mirror of
https://github.com/minetest/contentdb.git
synced 2024-12-23 06:22:24 +01:00
Add set password form
This commit is contained in:
parent
a4b583bac5
commit
6353ac29e9
@ -97,7 +97,7 @@ class User(db.Model, UserMixin):
|
||||
|
||||
# User authentication information
|
||||
username = db.Column(db.String(50), nullable=False, unique=True)
|
||||
password = db.Column(db.String(255), nullable=False, server_default="")
|
||||
password = db.Column(db.String(255), nullable=True)
|
||||
reset_password_token = db.Column(db.String(100), nullable=False, server_default="")
|
||||
|
||||
rank = db.Column(db.Enum(UserRank))
|
||||
|
28
app/templates/users/set_password.html
Normal file
28
app/templates/users/set_password.html
Normal file
@ -0,0 +1,28 @@
|
||||
{% extends "base.html" %}
|
||||
|
||||
{% block title %}
|
||||
Set Password
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<h1>Set Password</h1>
|
||||
|
||||
{% from "macros/forms.html" import render_field, render_submit_field %}
|
||||
<form action="" method="POST" class="form" role="form">
|
||||
<div class="row">
|
||||
<div class="col-sm-6 col-md-5 col-lg-4">
|
||||
{{ form.hidden_tag() }}
|
||||
|
||||
{% if not current_user.email %}
|
||||
{{ render_field(form.email, tabindex=230) }}
|
||||
{% endif %}
|
||||
|
||||
{{ render_field(form.password, tabindex=230) }}
|
||||
{{ render_field(form.password2, tabindex=240) }}
|
||||
|
||||
{{ render_submit_field(form.submit, tabindex=280) }}
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
{% endblock %}
|
@ -42,6 +42,18 @@
|
||||
{% endif %}
|
||||
</td>
|
||||
</tr>
|
||||
{% if user == current_user %}
|
||||
<tr>
|
||||
<td>Password:</td>
|
||||
<td>
|
||||
{% if user.password %}
|
||||
Set | <a href="{{ url_for('user.change_password') }}">Change</a>
|
||||
{% else %}
|
||||
Not set | <a href="{{ url_for('set_password_page') }}">Set</a>
|
||||
{% endif %}
|
||||
</td>
|
||||
</tr>
|
||||
{% endif %}
|
||||
</table>
|
||||
</div>
|
||||
|
||||
|
@ -101,8 +101,61 @@ def user_profile_page(username):
|
||||
return render_template("users/user_profile_page.html",
|
||||
user=user, form=form, packages=packages)
|
||||
|
||||
class SetPasswordForm(FlaskForm):
|
||||
email = StringField("Email (Optional)", [Optional(), Email()])
|
||||
password = PasswordField("New password", [InputRequired(), Length(2, 20)])
|
||||
password2 = PasswordField("Verify password", [InputRequired(), Length(2, 20)])
|
||||
submit = SubmitField("Save")
|
||||
|
||||
@app.route("/users/claim/", methods=["GET", "POST"])
|
||||
@app.route("/user/set-password/", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def set_password_page():
|
||||
if current_user.password is not None:
|
||||
return redirect(url_for("user.change_password"))
|
||||
|
||||
form = SetPasswordForm(request.form)
|
||||
if request.method == "POST" and form.validate():
|
||||
one = form.password.data
|
||||
two = form.password2.data
|
||||
if one == two:
|
||||
# Hash password
|
||||
hashed_password = user_manager.hash_password(form.password.data)
|
||||
|
||||
# Change password
|
||||
user_manager.update_password(current_user, hashed_password)
|
||||
|
||||
# Send 'password_changed' email
|
||||
if user_manager.enable_email and user_manager.send_password_changed_email and current_user.email:
|
||||
emails.send_password_changed_email(current_user)
|
||||
|
||||
# Send password_changed signal
|
||||
signals.user_changed_password.send(current_app._get_current_object(), user=current_user)
|
||||
|
||||
# Prepare one-time system message
|
||||
flash('Your password has been changed successfully.', 'success')
|
||||
|
||||
newEmail = form["email"].data
|
||||
if newEmail != current_user.email and newEmail.strip() != "":
|
||||
token = randomString(32)
|
||||
|
||||
ver = UserEmailVerification()
|
||||
ver.user = current_user
|
||||
ver.token = token
|
||||
ver.email = newEmail
|
||||
db.session.add(ver)
|
||||
db.session.commit()
|
||||
|
||||
task = sendVerifyEmail.delay(newEmail, token)
|
||||
return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=current_user.username)))
|
||||
else:
|
||||
return redirect(url_for("user_profile_page", username=current_user.username))
|
||||
else:
|
||||
flash("Passwords do not match", "error")
|
||||
|
||||
return render_template("users/set_password.html", form=form)
|
||||
|
||||
|
||||
@app.route("/user/claim/", methods=["GET", "POST"])
|
||||
def user_claim_page():
|
||||
username = request.args.get("username")
|
||||
if username is None:
|
||||
@ -161,7 +214,7 @@ def user_claim_page():
|
||||
db.session.commit()
|
||||
|
||||
if loginUser(user):
|
||||
return redirect(url_for("user_profile_page", username=username))
|
||||
return redirect(url_for("set_password_page"))
|
||||
else:
|
||||
flash("Unable to login as user", "error")
|
||||
return redirect(url_for("user_claim_page", username=username))
|
||||
|
Loading…
Reference in New Issue
Block a user