def change_password(): """ User logged can change the password GET -> requests server change password page POST -> requests validate form & user info """ # Hard bypass if admin_email try to change password if current_user.email == current_app.config['ADMIN_EMAIL']: flash( 'Esta cuenta no puede cambiar de contraseña. Utiliza tu cuenta personal.' ) current_app.logger.error('{} try to change password.'.format( current_user.email)) return redirect(url_for('dashboard.home')) form = ChangePasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email=current_user.email).first() if user and user.check_password(password=form.password.data): # Actual password correct. Updating user.set_password(form.new_password.data) db.session.add(user) db.session.commit() current_app.logger.info('{} updated her password.'.format(user)) flash('Contraseña actualizada. Vuelve a hacer login.') return redirect(url_for('auth.logout')) flash('Invalid password. Recheck inputs.') return redirect(url_for('auth.change_password')) return render_template('auth/change_password.html', form=form)
def profile(): page = request.args.get('page', default=1, type=int) reviews = Review.query\ .with_entities(User.username, Review.grade, Review.feelings, Review.thoughts, Review.timestamp, Review.user_id, Review.movie_id, User.image, Movie.title, Movie.year)\ .filter(Review.user_id == current_user.id)\ .join(User)\ .join(Movie)\ .order_by(Review.timestamp.desc())\ .paginate(page, 4, False) change_pw_form = ChangePasswordForm() profile_pic_form = ProfileImageForm() if change_pw_form.validate_on_submit(): if current_user.check_password(change_pw_form.oldpassword.data): current_user.set_password(change_pw_form.password.data) db.session.add(current_user) db.session.commit() flash('Password changed!') return redirect(url_for('main.profile')) else: change_pw_form.oldpassword.errors.append('Incorrect old password') links = construct_page_links('main.profile', reviews) return render_template('profile.html', title='profile', current_page=reviews.page, total_pages=reviews.pages, next_page=links[0], prev_page=links[1], first_page=links[2], last_page=links[3], change_pw_form=change_pw_form, profile_pic_form=profile_pic_form, reviews=reviews.items)
def change_password(): change_password_form = ChangePasswordForm() if request.method == 'GET': return render_template('change_password.html', user=current_user.name, user_role=current_user.role.name, change_password_form=change_password_form) if request.method == 'POST': if change_password_form.validate_on_submit(): new_password = change_password_form.new_password.data old_password = change_password_form.old_password.data if not User.query.filter_by(email=current_user.email).first( ).verify_password(old_password): flash('Old password is invalid') return redirect(url_for('change_password')) if not utilities.password_is_valid(new_password): flash( 'Password is not strong enough.\nNeeds to contain lower case and upper case letters, numericals and punctuation.\nLength must be between 8 and 12 characters.' ) return redirect(url_for('change_password')) User.query.filter_by( email=current_user.email).first().password = new_password db.session.commit() flash('Password changed successfully') return redirect(url_for('index')) else: return redirect(url_for('change_password'))
def post_handler(request): form = ChangeEmailForm(request.POST) pwd_change_success = False email_change_success = False student = None if form.is_valid(): email_change_success = change_email(request) else: form = ChangePasswordForm(request.POST) if form.is_valid(): pwd_change_success = change_password(request) if (request.user.is_authenticated()): student = Students.objects.get(email=request.user) return render(request, 'userprofile/profile.html', context_instance=RequestContext( request, { 'title': 'Profile', 'student': student, 'date': datetime.now(), 'year': datetime.now().year, 'change_email_form': ChangeEmailForm(), 'change_password_form': ChangePasswordForm(), 'pwd_change_success': pwd_change_success, 'email_change_success': email_change_success }))
def change_password(token): email = confirm_token(token) user = UserInfo.query.filter(UserInfo.email == email).first_or_404() if user.password_token is not None: form = ChangePasswordForm(request.form) if form.validate_on_submit(): user = UserInfo.query.filter_by(email=email).first() if user: user.password = sha256_crypt.encrypt(str(form.password.data)) user.password_token = None subject = 'Password has been updated' html = render_template('pwchange_confirm.html', username=user.username) send_email(user.email, subject, html) db.session.commit() flash('Password successfully updated.', 'success') return redirect(url_for('login')) # else: # flash('Password change was unsuccessful.', 'danger') # return redirect(url_for('login')) else: flash('Please enter your new password.', 'success') return render_template('change_password.html', form=form) else: flash('unable to reset the password, try again.', 'danger') return redirect(url_for('login'))
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): return redirect(url_for('profile')) return render_template('change_password.html', title='Change Password', form=form)
def private_profile(): """ The settings page for current_user. Here current_user may toggle suggestions, private, delete or report names, change about & photo with a shoddy ChangeDetailsForm, change password with an acceptable ChangePasswordForm, or permanently delete the account. :return: profile.html rendered with list of suggested names for current_user amd forms """ names = Name.query.filter_by(userID=current_user.get_id()).all() # TODO: implement a new form to change account details you lazy trashbag form_d = ChangeDetailsForm(csrf_enabled=False) form_p = ChangePasswordForm() if form_p.validate_on_submit(): if pwd_context.verify(form_p.current_password.data, current_user.password): user = User.query.get(current_user.id) user.password = pwd_context.encrypt(form_p.new_password.data) db.session.commit() flash("Changes saved.") return redirect(url_for("private_profile")) else: flash("Incorrect password.") return redirect(url_for("private_profile")) if form_d.validate_on_submit(): user = User.query.get(current_user.id) if form_d.about.data != "": user.about = form_d.about.data app.logger.debug("result: "+user.about) if form_d.url.data != "": user.photo_url = form_d.url.data db.session.commit() flash("Changes saved.") return redirect(url_for("private_profile")) return render_template("profile.html", names=names, form_d=form_d, form_p=form_p)
def changePassword(): cursor.execute( 'select name, login, passwordHash from account where id = %s', (current_user.id, )) user = cursor.fetchone() form = ChangePasswordForm() if form.validate_on_submit(): if check_password_hash( user[2], form.passwordOld.data ) and form.passwordNew1.data == form.passwordNew2.data: cursor.execute( 'update account set passwordHash = %s where id = %s', ( generate_password_hash(form.passwordNew1.data), current_user.id, )) conn.commit() flash('Пароль был успешно изменен') return redirect(url_for('account')) else: flash('Старый пароль введен неверно или новые пароли не совпадают') return redirect(url_for('changePassword')) return render_template('changePassword.html', title='Сменить пароль', form=form, user=user)
def changePassword(): form = ChangePasswordForm() form.username = current_user.username if form.validate_on_submit(): AccountQuery.update_password(current_user.username, form.new_password.data) return jsonify(action="success") return jsonify(action="failed", error=form.errors)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): current_user.set_password(form.password.data) db.session.commit() flash('Password updated!') return redirect(url_for('account')) return render_template('change_password.html', form=form)
def change_password(request): """ This view provides a user with a form to update their password. A successful update will redirect the user back to their profile with a success message. """ if request.method == 'GET': user = request.user new_password_form = ChangePasswordForm() context = {'new_password_form': new_password_form} return render(request, 'app/change_password.html', context) if request.method == 'POST': # get user instance used with form class instance (for validating unique fields) and volunteer instance user = CustomUser.objects.get(pk=request.user.id) old_password = request.POST['old_password'] new_password_form = ChangePasswordForm(data=request.POST, instance=user) # validate password using installed validators in settings.py try: validate_password(request.POST['password']) == None except ValidationError: # return to form with form instance and message context = {'new_password_form': new_password_form} messages.error(request, "Password change failed. New password too simple.") return render(request, 'app/change_password.html', context) # verify requesting user's email and old_password match authenticated_user = authenticate(email=user.email, password=old_password) # check data types in submission. if new_password_form.is_valid() and authenticated_user is not None: # Note that user instance is used here for updating (not posting) # Hash the password and update the user object user.set_password(request.POST['password']) user.save() # re-authenticate with new password authenticated_user = authenticate( email=user.email, password=request.POST['password']) login(request=request, user=authenticated_user) # return to user profile with success message after logging user in with new credentials messages.success(request, "Password changed successfully!") return HttpResponseRedirect(request.POST.get('next', '/profile')) else: # return to form with form instance and message context = {'new_password_form': new_password_form} messages.error( request, "Password change failed. Old password incorrect or new passwords don't match" ) return render(request, 'app/change_password.html', context)
def settings(): form = ChangePasswordForm() timezone = User.query.filter_by(id=current_user.id).first().timezone if form.validate_on_submit(): UserActions().change_password(current_user.id, form.old_password.data, form.password.data) return render_template('settings.html', title='Settings', timezones=pytz.common_timezones, user_timezone=timezone, form=form)
def change_password(): logger.warning(f'{session["username"]} change password.') form = ChangePasswordForm(request.form) if request.method == 'POST' and form.validate(): user = User.query.filter_by(id=session['user_id']).first() if user.verify_password(form.old_password.data): user.password = form.new_password.data flash('change password success', 'alert-success') return redirect('auth.logout') flash('wrong old password', 'alert-danger') return render_template('change_password.html', form=form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) flash(u'您的密码已被更新') return redirect(url_for('index')) else: flash(u'密码不正确') return render_template("change_password.html", form=form)
