mirror of
https://github.com/minetest/contentdb.git
synced 2025-01-11 07:27:36 +01:00
Add set password form
This commit is contained in:
parent
a4b583bac5
commit
6353ac29e9
@ -97,7 +97,7 @@ class User(db.Model, UserMixin):
|
|||||||
|
|
||||||
# User authentication information
|
# User authentication information
|
||||||
username = db.Column(db.String(50), nullable=False, unique=True)
|
username = db.Column(db.String(50), nullable=False, unique=True)
|
||||||
password = db.Column(db.String(255), nullable=False, server_default="")
|
password = db.Column(db.String(255), nullable=True)
|
||||||
reset_password_token = db.Column(db.String(100), nullable=False, server_default="")
|
reset_password_token = db.Column(db.String(100), nullable=False, server_default="")
|
||||||
|
|
||||||
rank = db.Column(db.Enum(UserRank))
|
rank = db.Column(db.Enum(UserRank))
|
||||||
|
28
app/templates/users/set_password.html
Normal file
28
app/templates/users/set_password.html
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
{% extends "base.html" %}
|
||||||
|
|
||||||
|
{% block title %}
|
||||||
|
Set Password
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
<h1>Set Password</h1>
|
||||||
|
|
||||||
|
{% from "macros/forms.html" import render_field, render_submit_field %}
|
||||||
|
<form action="" method="POST" class="form" role="form">
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-sm-6 col-md-5 col-lg-4">
|
||||||
|
{{ form.hidden_tag() }}
|
||||||
|
|
||||||
|
{% if not current_user.email %}
|
||||||
|
{{ render_field(form.email, tabindex=230) }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{{ render_field(form.password, tabindex=230) }}
|
||||||
|
{{ render_field(form.password2, tabindex=240) }}
|
||||||
|
|
||||||
|
{{ render_submit_field(form.submit, tabindex=280) }}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
{% endblock %}
|
@ -42,6 +42,18 @@
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
{% if user == current_user %}
|
||||||
|
<tr>
|
||||||
|
<td>Password:</td>
|
||||||
|
<td>
|
||||||
|
{% if user.password %}
|
||||||
|
Set | <a href="{{ url_for('user.change_password') }}">Change</a>
|
||||||
|
{% else %}
|
||||||
|
Not set | <a href="{{ url_for('set_password_page') }}">Set</a>
|
||||||
|
{% endif %}
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
{% endif %}
|
||||||
</table>
|
</table>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@ -101,8 +101,61 @@ def user_profile_page(username):
|
|||||||
return render_template("users/user_profile_page.html",
|
return render_template("users/user_profile_page.html",
|
||||||
user=user, form=form, packages=packages)
|
user=user, form=form, packages=packages)
|
||||||
|
|
||||||
|
class SetPasswordForm(FlaskForm):
|
||||||
|
email = StringField("Email (Optional)", [Optional(), Email()])
|
||||||
|
password = PasswordField("New password", [InputRequired(), Length(2, 20)])
|
||||||
|
password2 = PasswordField("Verify password", [InputRequired(), Length(2, 20)])
|
||||||
|
submit = SubmitField("Save")
|
||||||
|
|
||||||
@app.route("/users/claim/", methods=["GET", "POST"])
|
@app.route("/user/set-password/", methods=["GET", "POST"])
|
||||||
|
@login_required
|
||||||
|
def set_password_page():
|
||||||
|
if current_user.password is not None:
|
||||||
|
return redirect(url_for("user.change_password"))
|
||||||
|
|
||||||
|
form = SetPasswordForm(request.form)
|
||||||
|
if request.method == "POST" and form.validate():
|
||||||
|
one = form.password.data
|
||||||
|
two = form.password2.data
|
||||||
|
if one == two:
|
||||||
|
# Hash password
|
||||||
|
hashed_password = user_manager.hash_password(form.password.data)
|
||||||
|
|
||||||
|
# Change password
|
||||||
|
user_manager.update_password(current_user, hashed_password)
|
||||||
|
|
||||||
|
# Send 'password_changed' email
|
||||||
|
if user_manager.enable_email and user_manager.send_password_changed_email and current_user.email:
|
||||||
|
emails.send_password_changed_email(current_user)
|
||||||
|
|
||||||
|
# Send password_changed signal
|
||||||
|
signals.user_changed_password.send(current_app._get_current_object(), user=current_user)
|
||||||
|
|
||||||
|
# Prepare one-time system message
|
||||||
|
flash('Your password has been changed successfully.', 'success')
|
||||||
|
|
||||||
|
newEmail = form["email"].data
|
||||||
|
if newEmail != current_user.email and newEmail.strip() != "":
|
||||||
|
token = randomString(32)
|
||||||
|
|
||||||
|
ver = UserEmailVerification()
|
||||||
|
ver.user = current_user
|
||||||
|
ver.token = token
|
||||||
|
ver.email = newEmail
|
||||||
|
db.session.add(ver)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
task = sendVerifyEmail.delay(newEmail, token)
|
||||||
|
return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=current_user.username)))
|
||||||
|
else:
|
||||||
|
return redirect(url_for("user_profile_page", username=current_user.username))
|
||||||
|
else:
|
||||||
|
flash("Passwords do not match", "error")
|
||||||
|
|
||||||
|
return render_template("users/set_password.html", form=form)
|
||||||
|
|
||||||
|
|
||||||
|
@app.route("/user/claim/", methods=["GET", "POST"])
|
||||||
def user_claim_page():
|
def user_claim_page():
|
||||||
username = request.args.get("username")
|
username = request.args.get("username")
|
||||||
if username is None:
|
if username is None:
|
||||||
@ -129,7 +182,7 @@ def user_claim_page():
|
|||||||
cache.set("forum_claim_key_" + request.remote_addr, token, 5*60)
|
cache.set("forum_claim_key_" + request.remote_addr, token, 5*60)
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
ctype = request.form.get("claim_type")
|
ctype = request.form.get("claim_type")
|
||||||
username = request.form.get("username")
|
username = request.form.get("username")
|
||||||
|
|
||||||
if username is None or len(username.strip()) < 2:
|
if username is None or len(username.strip()) < 2:
|
||||||
@ -161,7 +214,7 @@ def user_claim_page():
|
|||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
if loginUser(user):
|
if loginUser(user):
|
||||||
return redirect(url_for("user_profile_page", username=username))
|
return redirect(url_for("set_password_page"))
|
||||||
else:
|
else:
|
||||||
flash("Unable to login as user", "error")
|
flash("Unable to login as user", "error")
|
||||||
return redirect(url_for("user_claim_page", username=username))
|
return redirect(url_for("user_claim_page", username=username))
|
||||||
|
Loading…
Reference in New Issue
Block a user