], _href="../auth/register", _class=self.auth.param.button_classes["sign-up"], _role="button", )) if self.auth.allows("request_reset_password"): form.param.sidecar.append( A( self.auth.param.messages["buttons"]["lost-password"], _href="../auth/request_reset_password", _class=self.auth.param.button_classes["lost-password"], _role="button", )) form.structure.insert(0, DIV(DIV(*top_buttons))) return form
def insertt(): c = [] for i in db(db.company).select(): c.append(i.IAN_FULL_NAME) form = Form( [Field('company', requires=IS_IN_SET(c)), Field('file', 'upload')], validation=func, formstyle=FormStyleBulma) return dict(form=form)
def add_phone_number(contact_id=None): form = Form([Field('number'), Field('type')], csrf_session=session, formstyle=FormStyleBulma) if form.accepted: db.phone_number.insert(contact_id=contact_id, phone_number=form.vars['number'], type=form.vars['type']) # We always want POST requests to be redirected as GETs. redirect(URL('index')) return dict(form=form)
def add_contact(): form = Form([ Field('first_name', requires=IS_NOT_EMPTY()), Field('last_name', requires=IS_NOT_EMPTY()) ], csrf_session=session, formstyle=FormStyleBulma) if form.accepted: db.person.insert(first_name=form.vars.get('first_name'), last_name=form.vars.get('last_name'), phone_numbers="") redirect(URL('index')) return dict(form=form)
def login(self): form = Form([Field("username"), Field("password", type="password")]) user = None if form.submitted: user, error = self.auth.login( form.vars.get("username"), form.vars.get("password") ) form.accepted = not error form.errors["username"] = error if user: self.auth.store_user_in_session(user["id"]) self._postprocessng("login", form, user) return form
def _set_tile(self): self.tile = Field.Method( 'tile', lambda row, zoom, classic=True: get_tile(*wkt.loads(row[ self._tablename].geom)["coordinates"], zoom=zoom, classic=classic))
def test_form(self): table = [Field("name")] form_name = 'testing_form' f = Form(table,form_name=form_name) value = f.formkey post_vars = dict(_formname=form_name, _form_key=value) self.assertTrue(f._verify_form(post_vars))
def register(self): self.auth.db.auth_user.password.writable = True fields = [field for field in self.auth.db.auth_user if field.writable] for k, field in enumerate(fields): if field.type == "password": fields.insert(k + 1, Field("password_again", "password")) break form = Form(fields, submit_value="Sign Up", formstyle=self.formstyle) user = None if form.submitted: res = self.auth.register(form.vars) form.accepted = not res.get("errors") form.errors = res.get("errors") if not form.errors: self.auth.flash.set("User registered succesfully") self._postprocessing("register", form, user) form.param.sidecar.append( A("Sign In", _href="../auth/login", _class="info", _role="button")) form.param.sidecar.append( A( "Lost Password", _href="../auth/request_reset_password", _class="info", _role="button", )) return form
def search_form(): user = auth.get_user() form = Form([Field('search_string')], formstyle=FormStyleBulma) if form.accepted: print(URL('search', vars=form.vars)) redirect(URL('search', vars=form.vars)) return dict(form=form)
def friends(): # a search form (simply by first name) form = Form([Field("name", required=True)]) users = [] if form.accepted: # select users based on the tokens in the search input query = None for token in form.vars.get("name").split(): q = db.auth_user.first_name.lower().startswith( token.lower()) | db.auth_user.last_name.lower().startswith( token.lower()) query = query & q if query else q if query: users = db(query).select() # make list of requests alphabetical = db.auth_user.first_name + db.auth_user.last_name query_received = (db.friend_request.to_user == auth.user_id) & ( db.friend_request.from_user == db.auth_user.id) requests_received = db(query_received).select(orderby=alphabetical) # make list of requests sent query_sent = (db.friend_request.from_user == auth.user_id) & ( db.friend_request.to_user == db.auth_user.id) requests_sent = db(query_sent).select(orderby=alphabetical) # return the form, lists, and button factories return locals()
def hcaptcha_form(): form = Form( [ Field( "dummy_form", "string", ) ] ) form.structure.append( XML('<div class="h-captcha" data-sitekey="{}"></div>'.format(HCAPTCHA_SITE_KEY)) ) if form.accepted: r = hCaptcha(request.forms.get("g-recaptcha-response")) if r == True: # do something with form data form.structure.append( XML( '<div style="color:green">Captcha was solved succesfully!</font></div>' ) ) else: form.structure.append( XML('<div class="py4web-validation-error">invalid captcha</div>') ) return dict(form=form)
