2 # Copyright (C) 2018 rubenwardy
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License
15 # along with this program. If not, see <https://www.gnu.org/licenses/>.
19 from flask_user import *
20 from flask_login import login_user, logout_user
21 from flask.ext import menu
23 from app.models import *
24 from flask_wtf import FlaskForm
25 from flask_user.forms import RegisterForm
27 from wtforms.validators import *
28 from app.utils import rank_required, randomString, loginUser
29 from app.tasks.forumtasks import checkForumAccount
30 from app.tasks.emails import sendVerifyEmail
31 from app.tasks.phpbbparser import getProfile
33 # Define the User profile form
34 class UserProfileForm(FlaskForm):
35 display_name = StringField("Display name", [Optional(), Length(2, 20)])
36 email = StringField("Email", [Optional(), Email()])
37 rank = SelectField("Rank", [Optional()], choices=UserRank.choices(), coerce=UserRank.coerce, default=UserRank.NEW_MEMBER)
38 submit = SubmitField("Save")
40 @app.route("/users/", methods=["GET"])
43 users = User.query.order_by(db.desc(User.rank), db.asc(User.display_name)).all()
44 return render_template("users/list.html", users=users)
47 @app.route("/users/<username>/", methods=["GET", "POST"])
48 def user_profile_page(username):
49 user = User.query.filter_by(username=username).first()
54 if user.checkPerm(current_user, Permission.CHANGE_DNAME) or \
55 user.checkPerm(current_user, Permission.CHANGE_EMAIL) or \
56 user.checkPerm(current_user, Permission.CHANGE_RANK):
58 form = UserProfileForm(formdata=request.form, obj=user)
61 if request.method=="POST" and form.validate():
62 # Copy form fields to user_profile fields
63 if user.checkPerm(current_user, Permission.CHANGE_DNAME):
64 user.display_name = form["display_name"].data
66 if user.checkPerm(current_user, Permission.CHANGE_RANK):
67 newRank = form["rank"].data
68 if current_user.rank.atLeast(newRank):
69 user.rank = form["rank"].data
71 flash("Can't promote a user to a rank higher than yourself!", "error")
73 if user.checkPerm(current_user, Permission.CHANGE_EMAIL):
74 newEmail = form["email"].data
75 if newEmail != user.email and newEmail.strip() != "":
76 token = randomString(32)
78 ver = UserEmailVerification()
85 task = sendVerifyEmail.delay(newEmail, token)
86 return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=username)))
91 # Redirect to home page
92 return redirect(url_for("user_profile_page", username=username))
94 packages = user.packages.filter_by(soft_deleted=False)
95 if not current_user.is_authenticated or (user != current_user and not current_user.canAccessTodoList()):
96 packages = packages.filter_by(approved=True)
97 packages = packages.order_by(db.asc(Package.title))
100 if current_user == user or user.checkPerm(current_user, Permission.CHANGE_AUTHOR):
101 topics_to_add = KrockForumTopic.query \
102 .filter_by(author_id=user.id) \
103 .filter(~ db.exists().where(Package.forums==KrockForumTopic.topic_id)) \
104 .order_by(db.asc(KrockForumTopic.name), db.asc(KrockForumTopic.title)) \
107 # Process GET or invalid POST
108 return render_template("users/user_profile_page.html",
109 user=user, form=form, packages=packages, topics_to_add=topics_to_add)
111 class SetPasswordForm(FlaskForm):
112 email = StringField("Email (Optional)", [Optional(), Email()])
113 password = PasswordField("New password", [InputRequired(), Length(2, 20)])
114 password2 = PasswordField("Verify password", [InputRequired(), Length(2, 20)])
115 submit = SubmitField("Save")
117 @app.route("/user/set-password/", methods=["GET", "POST"])
119 def set_password_page():
120 if current_user.password is not None:
121 return redirect(url_for("user.change_password"))
123 form = SetPasswordForm(request.form)
124 if request.method == "POST" and form.validate():
125 one = form.password.data
126 two = form.password2.data
129 hashed_password = user_manager.hash_password(form.password.data)
132 user_manager.update_password(current_user, hashed_password)
134 # Send 'password_changed' email
135 if user_manager.enable_email and user_manager.send_password_changed_email and current_user.email:
136 emails.send_password_changed_email(current_user)
138 # Send password_changed signal
139 signals.user_changed_password.send(current_app._get_current_object(), user=current_user)
141 # Prepare one-time system message
142 flash('Your password has been changed successfully.', 'success')
144 newEmail = form["email"].data
145 if newEmail != current_user.email and newEmail.strip() != "":
146 token = randomString(32)
148 ver = UserEmailVerification()
149 ver.user = current_user
155 task = sendVerifyEmail.delay(newEmail, token)
156 return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=current_user.username)))
158 return redirect(url_for("user_profile_page", username=current_user.username))
160 flash("Passwords do not match", "error")
162 return render_template("users/set_password.html", form=form)
165 @app.route("/user/claim/", methods=["GET", "POST"])
166 def user_claim_page():
167 username = request.args.get("username")
171 method = request.args.get("method")
172 user = User.query.filter_by(forums_username=username).first()
173 if user and user.rank.atLeast(UserRank.NEW_MEMBER):
174 flash("User has already been claimed", "error")
175 return redirect(url_for("user_claim_page"))
176 elif user is None and method == "github":
177 flash("Unable to get Github username for user", "error")
178 return redirect(url_for("user_claim_page"))
180 flash("Unable to find that user", "error")
181 return redirect(url_for("user_claim_page"))
183 if user is not None and method == "github":
184 return redirect(url_for("github_signin_page"))
187 if "forum_token" in session:
188 token = session["forum_token"]
190 token = randomString(32)
191 session["forum_token"] = token
193 if request.method == "POST":
194 ctype = request.form.get("claim_type")
195 username = request.form.get("username")
197 if username is None or len(username.strip()) < 2:
198 flash("Invalid username", "error")
199 elif ctype == "github":
200 task = checkForumAccount.delay(username)
201 return redirect(url_for("check_task", id=task.id, r=url_for("user_claim_page", username=username, method="github")))
202 elif ctype == "forum":
203 user = User.query.filter_by(forums_username=username).first()
204 if user is not None and user.rank.atLeast(UserRank.NEW_MEMBER):
205 flash("That user has already been claimed!", "error")
206 return redirect(url_for("user_claim_page"))
211 profile = getProfile("https://forum.minetest.net", username)
212 sig = profile.signature
214 flash("Unable to get forum signature - does the user exist?", "error")
215 return redirect(url_for("user_claim_page", username=username))
220 user = User(username)
221 user.forums_username = username
226 return redirect(url_for("set_password_page"))
228 flash("Unable to login as user", "error")
229 return redirect(url_for("user_claim_page", username=username))
232 flash("Could not find the key in your signature!", "error")
233 return redirect(url_for("user_claim_page", username=username))
235 flash("Unknown claim type", "error")
237 return render_template("users/claim.html", username=username, key=token)
239 @app.route("/users/verify/")
240 def verify_email_page():
241 token = request.args.get("token")
242 ver = UserEmailVerification.query.filter_by(token=token).first()
244 flash("Unknown verification token!", "error")
246 ver.user.email = ver.email
247 db.session.delete(ver)
250 if current_user.is_authenticated:
251 return redirect(url_for("user_profile_page", username=current_user.username))
253 return redirect(url_for("home_page"))