def add_account():
if current_user.is_admin:
if request.method == "GET":
return render_template("pages/admin/accounts.html",
form=SignupForm(request.form))
elif request.method == "POST":
name = request.form["name"]
email = request.form["email"]
password = request.form["password"]
is_admin = request.form["is_admin"]
# assume no user is created
new_user = None
if form.validate_on_submit():
if email.split("@")[1].split(".")[0] == "cliqz":
# register user to db
new_user = User.register(name, email, user_type, password)
if new_user is not None:
Notifications.info_account_created(name, password, email)
return redirect(url_for("accounts"))
Notifications.info_try_again()
return redirect(url_for("add_account"))
return render_template("errors/401.html"), 401
def signup():
name = request.form.get("name")
email = request.form.get("email")
password = request.form.get("password")
is_admin = request.form.get("is_admin", False)
# register user to db
try:
new_user = User.register(name, email, is_admin, password)
if new_user is None:
Notifications.info_try_again()
if not current_user.is_anonymous:
if current_user.is_admin:
Notifications.info_account_created(name, password, email)
return redirect(url_for("admin"))
else:
# Login the user
u = User.verify_user(email, password)
login_user(u)
Notifications.info_account_created(name, password, email)
return redirect(url_for("home"))
except EmailExistsError:
Notifications.email_exists(email)
except PasswordTooShortError:
Notifications.password_too_short()
return redirect(url_for("home"))
def update_password():
if request.method == "GET":
user = User.query.filter_by(email=current_user.email).first()
return render_template(
"pages/account.html", form=UpdatePasswordForm(), user=user
)
# If user is admin
elif request.method == "POST":
form = UpdatePasswordForm(request.form)
if form.validate_on_submit():
verified = User.verify_user(
current_user.email, form.data.get("old_password")
)
if verified or current_user:
updated = User.update_password(
email=current_user.email, password=form.data.get("new_password")
)
if updated:
Notifications.info_account_updated(**form.data)
login_user(current_user)
return redirect(url_for("account"))
Notifications.info_try_again()
return redirect(url_for("update_password"))
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
email = request.form.get("email")
password = request.form.get("password")
# verify credentials
res = User.verify_user(email, password)
if res is not None:
login_user(res)
return redirect(url_for("home"))
Notifications.info_bad_login()
# if form data fails validation, head back to home
return redirect(url_for("home"))
def edit_account(user_email):
if request.method == "POST":
form = EditAccountForm(request.form)
if current_user.is_admin:
updated = User.update(user_email, **form.data)
if updated:
Notifications.info_account_updated(**form.data)
login_user(current_user)
return redirect(url_for("admin_stats"))
Notifications.info_try_again()
return redirect(url_for("admin"))
elif request.method == "GET":
user = User.query.filter_by(email=user_email).first()
return render_template("pages/admin/accounts.html",
form=EditAccountForm(),
user=user)
def update_email():
if request.method == "GET":
user = User.query.filter_by(email=current_user.email).first()
return render_template("pages/account.html",
form=UpdateEmailForm(),
user=user)
# If user is admin
if request.method == "POST":
form = UpdateEmailForm(request.form)
if form.validate_on_submit():
verified = User.verify_user(current_user.email,
form.data.get("password"))
if verified:
# TODO: Handle condition for uniqueness
try:
updated = User.update_email(old_email=current_user.email,
email=form.data.get("email"))
if updated:
Notifications.info_account_updated(**form.data)
login_user(current_user)
return redirect(url_for("account"))
except EmailExistsError:
Notifications.email_exists(form.data.get("email"))
return redirect(url_for("update_email"))
Notifications.info_try_again()
return redirect(url_for("update_email"))
def update_name():
# If user is admin
if request.method == "POST":
form = UpdateNameForm(request.form)
if form.validate_on_submit():
verified = User.verify_user(current_user.email, form.data.get("password"))
print("verified: ", verified)
if verified:
updated = User.update_name(
email=current_user.email, name=form.data.get("name")
)
if updated:
Notifications.info_account_updated(**form.data)
login_user(current_user)
return redirect(url_for("account"))
Notifications.info_try_again()
return redirect(url_for("update_email"))
elif request.method == "GET":
user = User.query.filter_by(email=current_user.email).first()
return render_template("pages/account.html", form=UpdateNameForm(), user=user)
def delete_account(user_email):
if current_user.email == user_email:
deleted = User.delete(email=user_email)
if deleted:
Notifications.success(message="Account was deleted successfully")
return redirect(url_for("home"))