def adduser():
if not current_user.is_admin:
flash('You are no admin...')
return redirect(url_for('main.users'))
form = EditProfileForm('Dummy Username')
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None:
flash('Please use a different username')
return redirect(url_for('main.adduser'))
user = User.query.filter_by(email=form.email.data).first()
if user is not None:
flash('Please use a different emailaddress')
return redirect(url_for('main.adduser'))
user = User(
username=form.username.data,
email=form.email.data,
about_me=form.about_me.data,
is_admin=form.is_admin.data,
last_seen=None);
user.set_password(form.password.data);
db.session.add(user)
db.session.commit()
## user.is_admin = request.form.get ('is_admin') == 'y'
flash('Your changes have been saved.')
return redirect(url_for('main.users', id=user.id))
return render_template('editprofile.html', title='Edit profile', form=form)
def confirm_email_token(token):
user = User.verify_confirm_email_token(token)
if user is None:
flash("Invalid or expired token.", "warning")
return redirect(url_for("users.register"))
confirm_email(user)
return redirect(url_for("posts.posts"))
def appinit():
usercount = User.query.count();
if usercount > 0 :
flash('There is an admin user...')
return redirect(url_for('main.index'));
form= EditProfileForm('Admin')
if form.validate_on_submit():
user = User(
username=form.username.data,
email=form.email.data,
about_me=form.about_me.data,
is_admin=True,
last_seen=None);
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
return redirect(url_for('main.users', id=user.id))
return render_template('editprofile.html', initial_admin = 'YES', form=form)
def create_superuser():
hashed_password = bcrypt.generate_password_hash(DEFAULT_PASSWORD).decode(
"utf-8")
user = User(username="******",
email="*****@*****.**",
password=hashed_password)
db.session.add(user)
cart = Cart(customer=user)
db.session.add(cart)
db.session.commit()
return user
def create_users():
for user in test_users:
hashed_password = bcrypt.generate_password_hash(user["password"]).decode(
"utf-8"
)
user = User(
username=user["username"], email=user["email"], password=hashed_password
)
db.session.add(user)
cart = Cart(customer=user)
db.session.add(cart)
db.session.commit()
def signup(request):
if(request.method == 'POST'):
email = request.POST.get('email')
password = request.POST.get('password')
#print "{0} - {1}".format(email, password)
user = User(email=email, password=password)
user.save()
res = "A user saved to db\n"
res += "Email: {} \n".format(user.email)
res += "Password: {} \n".format(user.password)
res += "Date: {} \n".format(user.date_modified)
print res
request.session['user_email'] = user.email
request.session['user_password'] = user.password
return HttpResponsePermanentRedirect('/accounts/' + user.email[:user.email.find('@')])
elif(request.method == 'GET'):
return render(request, 'signup.html')
def create_users():
users = get_users()
for user in users:
hashed_password = bcrypt.generate_password_hash(
DEFAULT_PASSWORD).decode("utf-8")
user = User(username=user["username"],
email=user["email"],
password=hashed_password)
db.session.add(user)
cart = Cart(customer=user)
db.session.add(cart)
db.session.commit()
def verify_password(email_or_token, password):
if email_or_token == '':
return False
if password == '':
g.current_user = User.verify_auth_token(email_or_token)
g.token_used = True
return g.current_user is not None
user = User.query.filter(User.username.ilike(email_or_token)).first()
if not user:
return False
g.current_user = user
g.token_used = False
return user.check_password(password)
def signup(request):
if (request.method == 'POST'):
email = request.POST.get('email')
password = request.POST.get('password')
#print "{0} - {1}".format(email, password)
user = User(email=email, password=password)
user.save()
res = "A user saved to db\n"
res += "Email: {} \n".format(user.email)
res += "Password: {} \n".format(user.password)
res += "Date: {} \n".format(user.date_modified)
print res
request.session['user_email'] = user.email
request.session['user_password'] = user.password
return HttpResponsePermanentRedirect('/accounts/' +
user.email[:user.email.find('@')])
elif (request.method == 'GET'):
return render(request, 'signup.html')
def register_user():
form = RegistrationForm()
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode("utf-8")
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password)
cart = Cart(customer=user)
db.session.add(user)
db.session.add(cart)
db.session.commit()
# send_register_email(user)
flash(f"Account created for {form.username.data}! You can now login.",
"success")
def reset_password_token(token):
if current_user.is_authenticated:
return redirect(url_for("main.home"))
user = User.verify_reset_password_token(token)
if user is None:
flash("Invalid or expired token.", "warning")
return redirect(url_for("users.reset_request"))
form = ResetPasswordForm()
if form.validate_on_submit():
set_new_password(user)
return redirect(url_for("posts.posts"))
return render_template("users/reset-token.html",
title="Reset Password",
form=form)
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('main.home'))
user = User.verify_reset_token(token)
if user is None:
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('users.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
user.password = hashed_password
db.session.commit()
flash('Your password has been changed. You are able to log in!', 'success')
return redirect(url_for('users.login'))
return render_template('user/reset_token.html', title='Reset Password', form=form)
def register():
if not current_user.is_authenticated:
return redirect(url_for("users.login"))
elif not current_user.is_admin:
return redirect(url_for('main.home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data,
is_admin=form.admin.data,
password=hashed_password)
db.session.add(user)
db.session.commit()
flash('Your account has been created. You are able to log in.!',
'success')
return redirect(url_for('users.login'))
return render_template('admin/register.html', title='Register', form=form)