def user_login(wags_app, next_page, app=None):
if current_user.is_authenticated:
return redirect(qualify_url(wags_app, next_page))
form = LoginForm()
if form.is_submitted():
if form.validate_on_submit():
user = get_user(user_name=form.username.data)
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password', 'danger')
return render_template('{}/login.html'.format(wags_app),
title='Sign In',
form=form,
wags_app=wags_app,
url_for_app=url_for_app)
# if wags_app not in [role.role.name for role in user.roles]:
# flash('Sorry, you do not have {} access'.format(wags_app))
# return redirect(qualify_url(wags_app))
login_user(user, remember=form.remember_me.data)
if not next_page:
next_page = qualify_url(wags_app)
else:
next_page = qualify_url(wags_app, next_page)
return redirect(next_page)
else:
form.populate()
return render_template('{}/login.html'.format(wags_app),
title='Sign In',
form=form,
wags_app=wags_app,
url_for_app=url_for_app)
def test_password():
username = request.args.get('username')
user = get_user(user_name=username)
password = request.args.get('password')
check = user.check_password(password)
form = CheckPasswordForm()
form.populate(username, password, check)
return render_template('check_password.html', form=form)
def change_user_password(user_id, new_password):
user = get_user(user_id)
if user:
user.set_password(new_password)
save_user(user)
ok, message, message_type = True, 'Password updated', 'success'
else:
ok, message, message_type = False, 'User not not found', 'warning'
return ok, message, message_type
def register_user(member_number, user_name, password, email=None, role=UserRole.member, two_phase=False, activate_url=None):
user_id = 0
if user_name and password:
member = get_member(member_number)
if member:
if not member.is_active():
ok, message, message_type = False, 'Sorry, you are not a current member, please contact [email protected]', 'danger'
else:
if not match_string(member.email, email):
ok, message, message_type = False, 'Email does not match', 'warning'
else:
user = get_user(user_name=user_name)
if user and user.member_id != member.id:
ok, message, message_type = False, 'User name already in use', 'warning'
else:
if role == UserRole.member:
ok, message, message_type = member.check_credentials(user_name, password)
if not ok:
return ok, user_id, message, message_type
if not member.user:
user = User(user_name=user_name, member_id=member.id)
else:
user = member.user
user.user_name = user_name
if not user.check_password(password):
ok, message, message_type = True, 'Password updated', 'success'
else:
if two_phase:
token, expires = user.get_token(current_app)
send_mail(
to=member.email,
sender='*****@*****.**',
cc=[],
subject='Dons Trust Members - registration',
message=render_template('activate.txt',
full_url_for=full_url_for,
member=member,
token=token,
expires=expires)
)
ok, message, message_type = True, 'Activation email sent to {}'.format(member.email), 'success'
else:
ok, message, message_type = True, 'You are now a registered user', 'success'
user.set_password(password)
if not user.role:
user.role = role
# else:
# if not role in [role.role for role in user.roles]:
# user.roles += [Role(role=role)]
save_user(user)
user_id = user.id
else:
ok, message, message_type = False, 'Cannot find your membership', 'danger'
else:
ok, message, message_type = False, 'Missing user name/password', 'warning'
return ok, user_id, message, message_type
def member_login(next_page, member_number=None, app=None):
form_name = 'member_login.html'
form = MemberLoginForm()
if form.is_submitted():
if form.hidden_number.data:
form.number.data = int(form.hidden_number.data)
if form.validate_on_submit():
no_number = not member_number
if no_number:
member_number = int('0' + get_digits(form.number.data))
user_name = str(member_number)
password = User.member_password(form.post_code.data)
user = get_user(user_name=user_name)
message = None
message_type = 'danger'
if user is None:
ok, id, message, message_type = member_register(
member_number, user_name, password, form.email.data)
if ok:
user = get_user(id=id)
if not message:
if user is None:
message = 'Email or post code do not match Membership number {}'.format(
member_number)
elif not match_string(user.member.email, form.email.data):
message = 'Email does not match the Membership number'
elif not user.check_password(password):
message = 'Post code does not match the Membership number'
if message:
flash(message, message_type)
if not no_number:
form.populate(member_number)
if message_type != 'success':
return render_template(form_name,
title='Sign In',
form=form)
login_user(user, remember=form.remember_me.data)
if not next_page:
next_page = 'index'
return redirect(next_page)
else:
form.populate(member_number)
return render_template(form_name, title='Sign In', form=form)
def user_login(next_page, app=None):
form_name = 'login.html'
form = LoginForm()
if form.is_submitted():
if form.validate_on_submit():
user = get_user(user_name=form.username.data)
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password', 'danger')
return render_template(form_name, title='Sign In', form=form)
login_user(user, remember=form.remember_me.data)
if not next_page:
next_page = 'index'
else:
next_page = next_page
return redirect(next_page)
else:
form.populate()
return render_template(form_name, title='Sign In', form=form)
def validate_username(self, username):
user = get_user(user_name=username.data)
if user is not None:
if user.member.contact.email != self.email.data:
raise ValidationError('Please use a different username.')
def load_user(id):
return get_user(id=int(id))