def login(): if current_user is not None and current_user.is_authenticated(): return redirect(url_for('index')) form = LoginForm(request.form) if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() login_user(user) PasswordManager.set_session_pwdh(form.password.data) return redirect(url_for('index')) else: return render_template("login.html", form=form)
def settings(): form = SettingsForm(request.form) if form.validate_on_submit(): if form.newpassword.data and form.oldpassword.data and form.repeat.data: # Handling the decryption and re-encryption of the passwords in case of a password change new_pwdh = PasswordManager.generate_pwdh_from_password(form.newpassword.data) for device in Device.query.all(): # Decrypts the password using the session pwdh and encrypts it with the new pwdh (not in session) device.password = PasswordManager.encrypt_string(device.decrypt_password(), new_pwdh) device.save(encrypt=False) # The password is already encrypted PasswordManager.set_session_pwdh(form.newpassword.data) current_user.set_password(form.newpassword.data) current_user.save() flash("Successfully set new password", "info") return redirect(url_for('settings')) else: return render_template("settings.html", form=form, active_page="settings")