Skip to content
Snippets Groups Projects
Commit b8cebd61 authored by Ferenc Schulcz's avatar Ferenc Schulcz
Browse files

Initial commit

parents
No related branches found
No related tags found
No related merge requests found
__pycache__
import services
import db
from werkzeug.security import generate_password_hash
import os
plugin_dir = os.path.dirname(__file__) # parent folder name of the absolute path of this file
def register(add_endpoint, add_postable_endpoint, add_menu):
add_endpoint('profile', profile)
add_menu('profile', 'Profile', 'profile')
add_postable_endpoint('password_change', pwchange)
def collect_users(username):
x = db.users.find({"redirectname": username})
userlist = []
for user in x:
userlist.append(user['username'])
userlist += collect_users(user['username'])
return userlist
def profile(**kwargs):
session = kwargs['session']
rqtools = kwargs['rqtools']
request = kwargs['request']
if 'username' not in session.keys():
return rqtools.redirect(rqtools.url_for('login', next='profile'))
if not services.authorize_user(session['username'], 'profile'):
return rqtools.get_403(None)
global plugin_dir
return rqtools.render_template(plugin_dir + '/templates/profile.html', other_users=collect_users(session['username']))
def pwchange(**kwargs):
session = kwargs['session']
rqtools = kwargs['rqtools']
request = kwargs['request']
if 'username' not in session.keys() or not services.authorize_user(session['username'], 'profile'):
return rqtools.get_403(None)
if 'password' not in request.form.keys() or 'password2' not in request.form.keys():
db.sendMessage(session['username'], 'Type both passwords.')
return rqtools.redirect(rqtools.url_for('service', servicename='profile'))
password = request.form['password']
username = session['username']
if password != request.form['password2']:
db.sendMessage(session['username'], 'Passwords did not match.')
return rqtools.redirect(rqtools.url_for('service', servicename='profile'))
x = db.users.find_one(filter={'username': username})
salted_pw_hash = generate_password_hash(password, salt_length=4)
x['pwhash'] = salted_pw_hash
db.users.replace_one({'username': username}, x)
for other_user in collect_users(username):
x = db.users.find_one(filter={'username': other_user})
x['pwhash'] = salted_pw_hash
db.users.replace_one({'username': other_user}, x)
db.sendMessage(session['username'], 'Password changed successfully.')
return rqtools.redirect(rqtools.url_for('service', servicename='profile'))
{% extends 'base.html' %}
{% block title %}Profile @ SFeri{% endblock %}
{% block content %}
<h1>Password change</h1>
<h2>Welcome, {{ session['username'] }}!</h2>
<form method="post" action="{{ url_for('service', servicename='password_change') }}">
<section class="inputfield">
<label for="password">New password</label>
<input type="password" name="password" id="password" required>
</section>
<section class="inputfield">
<label for="password2">Repeat password</label>
<input type="password" name="password2" id="password2" required>
</section>
<section class="inputfield">
<input class="button" type="submit" value="Change">
</section>
</form>
{% if other_users %}
<h2>Your other usernames:</h2>
<p style="text-align: center;" , class="slim-container">
{{ other_users[0] }}{% for user in other_users[1:] %}, {{ user }}
{% endfor %}
</p>
{% endif %}
{% endblock %}
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment