def email_message(): """ Redirect user to this to tell them to go check their email """ user_id = request.args.get('id') useraccount = Account.by_id(user_id) if not useraccount: message = "There is no user with this account" return render_template('account/email_message.jade', message=message) if useraccount.admin: message = "This operation is not possible for this user type" return render_template('account/email_message.jade', message=message) emailsplit = useraccount.email.split("@") email = emailsplit[0][:3] + "*****@" + emailsplit[1] flash_success("Your account is being set up. Please see note below.") message = """Thank you for your request. An email has been sent to %s with further instructions. If you have not recieved an email in next few minutes please try <a style='color:#337ab7' href='%s'>resetting your password</a>.""" % (email, url_for('account.trigger_reset')) # message_dict = sendhash(useraccount, gettext=True) # message = str(message_dict) + "<br/><br/><a href='" + message_dict['verifylink'] + "'><h3>Click to Verify</h3></a>" return render_template('account/email_message.jade', message=message)
def verify(): if request.method == 'GET': loginhash = request.args.get('login') if not loginhash: message = "Invalid URL. Please contact system administrator." return render_template('account/message.jade', message=message) account = Account.by_login_hash(loginhash) if not account: message = "This URL is no longer valid. If you have an account, you can reset your password at the " + \ " <a href='" + url_for('account.trigger_reset') + "'>password reset page</a>. Or you can register at \ <a href='" + url_for('account.login') + "'>login page</a>" return render_template('account/message.jade', message=message) #request.form.loginhash = {"data":loginhash} values = {'loginhash': loginhash, "csrf_token": generate_csrf_token()} return render_template('account/verify.jade', account=account, form_fill=values) else: loginhash = request.form.get('loginhash') if not loginhash: message = "We cannot find your unique URL" return render_template('account/message.jade', message=message) account = Account.by_login_hash(loginhash) if not account: message = "We could not find your account" return render_template('account/message.jade', message=message) password1 = request.form.get('password1') password2 = request.form.get('password2') # Check if passwords match, return error if not if password1 != password2: error = "Your passwords do not match" return render_template('account/verify.jade', loginhash=loginhash, account=account, error=error) account.password = generate_password_hash(password1) #reset that hash but don't send it. account.reset_loginhash() account.verified = True db.session.commit() flash_success("Password saved and you are now verified. Thank you.") login_user(account, remember=True) return redirect(url_for('home.index'))
def login_perform(): account = Account.by_email(request.form.get('login')) #if account is not None and account.verified == True: if account is not None: if check_password_hash(account.password, request.form.get('password')): logout_user() login_user(account, remember=True) flash_success("Welcome back, " + account.fullname + "!") return redirect(url_for('home.index')) flash_error("Incorrect user name or password!") return login()
def logout(): logout_user() flash_success("You have been logged out.") return redirect(url_for('home.index'))