def changePassword(): """Admin change password""" form = ChangePasswordForm() if form.validate_on_submit(): current_user.set_password(form.password.data) db.session.add(current_user) db.session.commit() flash('Password updated') return render_template('changePassword.html', title='Change Password', form=form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) flash('您的密码已经修改!') return redirect(url_for('main.index')) else: flash('原密码错误,操作无效!') return render_template('user/change_password.html', form=form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): old_password = form.current_password.data user = User.from_login(current_user.email, old_password) if user.is_authenticated: new_password = form.new_password.data user.set_password(new_password) flash('Password successfully changed.') else: flash('Old password incorrect.') return render_template('change_password.html', form=form)
def change_pwd(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.verify_password(form.old_password.data): current_user.password = form.new_password.data db.session.add(current_user) db.session.commit() flash("修改密码成功") return redirect(url_for('main.index')) else: flash("修改失败") return render_template('user/change_pwd.html', form=form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): session = create_session() current_user.set_password(form.new_password.data) session.merge(current_user) session.commit() return redirect(f'/user/{current_user.id}') return render_template('change_password.html', title='Change password', form=form, title_form='Change password')
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if not current_user.check_password(form.current.data): flash('Password incorrect') elif form.new.data == form.current.data: flash('Password must be new') else: current_user.set_password(form.new.data) db.session.commit() flash('Password successfully changed') return redirect(url_for('change_password')) return render_template("change_password.html", form=form)
def changepassword(): form = ChangePasswordForm() if form.validate_on_submit(): u = User.query.filter_by(username=current_user.username).first() if u.verify_password(form.oldpassword.data): u.password = form.newpassword.data db.session.add(u) flash('密码修成功') return redirect(url_for('main.index')) else: flash('无效的密码') return render_template('user/changepassword.html', form=form)
def change_password(token): if current_user.is_authenticated: return redirect(url_for('index')) user = User.verify_token(token) if not user: return redirect(url_for('index')) form = ChangePasswordForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('Ваш пароль успешно изменен!') return redirect(url_for('login')) return render_template('ChangePassword.html', form=form)
def change_password(): form = ChangePasswordForm() newpassword = form.newpassword.data if form.validate(): if current_user.verify_password(password=form.oldpassword.data): current_user.password = newpassword db.session.add(current_user) db.session.commit() flash('密码修改成功') return redirect(url_for('main.index')) else: flash('修改失败') return render_template('users/change_password.html',form=form)
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if not current_user.check_password(form.current_password.data): flash('Your current password is wrong.') return redirect(url_for('change_password')) current_user.set_password(form.password.data) db.session.commit() flash('Your password has been changed.') return redirect(url_for('edit_profile')) return render_template('change_password.html', form=form)
def changepassword(): if not current_user.is_authenticated: return redirect(url_for('index')) form = ChangePasswordForm() if form.validate_on_submit(): user = current_user if user.check_password(form.current_password.data): user.set_password(form.password.data) db.session.commit() flash('Password changed!') return redirect(url_for('myprofile')) flash('Invalid password') #return redirect(url_for('index')) return render_template('changepassword.html', title='Change Password', form=form)
def change_password(): """Route for logged in users to change password""" pw_form = ChangePasswordForm() if pw_form.validate_on_submit(): # If new password is not equal to old if not current_user.validate_pass(pw_form.newpw.data): current_user.password = pw_form.newpw.data flash('Password successfuly changed!', 'info') db.session.add(current_user) db.session.commit() else: flash('Password must differ from the old.', 'danger') return render_template('settings/change_password.html', pw_form=pw_form)
def reset_password(token): template_name = 'reset_password.html' if current_user.is_authenticated: return redirect(url_for('index')) user = User.verify_token(token) if not user: return redirect(url_for('index')) form = ChangePasswordForm() if form.validate_on_submit(): user.set_password(form.password.data) user.change_password = 0 db.session.commit() flash('Your password has been reset.') return redirect(url_for('login')) return render_template(template_name, form=form)
