def recovery_submit(): recipient = request.form.get("email") dbm = DataBaseManager() email_success = dbm.email_already_exists(recipient) if email_success: token = DataBaseManager.get_token(recipient, 60) Email.send( "*****@*****.**", recipient, "Password Recovery", '''Hi,\n\n visit the following link to reset your password - {}'''.format( url_for('reset_token', token=token, _external=True)), "smtp.gmail.com", 587, "ece1779.project.fall.2018", "wmbuvijletllgypz") #"aSd123qWe456zxc" return render_template("index.html") else: email_not_reg = True return render_template("forgotpwd.html", error_value=email_not_reg)
def create_user(): if 'authorized' in session and session['authorized'] is True: return redirect(url_for("render_gallery")) input_username = request.form.get("username") input_first_name = request.form.get("first_name") input_last_name = request.form.get("last_name") input_email = request.form.get("email") input_password = request.form.get("password") input_password_conf = request.form.get("password_conf") field = validate.regex() username = field.validate(field.user_name_pattern, input_username) first_name = field.validate(field.first_name_pattern, input_first_name) last_name = field.validate(field.last_name_pattern, input_last_name) email = field.validate(field.email_pattern, input_email) password = field.validate(field.password_pattern, input_password) password_conf = password == input_password_conf err_msg = compose_error_message(username, first_name, last_name, email, password, password_conf) if err_msg is not None: return render_template("newuser.html", error=err_msg, username=input_username, first_name=input_first_name, last_name=input_last_name, email=input_email, password=input_password, password_conf=input_password_conf) pwd_manager = Hash() salt, hashpwd = pwd_manager.get_salt_hash(password) stored_pwd = "$" + salt + "$" + hashpwd.decode("utf-8") dbm = DataBaseManager() email_already_registered = dbm.email_already_exists(email) if not email_already_registered: db_success = dbm.add_user(username, first_name, last_name, email, stored_pwd) if db_success: session['user'] = username session['authorized'] = True return redirect(url_for('render_gallery')) else: # Getting here means that either there was a database error or the username is already taken. # Since the user will have to retry anyways, we might as well say there was an error with the # chosen username err_msg = ["Username is unavailable."] return render_template("newuser.html", error=err_msg, username=input_username, first_name=input_first_name, last_name=input_last_name, email=input_email, password=input_password, password_conf=input_password_conf) else: err_msg = ["An account already exists with this Email"] return render_template("newuser.html", error=err_msg, username=username, first_name=first_name, last_name=last_name, email=email, password=password, password_conf=password_conf)