def _change_password(): user = current_user form = ChangePasswordForm(request.form, obj=user) if request.method == 'POST' and form.validate(): # 현재사용자에 대한 비밀번호 검증 try: password_identical_check = User.objects.get( email=user.email, password=password_hash(form.current_password.data)) except User.DoesNotExist: password_identical_check = None if not password_identical_check: flash(lazy_gettext(u'입력하신 비밀번호가 현재 비밀번호와 일치하지 않습니다.')) # flash('The password you typed here does not match the password we currently have on file for you.') else: form.populate_obj(user) user.password = password_hash(user.password) try: user.save() flash(lazy_gettext(u'비밀번호가 변경되었습니다.')) except Exception: flash(lazy_gettext(u'문제가 발생했습니다.')) else: # internal-re-loggin login_user(user, remember=False) return redirect(url_for('login._profile')) return render_template('login/_change_password.htm.j2', form=form)
def password_verify(token): from datetime import datetime, timedelta time_threshold = datetime.now() - timedelta(hours=1) try: password_token = PasswordVerifyToken.objects.get( token=token, created_at__gte=time_threshold) except PasswordVerifyToken.DoesNotExist: flash('Invalid token') return redirect(url_for('portal.index')) if request.method == 'POST': p1 = request.form['password'] p2 = request.form['password_confirm'] if p1 != p2: flash(lazy_gettext(u'비밀번호가 일치하지 않습니다.')) return render_template('login/verify_password.htm.j2', token=token) else: try: user = User.objects.get(email=password_token.email) except User.DoesNotExist: flash(lazy_gettext(u'사용자 정보가 유효하지 않습니다.')) return redirect(url_for('portal.index')) user.password = password_hash(p1) # change to new password user.verified = True user.save() password_token.delete() login_user(user) flash(lazy_gettext(u'비밀번호가 변경되었습니다.')) return redirect(url_for('portal.index')) else: # raise token return render_template('login/verify_password.htm.j2', token=token)
def signup(): next_url = get_redirect_target() form = SignUpForm(request.form) if request.method == 'POST' and form.validate(): # import pdb; pdb.set_trace() try: email = form.email.data password = password_hash(form.password.data) user = User(email=email, password=password).save() except NotUniqueError: flash(u'이미 등록된 사용자입니다.') except ValidationError: flash(u'email형식이 바르지 않습니다.') # form에서 거르지 못하는 email형식이 있음. else: if current_app.config['EMAIL_USER_VERIFICATION']: token = UserToken(email=email) token.save() token.sendmail() return redirect(url_for('.verify_guide', email=email)) else: user.verify() login_user(user, remember=True) return redirect_back('portal.index') else: current_app.logger.critical(form.errors) return render_template('login/signup.htm.j2', form=form, next=next_url)
def reset_password(email, new_password): try: user = User.objects.get(email=email) except: print("User({0}) doesn't exists.".format(email)) else: user.verified = True user.password = password_hash(new_password) user.save() print('done.')
def _user_password_reset(project_group_user_id): pgu = ProjectGroupUser.objects.get_or_404(id=project_group_user_id) if pgu.project_group == ProjectGroup.default(): from uuid import uuid4 from erks.utils import password_hash temporary_passwd = str(uuid4())[:8] pgu.user.password = password_hash(temporary_passwd) pgu.user.save() flash_error(gettext('임시비밀번호가 설정되었습니다. 암호는 %(temporary_passwd)s입니다.', temporary_passwd=temporary_passwd)) return redirect(url_for( 'project_group._user_role_changer', project_group_user_id=project_group_user_id)) else: abort(404)
def login(): next_url = get_redirect_target() form = LoginForm(request.form) if request.method == 'POST': # import pdb; pdb.set_trace() if form.validate(): try: email_or_userid = form.email.data password = form.password.data password = password_hash(password) if '@' in email_or_userid: user = User.objects.get(email=email_or_userid, password=password) else: user = User.objects.get(user_id=email_or_userid, password=password) if user.verified: login_user(user, remember=form.remember_me.data) session['lang_code'] = user.locale return redirect(url_for('portal.index')) # return redirect_back('portal.index') else: message = Markup( lazy_gettext( u'이메일 인증이 완료되지 않은 사용자입니다.<br/><a href=\'#\' style=\"color: blue;\">인증 요청</a>' )) flash(message) # flash(lazy_gettext(u'이메일 인증이 완료되지 않은 사용자입니다.')) except User.DoesNotExist: flash(lazy_gettext(u'죄송합니다. 사용자가 존재하지 않거나 비밀번호가 일치하지 않습니다.')) else: flash(lazy_gettext(u'form검증이 실패했습니다.')) current_app.logger.debug(form.errors) project_group = ProjectGroup.default() if project_group and project_group.has_theme(): return render_template( 'theme/{theme_key}/login/login_{theme_key}.html'.format( theme_key=project_group.theme_key), form=form) else: return render_template('login/login.htm.j2', form=form, next=next_url)
def validate_current_password(form, field): user = current_user._get_current_object() if user.password != password_hash(field.data): raise ValidationError( lazy_gettext(u'입력하신 비밀번호가 현재 비밀번호와 일치하지 않습니다.'))