2 # Copyright (C) 2018 rubenwardy
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License
15 # along with this program. If not, see <https://www.gnu.org/licenses/>.
19 from flask_user import *
20 from flask_login import login_user, logout_user
21 from flask.ext import menu
23 from app.models import *
24 from flask_wtf import FlaskForm
25 from flask_user.forms import RegisterForm
27 from wtforms.validators import *
28 from app.utils import rank_required, randomString, loginUser
29 from app.tasks.forumtasks import checkForumAccount
30 from app.tasks.emails import sendVerifyEmail
31 from app.tasks.phpbbparser import getProfile
33 # Define the User profile form
34 class UserProfileForm(FlaskForm):
35 display_name = StringField("Display name", [Optional(), Length(2, 20)])
36 email = StringField("Email", [Optional(), Email()])
37 rank = SelectField("Rank", [Optional()], choices=UserRank.choices(), coerce=UserRank.coerce, default=UserRank.NEW_MEMBER)
38 submit = SubmitField("Save")
40 @app.route("/users/", methods=["GET"])
43 users = User.query.order_by(db.desc(User.rank), db.asc(User.display_name)).all()
44 return render_template("users/list.html", users=users)
47 @app.route("/users/<username>/", methods=["GET", "POST"])
48 def user_profile_page(username):
49 user = User.query.filter_by(username=username).first()
54 if user.checkPerm(current_user, Permission.CHANGE_DNAME) or \
55 user.checkPerm(current_user, Permission.CHANGE_EMAIL) or \
56 user.checkPerm(current_user, Permission.CHANGE_RANK):
58 form = UserProfileForm(formdata=request.form, obj=user)
61 if request.method=="POST" and form.validate():
62 # Copy form fields to user_profile fields
63 if user.checkPerm(current_user, Permission.CHANGE_DNAME):
64 user.display_name = form["display_name"].data
66 if user.checkPerm(current_user, Permission.CHANGE_RANK):
67 newRank = form["rank"].data
68 if current_user.rank.atLeast(newRank):
69 user.rank = form["rank"].data
71 flash("Can't promote a user to a rank higher than yourself!", "error")
73 if user.checkPerm(current_user, Permission.CHANGE_EMAIL):
74 newEmail = form["email"].data
75 if newEmail != user.email and newEmail.strip() != "":
76 token = randomString(32)
78 ver = UserEmailVerification()
85 task = sendVerifyEmail.delay(newEmail, token)
86 return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=username)))
91 # Redirect to home page
92 return redirect(url_for("user_profile_page", username=username))
94 packages = user.packages.filter_by(soft_deleted=False)
95 if not current_user.is_authenticated or (user != current_user and not current_user.canAccessTodoList()):
96 packages = packages.filter_by(approved=True)
97 packages = packages.order_by(db.asc(Package.title))
100 if current_user == user or user.checkPerm(current_user, Permission.CHANGE_AUTHOR):
101 topics_to_add = KrockForumTopic.query \
102 .filter_by(author_id=user.id) \
103 .filter(~ db.exists().where(Package.forums==KrockForumTopic.topic_id)) \
104 .order_by(db.asc(KrockForumTopic.name), db.asc(KrockForumTopic.title)) \
107 # Process GET or invalid POST
108 return render_template("users/user_profile_page.html",
109 user=user, form=form, packages=packages, topics_to_add=topics_to_add)
111 class SetPasswordForm(FlaskForm):
112 email = StringField("Email", [Optional(), Email()])
113 password = PasswordField("New password", [InputRequired(), Length(2, 20)])
114 password2 = PasswordField("Verify password", [InputRequired(), Length(2, 20)])
115 submit = SubmitField("Save")
117 @app.route("/user/set-password/", methods=["GET", "POST"])
119 def set_password_page():
120 if current_user.password is not None:
121 return redirect(url_for("user.change_password"))
123 form = SetPasswordForm(request.form)
124 if current_user.email == None:
125 form.email.validators = [InputRequired(), Email()]
127 if request.method == "POST" and form.validate():
128 one = form.password.data
129 two = form.password2.data
132 hashed_password = user_manager.hash_password(form.password.data)
135 user_manager.update_password(current_user, hashed_password)
137 # Send 'password_changed' email
138 if user_manager.enable_email and user_manager.send_password_changed_email and current_user.email:
139 emails.send_password_changed_email(current_user)
141 # Send password_changed signal
142 signals.user_changed_password.send(current_app._get_current_object(), user=current_user)
144 # Prepare one-time system message
145 flash('Your password has been changed successfully.', 'success')
147 newEmail = form["email"].data
148 if newEmail != current_user.email and newEmail.strip() != "":
149 token = randomString(32)
151 ver = UserEmailVerification()
152 ver.user = current_user
158 task = sendVerifyEmail.delay(newEmail, token)
159 return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=current_user.username)))
161 return redirect(url_for("user_profile_page", username=current_user.username))
163 flash("Passwords do not match", "error")
165 return render_template("users/set_password.html", form=form)
168 @app.route("/user/claim/", methods=["GET", "POST"])
169 def user_claim_page():
170 username = request.args.get("username")
174 method = request.args.get("method")
175 user = User.query.filter_by(forums_username=username).first()
176 if user and user.rank.atLeast(UserRank.NEW_MEMBER):
177 flash("User has already been claimed", "error")
178 return redirect(url_for("user_claim_page"))
179 elif user is None and method == "github":
180 flash("Unable to get Github username for user", "error")
181 return redirect(url_for("user_claim_page"))
183 flash("Unable to find that user", "error")
184 return redirect(url_for("user_claim_page"))
186 if user is not None and method == "github":
187 return redirect(url_for("github_signin_page"))
190 if "forum_token" in session:
191 token = session["forum_token"]
193 token = randomString(32)
194 session["forum_token"] = token
196 if request.method == "POST":
197 ctype = request.form.get("claim_type")
198 username = request.form.get("username")
200 if username is None or len(username.strip()) < 2:
201 flash("Invalid username", "error")
202 elif ctype == "github":
203 task = checkForumAccount.delay(username)
204 return redirect(url_for("check_task", id=task.id, r=url_for("user_claim_page", username=username, method="github")))
205 elif ctype == "forum":
206 user = User.query.filter_by(forums_username=username).first()
207 if user is not None and user.rank.atLeast(UserRank.NEW_MEMBER):
208 flash("That user has already been claimed!", "error")
209 return redirect(url_for("user_claim_page"))
214 profile = getProfile("https://forum.minetest.net", username)
215 sig = profile.signature
217 flash("Unable to get forum signature - does the user exist?", "error")
218 return redirect(url_for("user_claim_page", username=username))
223 user = User(username)
224 user.forums_username = username
229 return redirect(url_for("set_password_page"))
231 flash("Unable to login as user", "error")
232 return redirect(url_for("user_claim_page", username=username))
235 flash("Could not find the key in your signature!", "error")
236 return redirect(url_for("user_claim_page", username=username))
238 flash("Unknown claim type", "error")
240 return render_template("users/claim.html", username=username, key=token)
242 @app.route("/users/verify/")
243 def verify_email_page():
244 token = request.args.get("token")
245 ver = UserEmailVerification.query.filter_by(token=token).first()
247 flash("Unknown verification token!", "error")
249 ver.user.email = ver.email
250 db.session.delete(ver)
253 if current_user.is_authenticated:
254 return redirect(url_for("user_profile_page", username=current_user.username))
256 return redirect(url_for("home_page"))