def request_reset_password(self): form = Form( [ Field( "email", label=self.auth.param.messages["labels"].get("username_or_email"), requires=IS_NOT_EMPTY(), ) ], submit_value=self.auth.param.messages["buttons"]["request"], formstyle=self.formstyle, ) if form.accepted: email = form.vars.get("email", "") self.auth.request_reset_password(email, send=True, next="") self._set_flash("password-reset-link-sent") self._postprocessing("request_reset_password", form, None) form.param.sidecar.append( A( self.auth.param.messages["buttons"]["sign-in"], _href="../auth/login", _class=self.auth.param.button_classes["sign-in"], _role="button", ) ) if self.auth.allows("register"): form.param.sidecar.append( A( self.auth.param.messages["buttons"]["sign-up"], _href="../auth/register", _class=self.auth.param.button_classes["sign-up"], _role="button", ) ) return form
def add_contact(person_id): user = auth.current_user.get('email') person = db.contact[person_id] if person is None or person.user_email!=user: redirect(URL('index')) else: form = Form([Field('number',requires=IS_NOT_EMPTY()), Field('name')], deletable=False, csrf_session=session, formstyle=FormStyleBulma) if form.accepted: # We always want POST requests to be redirected as GETs. db.phone.insert( phone_number=form.vars['number'],phone_name=form.vars['name'],person_id=person_id ) redirect(URL('list_phone',person_id)) return dict(form=form,user=auth.user)
def _set_hashid(self, fieldname, first, *ofields): setattr( self, fieldname, Field.Virtual( fieldname, lambda row: self._extra['encoder'].encode( row[self._tablename][first], *map(lambda ff: row[self._tablename][ff], ofields))))
def test_form(self): session = Session() session.initialize() table = [Field("name")] form_name = 'testing_form' f = Form(table, form_name=form_name, csrf_session=session) value = f.formkey post_vars = dict(_formname=form_name, _formkey=value) self.assertTrue(f._verify_form(post_vars))
def edit_phone(person_id=None, phone_id=None): logged_in_user = auth.current_user.get('email') person = db.person[person_id] phone_number = db.phone[phone_id] if person is None: redirect(URL('index')) elif(person.user_email == logged_in_user): # good part here form = Form([Field('number'), Field('name')], record=phone_number, deletable=False, csrf_session=session, formstyle=FormStyleBulma) if form.accepted: db(db.phone.id == phone_id).update( number=form.vars["number"], name=form.vars["name"] ) redirect(URL('list_phone', person_id)) return dict(form=form, name=person.first_name + " " + person.last_name, user=auth.user) else: redirect(URL('index'))
def add_phone(contact_id=None): # We read the contact. c = db.contact[contact_id] user_email = auth.current_user.get('email') if c is None or c.user_email != user_email: # Contact does not exist or wrong user redirect(URL('index')) form = Form([Field('number'), Field('name')], csrf_session=session, formstyle=FormStyleBulma) if form.accepted: # Create phone and insert into table db.phone.insert(name=form.vars['name'], number=form.vars['number'], contact_id=contact_id) db.commit() # We always want POST requests to be redirected as GETs. redirect(URL('phone_numbers', contact_id)) return dict(contact_id=contact_id, form=form)
def mycomponent(): # create a form object form = Form([Field("your_name")]) # if the form is not submmitted show a welcome flash message if not request.forms: flash.set("Welcome") # if the form is submitted and accepted display another message elif form.accepted: flash.set("Welcome " + request.forms["your_name"]) # return the form if it has not already been submitted and accepted return DIV(form if not form.accepted else "done!").xml()
def edit_phone(contact_id=None, phone_id=None): # Validation contact = db.contacts[contact_id] user_email = auth.current_user.get('email') # Contact DNE or belongs to different user if contact is None or contact.user_email != user_email: redirect(URL('index')) # Retrieving First/Last name for header first_name = contact.first_name last_name = contact.last_name # Getting the current phone number phone = db.phone_numbers[phone_id] phone_number = phone.phone_number kind = phone.kind # Create form to display # Retrieve current phone_number, kind values form = Form([Field('phone_number'), Field('kind')], record=dict(phone_number=phone_number, kind=kind), deletable=False, csrf_session=session, formstyle=FormStyleBulma, validation=validate_phone) if form.accepted: # Retriving updated values from form phone_number = form.vars['phone_number'] kind = form.vars['kind'] # Updating values in phone_number table phone.update_record(phone_number=phone_number, kind=kind) redirect(URL('edit_phones', contact_id)) return dict(form=form, first_name=first_name, last_name=last_name)