mirror of
https://github.com/spl0k/supysonic.git
synced 2024-12-23 01:16:18 +00:00
Pages allowing the user to change his pasword and email
This commit is contained in:
parent
15a9722325
commit
64cbccf9ad
9
templates/change_mail.html
Executable file
9
templates/change_mail.html
Executable file
@ -0,0 +1,9 @@
|
|||||||
|
{% extends "layout.html" %}
|
||||||
|
{% block body %}
|
||||||
|
<h2>{{ user.name }}</h2>
|
||||||
|
<form method="post">
|
||||||
|
<label for="mail">Email</label><input type="text" name="mail" id="mail" value="{{ request.form.mail or user.mail }}" /><br />
|
||||||
|
<input type="submit" />
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
||||||
|
|
11
templates/change_pass.html
Executable file
11
templates/change_pass.html
Executable file
@ -0,0 +1,11 @@
|
|||||||
|
{% extends "layout.html" %}
|
||||||
|
{% block body %}
|
||||||
|
<h2>{{ user }}</h2>
|
||||||
|
<form method="post">
|
||||||
|
<label for="current">Current password</label><input type="password" name="current" id="current" /><br />
|
||||||
|
<label for="new">New password</label><input type="password" name="new" id="new" /><br />
|
||||||
|
<label for="confirm">Confirm</label><input type="password" name="confirm" id="confirm" /><br />
|
||||||
|
<input type="submit" />
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
||||||
|
|
@ -14,7 +14,10 @@
|
|||||||
<div class="page">
|
<div class="page">
|
||||||
<h1>Supysonic</h1>
|
<h1>Supysonic</h1>
|
||||||
|
|
||||||
<p><a href="{{ url_for('index') }}">Home</a> | {% if session.get('userid') %}<a href="{{ url_for('logout') }}">Log out</a>{% else %}<a href="{{ url_for('login') }}">Log in</a>{% endif %}</p>
|
<p><a href="{{ url_for('index') }}">Home</a> |
|
||||||
|
{% if session.userid %}<a href="{{ url_for('user_profile') }}">{{ session.username }}</a> - <a href="{{ url_for('logout') }}">Log out</a>
|
||||||
|
{% else %}<a href="{{ url_for('login') }}">Log in</a>
|
||||||
|
{% endif %}</p>
|
||||||
|
|
||||||
{% if get_flashed_messages() %}
|
{% if get_flashed_messages() %}
|
||||||
<div class="flash">
|
<div class="flash">
|
||||||
|
11
templates/profile.html
Executable file
11
templates/profile.html
Executable file
@ -0,0 +1,11 @@
|
|||||||
|
{% extends "layout.html" %}
|
||||||
|
{% block body %}
|
||||||
|
<h2>{{ user.name }}</h2>
|
||||||
|
<ul>
|
||||||
|
{% if user.admin %}<li>You're an admin!</li>{% endif %}
|
||||||
|
<li><strong>Email</strong>: {{ user.mail }} - <a href="{{ url_for('change_mail') }}">Change</a></li>
|
||||||
|
<li><strong>LastFM status</strong>: Unavailable</li>
|
||||||
|
<li><a href="{{ url_for('change_password') }}">Change password</a></li>
|
||||||
|
</ul>
|
||||||
|
{% endblock %}
|
||||||
|
|
46
user.py
46
user.py
@ -4,11 +4,11 @@ from flask import request, session, flash, render_template, redirect, url_for
|
|||||||
|
|
||||||
from web import app
|
from web import app
|
||||||
from user_manager import UserManager
|
from user_manager import UserManager
|
||||||
from db import User
|
from db import User, session as db_sess
|
||||||
|
|
||||||
@app.before_request
|
@app.before_request
|
||||||
def check_admin():
|
def check_admin():
|
||||||
if not request.path.startswith('/user') or request.endpoint in ('login', 'logout'):
|
if not request.path.startswith('/user'):
|
||||||
return
|
return
|
||||||
|
|
||||||
if request.endpoint == 'add_user' and User.query.filter(User.admin == True).count() == 0:
|
if request.endpoint == 'add_user' and User.query.filter(User.admin == True).count() == 0:
|
||||||
@ -21,6 +21,47 @@ def check_admin():
|
|||||||
def user_index():
|
def user_index():
|
||||||
return render_template('users.html', users = User.query.all())
|
return render_template('users.html', users = User.query.all())
|
||||||
|
|
||||||
|
@app.route('/user/me')
|
||||||
|
def user_profile():
|
||||||
|
return render_template('profile.html', user = UserManager.get(session.get('userid'))[1])
|
||||||
|
|
||||||
|
@app.route('/user/changemail', methods = [ 'GET', 'POST' ])
|
||||||
|
def change_mail():
|
||||||
|
user = UserManager.get(session.get('userid'))[1]
|
||||||
|
if request.method == 'POST':
|
||||||
|
mail = request.form.get('mail')
