mirror of
https://github.com/spl0k/supysonic.git
synced 2025-01-22 15:07:07 +00:00
Pages allowing the user to change his pasword and email
This commit is contained in:
parent
15a9722325
commit
64cbccf9ad
9
templates/change_mail.html
Executable file
9
templates/change_mail.html
Executable file
@ -0,0 +1,9 @@
|
||||
{% extends "layout.html" %}
|
||||
{% block body %}
|
||||
<h2>{{ user.name }}</h2>
|
||||
<form method="post">
|
||||
<label for="mail">Email</label><input type="text" name="mail" id="mail" value="{{ request.form.mail or user.mail }}" /><br />
|
||||
<input type="submit" />
|
||||
</form>
|
||||
{% endblock %}
|
||||
|
11
templates/change_pass.html
Executable file
11
templates/change_pass.html
Executable file
@ -0,0 +1,11 @@
|
||||
{% extends "layout.html" %}
|
||||
{% block body %}
|
||||
<h2>{{ user }}</h2>
|
||||
<form method="post">
|
||||
<label for="current">Current password</label><input type="password" name="current" id="current" /><br />
|
||||
<label for="new">New password</label><input type="password" name="new" id="new" /><br />
|
||||
<label for="confirm">Confirm</label><input type="password" name="confirm" id="confirm" /><br />
|
||||
<input type="submit" />
|
||||
</form>
|
||||
{% endblock %}
|
||||
|
@ -14,7 +14,10 @@
|
||||
<div class="page">
|
||||
<h1>Supysonic</h1>
|
||||
|
||||
<p><a href="{{ url_for('index') }}">Home</a> | {% if session.get('userid') %}<a href="{{ url_for('logout') }}">Log out</a>{% else %}<a href="{{ url_for('login') }}">Log in</a>{% endif %}</p>
|
||||
<p><a href="{{ url_for('index') }}">Home</a> |
|
||||
{% if session.userid %}<a href="{{ url_for('user_profile') }}">{{ session.username }}</a> - <a href="{{ url_for('logout') }}">Log out</a>
|
||||
{% else %}<a href="{{ url_for('login') }}">Log in</a>
|
||||
{% endif %}</p>
|
||||
|
||||
{% if get_flashed_messages() %}
|
||||
<div class="flash">
|
||||
|
11
templates/profile.html
Executable file
11
templates/profile.html
Executable file
@ -0,0 +1,11 @@
|
||||
{% extends "layout.html" %}
|
||||
{% block body %}
|
||||
<h2>{{ user.name }}</h2>
|
||||
<ul>
|
||||
{% if user.admin %}<li>You're an admin!</li>{% endif %}
|
||||
<li><strong>Email</strong>: {{ user.mail }} - <a href="{{ url_for('change_mail') }}">Change</a></li>
|
||||
<li><strong>LastFM status</strong>: Unavailable</li>
|
||||
<li><a href="{{ url_for('change_password') }}">Change password</a></li>
|
||||
</ul>
|
||||
{% endblock %}
|
||||
|
46
user.py
46
user.py
@ -4,11 +4,11 @@ from flask import request, session, flash, render_template, redirect, url_for
|
||||
|
||||
from web import app
|
||||
from user_manager import UserManager
|
||||
from db import User
|
||||
from db import User, session as db_sess
|
||||
|
||||
@app.before_request
|
||||
def check_admin():
|
||||
if not request.path.startswith('/user') or request.endpoint in ('login', 'logout'):
|
||||
if not request.path.startswith('/user'):
|
||||
return
|
||||
|
||||
if request.endpoint == 'add_user' and User.query.filter(User.admin == True).count() == 0:
|
||||
@ -21,6 +21,47 @@ def check_admin():
|
||||
def user_index():
|
||||
return render_template('users.html', users = User.query.all())
|
||||
|
||||
@app.route('/user/me')
|
||||
def user_profile():
|
||||
return render_template('profile.html', user = UserManager.get(session.get('userid'))[1])
|
||||
|
||||
@app.route('/user/changemail', methods = [ 'GET', 'POST' ])
|
||||
def change_mail():
|
||||
user = UserManager.get(session.get('userid'))[1]
|
||||
if request.method == 'POST':
|
||||
mail = request.form.get('mail')
|
||||
# No validation, lol.
|
||||
user.mail = mail
|
||||
db_sess.commit()
|
||||
return redirect(url_for('user_profile'))
|
||||
|
||||
return render_template('change_mail.html', user = user)
|
||||
|
||||
@app.route('/user/changepass', methods = [ 'GET', 'POST' ])
|
||||
def change_password():
|
||||
if request.method == 'POST':
|
||||
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
|
||||
error = False
|
||||
if current in ('', None):
|
||||
flash('The current password is required')
|
||||
error = True
|
||||
if new in ('', None):
|
||||
flash('The new password is required')
|
||||
error = True
|
||||
if new != confirm:
|
||||
flash("The new password and its confirmation don't match")
|
||||
error = True
|
||||
|
||||
if not error:
|
||||
status = UserManager.change_password(session.get('userid'), current, new)
|
||||
if status != UserManager.SUCCESS:
|
||||
flash(UserManager.error_str(status))
|
||||
else:
|
||||
flash('Password changed')
|
||||
return redirect(url_for('user_profile'))
|
||||
|
||||
return render_template('change_pass.html', user = UserManager.get(session.get('userid'))[1].name)
|
||||
|
||||
@app.route('/user/add', methods = [ 'GET', 'POST' ])
|
||||
def add_user():
|
||||
if request.method == 'GET':
|
||||
@ -87,6 +128,7 @@ def login():
|
||||
status, user = UserManager.try_auth(name, password)
|
||||
if status == UserManager.SUCCESS:
|
||||
session['userid'] = str(user.id)
|
||||
session['username'] = user.name
|
||||
flash('Logged in!')
|
||||
return redirect(return_url)
|
||||
else:
|
||||
|
@ -63,6 +63,19 @@ class UserManager:
|
||||
else:
|
||||
return UserManager.SUCCESS, user
|
||||
|
||||
@staticmethod
|
||||
def change_password(uid, old_pass, new_pass):
|
||||
status, user = UserManager.get(uid)
|
||||
if status != UserManager.SUCCESS:
|
||||
return status
|
||||
|
||||
if UserManager.__encrypt_password(old_pass, user.salt)[0] != user.password:
|
||||
return UserManager.WRONG_PASS
|
||||
|
||||
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]
|
||||
session.commit()
|
||||
return UserManager.SUCCESS
|
||||
|
||||
@staticmethod
|
||||
def error_str(err):
|
||||
if err == UserManager.SUCCESS:
|
||||
|
Loading…
x
Reference in New Issue
Block a user