def change_password(): form = ChangePasswordForm() # 判断密码是否合法 if form.validate_on_submit(): # 判断老密码是否正确 user = current_user._get_current_object() if user.verify_password(form.old_password.data): # 取出新密码 就行设置保存 user.password = form.new_password.data db.session.add(user) flash('修改成功') logout_user() # 返回登录 return redirect(url_for('users.login')) return render_template('users/change_password.html', form=form)
def account_change_password(): form = ChangePasswordForm() if form.new_password.data == form.confirm_new_password.data: if form.validate_on_submit(): if bcrypt.check_password_hash(current_user.password,form.old_password.data): hashed_password = bcrypt.generate_password_hash(form.new_password.data).decode('utf-8') current_user.password = hashed_password db.session.commit() flash('Password has been changed.', 'success') return redirect(url_for('account_change_password')) else: flash('Old password is incorrect.', 'danger') else: flash('Passwords do not match','danger') return render_template('account_change_password.html', title='account_change_password', form=form)
def changePassword(): form = ChangePasswordForm() if form.validate_on_submit(): user = User.query.filter_by(username=current_user.username).first() user.password_hash = generate_password_hash(form.password.data) user.pwPrompted = True db.session.commit() flash('Password Updated!', "error") return redirect(url_for('index')) if not current_user.pwPrompted and request.method == 'GET': flash("You MUST change your password to access other pages", "error") return render_template('changePassword.html', title='Change Password', form=form, template=admin_template_validation())
def change_password(): """Change password Form""" form = ChangePasswordForm() if form.validate_on_submit(): user = UserInformation.query.filter_by( username=form.username.data).first() user.set_password(form.password.data) db.session.commit() flash('Password update successfully') logout_user() return redirect(url_for('login')) form.username.data = current_user.username return render_template('change_password.html', title='Change password', form=form)
def settings(): """Show settings for authenticated user.""" chpwd = ChangePasswordForm(prefix='pwd') chusr = ChangeUsernameForm(prefix='usr') if chpwd.submit.data and chpwd.validate_on_submit(): current_user.change_password(chpwd.new_password.data) db.session.commit() flash('Changed password!', 'success') if chusr.submit.data and chusr.validate_on_submit(): current_user.name = chusr.username.data db.session.commit() flash('Changed username!', 'success') return render_template('admin/settings.html', chpwd=chpwd, chusr=chusr)
def change_password(): """Allow the user who did not register with a social account to change his password. """ if current_user.register_with_provider: flash('Registered with a social account, no password is required') return redirect(url_for('mod_feed.index')) form = ChangePasswordForm() if form.validate_on_submit(): flash('Password changed successfully') current_user.password = form.new_password.data return render_template('auth/change_password.html', form=form)
def settings(): form = SettingForm(obj=current_user) change_pwd_form = ChangePasswordForm(prefix='pwd') if form.has_been_submitted(request): if form.validate_on_submit(): current_user.blog_title = form.blog_title.data current_user.blog_description = form.blog_description.data current_user.blog_image = form.blog_image.data current_user.blog_image_rounded = form.blog_image_rounded.data current_user.blog_bg = form.blog_bg.data current_user.blog_bg_public = form.blog_bg_public.data current_user.blog_bg_everywhere = form.blog_bg_everywhere.data current_user.blog_bg_override = form.blog_bg_override.data current_user.blog_bg_repeat = form.blog_bg_repeat.data current_user.blog_paginate = form.blog_paginate.data current_user.blog_paginate_by = form.blog_paginate_by.data current_user.blog_public = form.blog_public.data current_user.blog_truncate_posts = form.blog_truncate_posts.data current_user.blog_syntax_highlighter_css = form.blog_syntax_highlighter_css.data current_user.linkedin_url = form.linkedin_url.data current_user.gplus_url = form.gplus_url.data current_user.github_url = form.github_url.data current_user.twitter_url = form.twitter_url.data saved = current_user.save() if saved: flash("Saved your settings.") return redirect(url_for("blog.index", user_slug=current_user.blog_slug)) else: flash("Something went wrong...") elif change_pwd_form.has_been_submitted(request): if change_pwd_form.validate_on_submit(): current_user.set_password(change_pwd_form.new_password.data) saved = current_user.save() if saved: flash("Changed your password.") else: flash("Something went wrong...") return render_template("settings.html", form=form, change_pwd_form=change_pwd_form)
def settings(self): user = User.query.get(g.user.id) form = ChangePasswordForm(request.form) if request.method == 'POST' and form.validate(): try: user.set_password(form.password.data) user.active = False db.session.commit() except Exception: flash('0Error setting password') return redirect(url_for('UserView:settings')) flash( '1Password set successfully! Please login with the new password.') session.pop('user_id') return redirect(url_for('UserView:login', next=url_for('UserView:settings'))) helpers.flash_errors(form) return render_template('edit_user.html', title='::Settings', user=user, form=form, )