From ee596b2b55afa08f386ac4992ff3019250920ccf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20=27Necoro=27=20Neumann?= Date: Sat, 19 Oct 2013 15:33:16 +0200 Subject: 'Change password' support --- app/forms.py | 15 ++++++++++++++- app/login.py | 4 ++++ app/views/user.py | 27 +++++++++++++++++++++------ templates/menu.jinja | 5 ++++- templates/user/cpw.jinja | 13 +++++++++++++ 5 files changed, 56 insertions(+), 8 deletions(-) create mode 100644 templates/user/cpw.jinja diff --git a/app/forms.py b/app/forms.py index 8cf9b6e..6c5782a 100644 --- a/app/forms.py +++ b/app/forms.py @@ -3,7 +3,7 @@ import flask from flask.ext.wtf import Form as _Form from wtforms.fields import DateField, IntegerField, StringField, HiddenField, PasswordField from wtforms import validators as v -from wtforms import fields +from wtforms import fields, ValidationError from wtforms.ext.sqlalchemy.fields import QuerySelectField from wtforms.ext.i18n.form import Form as i18nForm @@ -113,3 +113,16 @@ class LoginForm(Form): self.user = user return True + +class ChangePwdForm(Form): + old = PasswordField(u'Passwort', req) + new = PasswordField(u'Neues Passwort', req + [v.EqualTo('confirm', u'Passwörter stimmen nicht überein')]) + confirm = PasswordField(u'Wdh. neues Passwort', req) + + def validate_old(self, field): + if not login.current_user.check_password(field.data): + raise ValidationError(u"Falsches Passwort") + + @property + def newpwd(self): + return self.new.data diff --git a/app/login.py b/app/login.py index be89f09..7098db4 100644 --- a/app/login.py +++ b/app/login.py @@ -13,9 +13,13 @@ login_manager.init_app(app) login_manager.login_message = u"Bitte einloggen!" class User (model.User, UserMixin): + def check_password(self, pwd): return pwd_context.verify(pwd, self.pwd) + def set_password(self, pwd): + self.pwd = pwd_context.encrypt(pwd) + @login_manager.user_loader def load_user(id): return User.get(id) diff --git a/app/views/user.py b/app/views/user.py index e3c9251..a532c45 100644 --- a/app/views/user.py +++ b/app/views/user.py @@ -1,12 +1,12 @@ +# -*- encoding: utf-8 -*- from . import Blueprint, flash, db, \ current_user, login_required, \ - templated, request, url_for + templated, redirect, request, url_for -from ..forms import LoginForm +from ..forms import LoginForm, ChangePwdForm from ..login import login_user, logout_user, login_manager -# we explicitly need flask's redirect and not our variant -from flask import redirect +import flask mod = Blueprint('user', __name__) @@ -17,13 +17,28 @@ def login(): if form.validate_on_submit(): login_user(form.user) - return redirect(request.args.get('next') or url_for('index')) + # we explicitly need flask's variant as we redirect to a URI + return flask.redirect(request.args.get('next') or url_for('index')) return { 'form': form } +@mod.route('/cpw', methods=('GET', 'POST')) +@login_required +@templated +def cpw(): + form = ChangePwdForm() + + if form.validate_on_submit(): + current_user.set_password(form.newpwd) + db.session.commit() + flash(u"Passwort geändert.") + return redirect('index') + + return { 'form': form } + @mod.route('/logout') def logout(): logout_user() - return redirect(url_for('.login')) + return redirect('.login') login_manager.login_view = 'user.login' diff --git a/templates/menu.jinja b/templates/menu.jinja index cebe1e5..a4e2b49 100644 --- a/templates/menu.jinja +++ b/templates/menu.jinja @@ -6,5 +6,8 @@ ] %} {% if current_user.is_authenticated() %} - {% set menu = menu + [("user.logout", "Logout")] %} + {% set menu = menu + [ + ("user.cpw", "Passwort ändern"), + ("user.logout", "Logout")] + %} {% endif %} diff --git a/templates/user/cpw.jinja b/templates/user/cpw.jinja new file mode 100644 index 0000000..74d65dc --- /dev/null +++ b/templates/user/cpw.jinja @@ -0,0 +1,13 @@ +{% extends "layout.jinja" %} +{% from "macros.jinja" import render_form %} + +{% block heading %} + Passwort ändern +{% endblock %} + +{% block content %} +
+ {{ render_form(form, old = {'autofocus' : True}) }} + +
+{% endblock %} -- cgit v1.2.3