|
||||||
|
# No validation, lol.
|
||||||
|
user.mail = mail
|
||||||
|
db_sess.commit()
|
||||||
|
return redirect(url_for('user_profile'))
|
||||||
|
|
||||||
|
return render_template('change_mail.html', user = user)
|
||||||
|
|
||||||
|
@app.route('/user/changepass', methods = [ 'GET', 'POST' ])
|
||||||
|
def change_password():
|
||||||
|
if request.method == 'POST':
|
||||||
|
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
|
||||||
|
error = False
|
||||||
|
if current in ('', None):
|
||||||
|
flash('The current password is required')
|
||||||
|
error = True
|
||||||
|
if new in ('', None):
|
||||||
|
flash('The new password is required')
|
||||||
|
error = True
|
||||||
|
if new != confirm:
|
||||||
|
flash("The new password and its confirmation don't match")
|
||||||
|
error = True
|
||||||
|
|
||||||
|
if not error:
|
||||||
|
status = UserManager.change_password(session.get('userid'), current, new)
|
||||||
|
if status != UserManager.SUCCESS:
|
||||||
|
flash(UserManager.error_str(status))
|
||||||
|
else:
|
||||||
|
flash('Password changed')
|
||||||
|
return redirect(url_for('user_profile'))
|
||||||
|
|
||||||
|
return render_template('change_pass.html', user = UserManager.get(session.get('userid'))[1].name)
|
||||||
|
|
||||||
@app.route('/user/add', methods = [ 'GET', 'POST' ])
|
@app.route('/user/add', methods = [ 'GET', 'POST' ])
|
||||||
def add_user():
|
def add_user():
|
||||||
if request.method == 'GET':
|
if request.method == 'GET':
|
||||||
@ -87,6 +128,7 @@ def login():
|
|||||||
status, user = UserManager.try_auth(name, password)
|
status, user = UserManager.try_auth(name, password)
|
||||||
if status == UserManager.SUCCESS:
|
if status == UserManager.SUCCESS:
|
||||||
session['userid'] = str(user.id)
|
session['userid'] = str(user.id)
|
||||||
|
session['username'] = user.name
|
||||||
flash('Logged in!')
|
flash('Logged in!')
|
||||||
return redirect(return_url)
|
return redirect(return_url)
|
||||||
else:
|
else:
|
||||||
|
@ -63,6 +63,19 @@ class UserManager:
|
|||||||
else:
|
else:
|
||||||
return UserManager.SUCCESS, user
|
return UserManager.SUCCESS, user
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def change_password(uid, old_pass, new_pass):
|
||||||
|
status, user = UserManager.get(uid)
|
||||||
|
if status != UserManager.SUCCESS:
|
||||||
|
return status
|
||||||
|
|
||||||
|
if UserManager.__encrypt_password(old_pass, user.salt)[0] != user.password:
|
||||||
|
return UserManager.WRONG_PASS
|
||||||
|
|
||||||
|
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]
|
||||||
|
session.commit()
|
||||||
|
return UserManager.SUCCESS
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def error_str(err):
|
def error_str(err):
|
||||||
if err == UserManager.SUCCESS:
|
if err == UserManager.SUCCESS:
|
||||||
|
Loading…
Reference in New Issue
Block a user