1
0
mirror of https://github.com/spl0k/supysonic.git synced 2024-12-22 17:06:17 +00:00

Pages allowing the user to change his pasword and email

This commit is contained in:
Alban 2012-12-09 21:34:39 +01:00
parent 15a9722325
commit 64cbccf9ad
6 changed files with 92 additions and 3 deletions

9
templates/change_mail.html Executable file
View File

@ -0,0 +1,9 @@
{% extends "layout.html" %}
{% block body %}
<h2>{{ user.name }}</h2>
<form method="post">
<label for="mail">Email</label><input type="text" name="mail" id="mail" value="{{ request.form.mail or user.mail }}" /><br />
<input type="submit" />
</form>
{% endblock %}

11
templates/change_pass.html Executable file
View File

@ -0,0 +1,11 @@
{% extends "layout.html" %}
{% block body %}
<h2>{{ user }}</h2>
<form method="post">
<label for="current">Current password</label><input type="password" name="current" id="current" /><br />
<label for="new">New password</label><input type="password" name="new" id="new" /><br />
<label for="confirm">Confirm</label><input type="password" name="confirm" id="confirm" /><br />
<input type="submit" />
</form>
{% endblock %}

View File

@ -14,7 +14,10 @@
<div class="page"> <div class="page">
<h1>Supysonic</h1> <h1>Supysonic</h1>
<p><a href="{{ url_for('index') }}">Home</a> | {% if session.get('userid') %}<a href="{{ url_for('logout') }}">Log out</a>{% else %}<a href="{{ url_for('login') }}">Log in</a>{% endif %}</p> <p><a href="{{ url_for('index') }}">Home</a> |
{% if session.userid %}<a href="{{ url_for('user_profile') }}">{{ session.username }}</a> - <a href="{{ url_for('logout') }}">Log out</a>
{% else %}<a href="{{ url_for('login') }}">Log in</a>
{% endif %}</p>
{% if get_flashed_messages() %} {% if get_flashed_messages() %}
<div class="flash"> <div class="flash">

11
templates/profile.html Executable file
View File

@ -0,0 +1,11 @@
{% extends "layout.html" %}
{% block body %}
<h2>{{ user.name }}</h2>
<ul>
{% if user.admin %}<li>You're an admin!</li>{% endif %}
<li><strong>Email</strong>: {{ user.mail }} - <a href="{{ url_for('change_mail') }}">Change</a></li>
<li><strong>LastFM status</strong>: Unavailable</li>
<li><a href="{{ url_for('change_password') }}">Change password</a></li>
</ul>
{% endblock %}

46
user.py
View File

@ -4,11 +4,11 @@ from flask import request, session, flash, render_template, redirect, url_for
from web import app from web import app
from user_manager import UserManager from user_manager import UserManager
from db import User from db import User, session as db_sess
@app.before_request @app.before_request
def check_admin(): def check_admin():
if not request.path.startswith('/user') or request.endpoint in ('login', 'logout'): if not request.path.startswith('/user'):
return return
if request.endpoint == 'add_user' and User.query.filter(User.admin == True).count() == 0: if request.endpoint == 'add_user' and User.query.filter(User.admin == True).count() == 0:
@ -21,6 +21,47 @@ def check_admin():
def user_index(): def user_index():
return render_template('users.html', users = User.query.all()) return render_template('users.html', users = User.query.all())
@app.route('/user/me')
def user_profile():
return render_template('profile.html', user = UserManager.get(session.get('userid'))[1])
@app.route('/user/changemail', methods = [ 'GET', 'POST' ])
def change_mail():
user = UserManager.get(session.get('userid'))[1]
if request.method == 'POST':
mail = request.form.get('mail')
# No validation, lol.
user.mail = mail
db_sess.commit()
return redirect(url_for('user_profile'))
return render_template('change_mail.html', user = user)
@app.route('/user/changepass', methods = [ 'GET', 'POST' ])
def change_password():
if request.method == 'POST':
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
error = False
if current in ('', None):
flash('The current password is required')
error = True
if new in ('', None):
flash('The new password is required')
error = True
if new != confirm:
flash("The new password and its confirmation don't match")
error = True
if not error:
status = UserManager.change_password(session.get('userid'), current, new)
if status != UserManager.SUCCESS:
flash(UserManager.error_str(status))
else:
flash('Password changed')
return redirect(url_for('user_profile'))
return render_template('change_pass.html', user = UserManager.get(session.get('userid'))[1].name)
@app.route('/user/add', methods = [ 'GET', 'POST' ]) @app.route('/user/add', methods = [ 'GET', 'POST' ])
def add_user(): def add_user():
if request.method == 'GET': if request.method == 'GET':
@ -87,6 +128,7 @@ def login():
status, user = UserManager.try_auth(name, password) status, user = UserManager.try_auth(name, password)
if status == UserManager.SUCCESS: if status == UserManager.SUCCESS:
session['userid'] = str(user.id) session['userid'] = str(user.id)
session['username'] = user.name
flash('Logged in!') flash('Logged in!')
return redirect(return_url) return redirect(return_url)
else: else:

View File

@ -63,6 +63,19 @@ class UserManager:
else: else:
return UserManager.SUCCESS, user return UserManager.SUCCESS, user
@staticmethod
def change_password(uid, old_pass, new_pass):
status, user = UserManager.get(uid)
if status != UserManager.SUCCESS:
return status
if UserManager.__encrypt_password(old_pass, user.salt)[0] != user.password:
return UserManager.WRONG_PASS
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]
session.commit()
return UserManager.SUCCESS
@staticmethod @staticmethod
def error_str(err): def error_str(err):
if err == UserManager.SUCCESS: if err == UserManager.SUCCESS: