def _change_password():
user = current_user
form = ChangePasswordForm(request.form, obj=user)
if request.method == 'POST' and form.validate():
# 현재사용자에 대한 비밀번호 검증
try:
password_identical_check = User.objects.get(
email=user.email,
password=password_hash(form.current_password.data))
except User.DoesNotExist:
password_identical_check = None
if not password_identical_check:
flash(lazy_gettext(u'입력하신 비밀번호가 현재 비밀번호와 일치하지 않습니다.'))
# flash('The password you typed here does not match the password we currently have on file for you.')
else:
form.populate_obj(user)
user.password = password_hash(user.password)
try:
user.save()
flash(lazy_gettext(u'비밀번호가 변경되었습니다.'))
except Exception:
flash(lazy_gettext(u'문제가 발생했습니다.'))
else:
# internal-re-loggin
login_user(user, remember=False)
return redirect(url_for('login._profile'))
return render_template('login/_change_password.htm.j2', form=form)
def password_verify(token):
from datetime import datetime, timedelta
time_threshold = datetime.now() - timedelta(hours=1)
try:
password_token = PasswordVerifyToken.objects.get(
token=token, created_at__gte=time_threshold)
except PasswordVerifyToken.DoesNotExist:
flash('Invalid token')
return redirect(url_for('portal.index'))
if request.method == 'POST':
p1 = request.form['password']
p2 = request.form['password_confirm']
if p1 != p2:
flash(lazy_gettext(u'비밀번호가 일치하지 않습니다.'))
return render_template('login/verify_password.htm.j2', token=token)
else:
try:
user = User.objects.get(email=password_token.email)
except User.DoesNotExist:
flash(lazy_gettext(u'사용자 정보가 유효하지 않습니다.'))
return redirect(url_for('portal.index'))
user.password = password_hash(p1) # change to new password
user.verified = True
user.save()
password_token.delete()
login_user(user)
flash(lazy_gettext(u'비밀번호가 변경되었습니다.'))
return redirect(url_for('portal.index'))
else:
# raise token
return render_template('login/verify_password.htm.j2', token=token)
def signup():
next_url = get_redirect_target()
form = SignUpForm(request.form)
if request.method == 'POST' and form.validate():
# import pdb; pdb.set_trace()
try:
email = form.email.data
password = password_hash(form.password.data)
user = User(email=email, password=password).save()
except NotUniqueError:
flash(u'이미 등록된 사용자입니다.')
except ValidationError:
flash(u'email형식이 바르지 않습니다.') # form에서 거르지 못하는 email형식이 있음.
else:
if current_app.config['EMAIL_USER_VERIFICATION']:
token = UserToken(email=email)
token.save()
token.sendmail()
return redirect(url_for('.verify_guide', email=email))
else:
user.verify()
login_user(user, remember=True)
return redirect_back('portal.index')
else:
current_app.logger.critical(form.errors)
return render_template('login/signup.htm.j2', form=form, next=next_url)
def reset_password(email, new_password):
try:
user = User.objects.get(email=email)
except:
print("User({0}) doesn't exists.".format(email))
else:
user.verified = True
user.password = password_hash(new_password)
user.save()
print('done.')
def _user_password_reset(project_group_user_id):
pgu = ProjectGroupUser.objects.get_or_404(id=project_group_user_id)
if pgu.project_group == ProjectGroup.default():
from uuid import uuid4
from erks.utils import password_hash
temporary_passwd = str(uuid4())[:8]
pgu.user.password = password_hash(temporary_passwd)
pgu.user.save()
flash_error(gettext('임시비밀번호가 설정되었습니다. 암호는 %(temporary_passwd)s입니다.', temporary_passwd=temporary_passwd))
return redirect(url_for(
'project_group._user_role_changer',
project_group_user_id=project_group_user_id))
else:
abort(404)
def login():
next_url = get_redirect_target()
form = LoginForm(request.form)
if request.method == 'POST':
# import pdb; pdb.set_trace()
if form.validate():
try:
email_or_userid = form.email.data
password = form.password.data
password = password_hash(password)
if '@' in email_or_userid:
user = User.objects.get(email=email_or_userid,
password=password)
else:
user = User.objects.get(user_id=email_or_userid,
password=password)
if user.verified:
login_user(user, remember=form.remember_me.data)
session['lang_code'] = user.locale
return redirect(url_for('portal.index'))
# return redirect_back('portal.index')
else:
message = Markup(
lazy_gettext(
u'이메일 인증이 완료되지 않은 사용자입니다.<br/><a href=\'#\' style=\"color: blue;\">인증 요청</a>'
))
flash(message)
# flash(lazy_gettext(u'이메일 인증이 완료되지 않은 사용자입니다.'))
except User.DoesNotExist:
flash(lazy_gettext(u'죄송합니다. 사용자가 존재하지 않거나 비밀번호가 일치하지 않습니다.'))
else:
flash(lazy_gettext(u'form검증이 실패했습니다.'))
current_app.logger.debug(form.errors)
project_group = ProjectGroup.default()
if project_group and project_group.has_theme():
return render_template(
'theme/{theme_key}/login/login_{theme_key}.html'.format(
theme_key=project_group.theme_key),
form=form)
else:
return render_template('login/login.htm.j2', form=form, next=next_url)
def validate_current_password(form, field):
user = current_user._get_current_object()
if user.password != password_hash(field.data):
raise ValidationError(
lazy_gettext(u'입력하신 비밀번호가 현재 비밀번호와 일치하지 않습니다.'))