def edit_profile(): if 'username' not in session: return redirect(url_for('login')) update_form = forms.UpdateForm() password_form = forms.PasswordForm() user = database.get_user(session['username'])[0] update_form.first_name.data = user[1] update_form.last_name.data = user[2] update_form.username.data = user[3] update_form.email.data = user[4] if request.method == 'POST': if 'update_profile' in request.form: update_form = forms.UpdateForm(request.form) if update_form.validate(): update_form.save(session['username']) session['username'] = update_form.username.data elif 'change_password' in request.form: password_form = forms.PasswordForm(request.form) if password_form.validate(): password_form.save(session['username']) elif 'remove' in request.form: db = database.get_db() db.execute('delete from users where id=?', [database.get_user_id(session['username'])]) db.commit() return redirect(url_for('logout')) return render_template('edit_profile.html', register_form=update_form, password_form=password_form)
def settings_new_password(): if session['login']: form = forms.PasswordForm() user = db.member_info(session['user_id']) if form.validate_on_submit(): if check_password_hash(user[0][2], form.currentpassword.data): db.update_password(user[0][0], form.newpassword.data) flash('New password set', 'success') return redirect(url_for('settings')) else: flash("Incorrect Password!", "error") return render_template('password_edit.html', form=form)
def reset_with_token(token): try: email = ts.loads(token, salt="recover-key", max_age=86400) except: abort(404) form = forms.PasswordForm() if form.validate_on_submit(): user = models.User.get(models.User.email == email) q = models.User.update(password=generate_password_hash(form.password.data)).where(models.User.email == email) q.execute() return redirect(url_for('login')) return render_template('reset_with_token.html', form=form, token=token, user=current_user)