Fix password issues caused by Flask-User migration

This commit is contained in:
rubenwardy 2020-01-19 19:48:41 +00:00
parent 0bda16de6d
commit e115b0678c
7 changed files with 50 additions and 7 deletions

@ -65,7 +65,7 @@ def github_authorized(oauth_token):
flash("Unable to find an account for that Github user", "error")
return redirect(url_for("users.claim"))
elif loginUser(userByGithub):
if current_user.password is None:
if not current_user.hasPassword():
return redirect(next_url or url_for("users.set_password", optional=True))
else:
return redirect(next_url or url_for("homepage.home"))

@ -170,7 +170,7 @@ class SetPasswordForm(FlaskForm):
@bp.route("/user/set-password/", methods=["GET", "POST"])
@login_required
def set_password():
if current_user.password is not None:
if current_user.hasPassword():
return redirect(url_for("user.change_password"))
form = SetPasswordForm(request.form)
@ -185,10 +185,11 @@ def set_password():
hashed_password = user_manager.hash_password(form.password.data)
# Change password
user_manager.update_password(current_user, hashed_password)
current_user.password = hashed_password
db.session.commit()
# Send 'password_changed' email
if user_manager.enable_email and user_manager.send_password_changed_email and current_user.email:
if user_manager.USER_ENABLE_EMAIL and current_user.email:
emails.send_password_changed_email(current_user)
# Send password_changed signal
@ -211,7 +212,7 @@ def set_password():
task = sendVerifyEmail.delay(newEmail, token)
return redirect(url_for("tasks.check", id=task.id, r=url_for("users.profile", username=current_user.username)))
else:
return redirect(url_for("users.profile", username=current_user.username))
return redirect(url_for("user.login"))
else:
flash("Passwords do not match", "error")

@ -146,7 +146,7 @@ class User(db.Model, UserMixin):
tokens = db.relationship("APIToken", backref="owner", lazy="dynamic")
replies = db.relationship("ThreadReply", backref="author", lazy="dynamic")
def __init__(self, username, active=False, email=None, password=None):
def __init__(self, username, active=False, email=None, password=""):
self.username = username
self.email_confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
self.display_name = username
@ -155,6 +155,9 @@ class User(db.Model, UserMixin):
self.password = password
self.rank = UserRank.NOT_JOINED
def hasPassword(self):
return self.password != ""
def canAccessTodoList(self):
return Permission.APPROVE_NEW.check(self) or \
Permission.APPROVE_RELEASE.check(self) or \
@ -203,6 +206,13 @@ class User(db.Model, UserMixin):
return Thread.query.filter_by(author=self) \
.filter(Thread.created_at > hour_ago).count() < 2
def __eq__(self, other):
if not self.is_authenticated or not other.is_authenticated:
return False
assert self.id > 0
return self.id == other.id
class UserEmailVerification(db.Model):
id = db.Column(db.Integer, primary_key=True)
user_id = db.Column(db.Integer, db.ForeignKey("user.id"))

@ -15,7 +15,7 @@ Sign in
{{ form.hidden_tag() }}
{# Username or Email field #}
{% set field = form.username if user_manager.USER_ENABLE_REGISTER else form.email %}
{% set field = form.username if user_manager.USER_ENABLE_USERNAME else form.email %}
<div class="form-group {% if field.errors %}has-error{% endif %}">
{# Label on left, "New here? Register." on right #}
<label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>

@ -0,0 +1,31 @@
"""empty message
Revision ID: a0f6c8743362
Revises: 64fee8e5ab34
Create Date: 2020-01-19 19:12:39.402679
"""
from alembic import op
import sqlalchemy as sa
from sqlalchemy.dialects import postgresql
# revision identifiers, used by Alembic.
revision = 'a0f6c8743362'
down_revision = '64fee8e5ab34'
branch_labels = None
depends_on = None
def upgrade():
op.alter_column('user', 'password',
existing_type=sa.VARCHAR(length=255),
nullable=False,
existing_server_default=sa.text("''::character varying"),
server_default='')
def downgrade():
op.alter_column('user', 'password',
existing_type=sa.VARCHAR(length=255),
nullable=True,
existing_server_default=sa.text("''::character varying"))

@ -2,4 +2,5 @@
# Run all pending migrations
./utils/reload.sh
docker exec contentdb_app_1 sh -c "FLASK_CONFIG=../config.cfg FLASK_APP=app/__init__.py flask db upgrade"