2 # Copyright (C) 2018 rubenwardy
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License
15 # along with this program. If not, see <https://www.gnu.org/licenses/>.
19 from flask_user import *
20 from flask_login import login_user, logout_user
21 from flask.ext import menu
23 from app.models import *
24 from flask_wtf import FlaskForm
25 from flask_user.forms import RegisterForm
27 from wtforms.validators import *
28 from app.utils import rank_required, randomString, loginUser
29 from app.tasks.forumtasks import checkForumAccount
30 from app.tasks.emails import sendVerifyEmail
31 from app.tasks.phpbbparser import getProfile
33 # Define the User profile form
34 class UserProfileForm(FlaskForm):
35 display_name = StringField("Display name", [Optional(), Length(2, 20)])
36 email = StringField("Email", [Optional(), Email()])
37 rank = SelectField("Rank", [Optional()], choices=UserRank.choices(), coerce=UserRank.coerce, default=UserRank.NEW_MEMBER)
38 submit = SubmitField("Save")
40 @app.route("/users/", methods=["GET"])
43 users = User.query.order_by(db.desc(User.rank), db.asc(User.display_name)).all()
44 return render_template("users/list.html", users=users)
47 @app.route("/users/<username>/", methods=["GET", "POST"])
48 def user_profile_page(username):
49 user = User.query.filter_by(username=username).first()
53 packages = user.packages.filter_by(soft_deleted=False)
54 if not current_user.is_authenticated or (user != current_user and not current_user.canAccessTodoList()):
55 packages = packages.filter_by(approved=True)
58 if user.checkPerm(current_user, Permission.CHANGE_DNAME) or \
59 user.checkPerm(current_user, Permission.CHANGE_EMAIL) or \
60 user.checkPerm(current_user, Permission.CHANGE_RANK):
62 form = UserProfileForm(formdata=request.form, obj=user)
65 if request.method=="POST" and form.validate():
66 # Copy form fields to user_profile fields
67 if user.checkPerm(current_user, Permission.CHANGE_DNAME):
68 user.display_name = form["display_name"].data
70 if user.checkPerm(current_user, Permission.CHANGE_RANK):
71 newRank = form["rank"].data
72 if current_user.rank.atLeast(newRank):
73 user.rank = form["rank"].data
75 flash("Can't promote a user to a rank higher than yourself!", "error")
77 if user.checkPerm(current_user, Permission.CHANGE_EMAIL):
78 newEmail = form["email"].data
79 if newEmail != user.email and newEmail.strip() != "":
80 token = randomString(32)
82 ver = UserEmailVerification()
89 task = sendVerifyEmail.delay(newEmail, token)
90 return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=username)))
95 # Redirect to home page
96 return redirect(url_for("user_profile_page", username=username))
98 # Process GET or invalid POST
99 return render_template("users/user_profile_page.html",
100 user=user, form=form, packages=packages)
102 class SetPasswordForm(FlaskForm):
103 email = StringField("Email (Optional)", [Optional(), Email()])
104 password = PasswordField("New password", [InputRequired(), Length(2, 20)])
105 password2 = PasswordField("Verify password", [InputRequired(), Length(2, 20)])
106 submit = SubmitField("Save")
108 @app.route("/user/set-password/", methods=["GET", "POST"])
110 def set_password_page():
111 if current_user.password is not None:
112 return redirect(url_for("user.change_password"))
114 form = SetPasswordForm(request.form)
115 if request.method == "POST" and form.validate():
116 one = form.password.data
117 two = form.password2.data
120 hashed_password = user_manager.hash_password(form.password.data)
123 user_manager.update_password(current_user, hashed_password)
125 # Send 'password_changed' email
126 if user_manager.enable_email and user_manager.send_password_changed_email and current_user.email:
127 emails.send_password_changed_email(current_user)
129 # Send password_changed signal
130 signals.user_changed_password.send(current_app._get_current_object(), user=current_user)
132 # Prepare one-time system message
133 flash('Your password has been changed successfully.', 'success')
135 newEmail = form["email"].data
136 if newEmail != current_user.email and newEmail.strip() != "":
137 token = randomString(32)
139 ver = UserEmailVerification()
140 ver.user = current_user
146 task = sendVerifyEmail.delay(newEmail, token)
147 return redirect(url_for("check_task", id=task.id, r=url_for("user_profile_page", username=current_user.username)))
149 return redirect(url_for("user_profile_page", username=current_user.username))
151 flash("Passwords do not match", "error")
153 return render_template("users/set_password.html", form=form)
156 @app.route("/user/claim/", methods=["GET", "POST"])
157 def user_claim_page():
158 username = request.args.get("username")
162 method = request.args.get("method")
163 user = User.query.filter_by(forums_username=username).first()
164 if user and user.rank.atLeast(UserRank.NEW_MEMBER):
165 flash("User has already been claimed", "error")
166 return redirect(url_for("user_claim_page"))
167 elif user is None and method == "github":
168 flash("Unable to get Github username for user", "error")
169 return redirect(url_for("user_claim_page"))
171 flash("Unable to find that user", "error")
172 return redirect(url_for("user_claim_page"))
174 if user is not None and method == "github":
175 return redirect(url_for("github_signin_page"))
178 if "forum_token" in session:
179 token = session["forum_token"]
181 token = randomString(32)
182 session["forum_token"] = token
184 if request.method == "POST":
185 ctype = request.form.get("claim_type")
186 username = request.form.get("username")
188 if username is None or len(username.strip()) < 2:
189 flash("Invalid username", "error")
190 elif ctype == "github":
191 task = checkForumAccount.delay(username)
192 return redirect(url_for("check_task", id=task.id, r=url_for("user_claim_page", username=username, method="github")))
193 elif ctype == "forum":
194 user = User.query.filter_by(forums_username=username).first()
195 if user is not None and user.rank.atLeast(UserRank.NEW_MEMBER):
196 flash("That user has already been claimed!", "error")
197 return redirect(url_for("user_claim_page"))
202 profile = getProfile("https://forum.minetest.net", username)
203 sig = profile.signature
205 flash("Unable to get forum signature - does the user exist?", "error")
206 return redirect(url_for("user_claim_page", username=username))
211 user = User(username)
212 user.forums_username = username
217 return redirect(url_for("set_password_page"))
219 flash("Unable to login as user", "error")
220 return redirect(url_for("user_claim_page", username=username))
223 flash("Could not find the key in your signature!", "error")
224 return redirect(url_for("user_claim_page", username=username))
226 flash("Unknown claim type", "error")
228 return render_template("users/claim.html", username=username, key=token)
230 @app.route("/users/verify/")
231 def verify_email_page():
232 token = request.args.get("token")
233 ver = UserEmailVerification.query.filter_by(token=token).first()
235 flash("Unknown verification token!", "error")
237 ver.user.email = ver.email
238 db.session.delete(ver)
241 if current_user.is_authenticated:
242 return redirect(url_for("user_profile_page", username=current_user.username))
244 return redirect(url_for("home_page"))
projects / cheatdb.git / blob