diff --git a/ereuse_devicehub/forms.py b/ereuse_devicehub/forms.py index 1bfd7907..9789a06e 100644 --- a/ereuse_devicehub/forms.py +++ b/ereuse_devicehub/forms.py @@ -117,3 +117,46 @@ class ProfileForm(FlaskForm): db.session.add(agent) if commit: db.session.commit() + + +class PasswordForm(FlaskForm): + password = PasswordField( + 'Current Password', + [validators.DataRequired()], + render_kw={'class': "form-control"}, + ) + newpassword = PasswordField( + 'New Password', + [validators.DataRequired()], + render_kw={'class': "form-control"}, + ) + renewpassword = PasswordField( + 'Re-enter New Password', + [validators.DataRequired()], + render_kw={'class': "form-control"}, + ) + + def validate(self, extra_validators=None): + is_valid = super().validate(extra_validators) + + if not is_valid: + return False + + if not g.user.check_password(self.password.data): + self.password.errors = ['Incorrect password'] + return False + + if self.newpassword.data != self.renewpassword.data: + self.newpassword.errors = ['Is not the same password'] + self.renewpassword.errors = ['Is not the same password'] + return False + + return True + + def save(self, commit=True): + g.user.password = generate_password_hash(self.newpassword.data) + + db.session.add(g.user) + if commit: + db.session.commit() + return diff --git a/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html b/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html index dba8db62..782b92c8 100644 --- a/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html +++ b/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html @@ -132,7 +132,7 @@ {{ f }} {% else %}
- +
{{ f }} {% if f.errors %} @@ -197,29 +197,26 @@
-
- + + {% for f in password_form %} + {% if f == password_form.csrf_token %} + {{ f }} + {% else %}
- +
- + {{ f }} + {% if f.errors %} +

+ {% for error in f.errors %} + {{ error }}
+ {% endfor %} +

+ {% endif %}
- -
- -
- -
-
- -
- -
- -
-
- + {% endif %} + {% endfor %}
diff --git a/ereuse_devicehub/views.py b/ereuse_devicehub/views.py index 682d858d..bdbea6ae 100644 --- a/ereuse_devicehub/views.py +++ b/ereuse_devicehub/views.py @@ -5,7 +5,7 @@ from flask_login import current_user, login_required, login_user, logout_user from ereuse_devicehub import __version__, messages from ereuse_devicehub.db import db -from ereuse_devicehub.forms import LoginForm, ProfileForm +from ereuse_devicehub.forms import LoginForm, PasswordForm, ProfileForm from ereuse_devicehub.resources.user.models import User from ereuse_devicehub.utils import is_safe_url @@ -62,18 +62,38 @@ class UserProfileView(View): 'sessions': sessions, 'version': __version__, 'profile_form': form, + 'password_form': PasswordForm(), } if form.validate_on_submit(): form.save(commit=False) messages.success('Modify user Profile datas successfully!') + db.session.commit() elif form.errors: - messages.error('Error modify user Profile data!') + messages.error('Error modifying user Profile data!') + + return flask.render_template(self.template_name, **context) + + +class UserPasswordView(View): + methods = ['POST'] + decorators = [login_required] + + def dispatch_request(self): + form = PasswordForm() + # import pdb; pdb.set_trace() + db.session.commit() + if form.validate_on_submit(): + form.save(commit=False) + messages.success('Reset user password successfully!') + else: + messages.error('Error modifying user password!') db.session.commit() - return flask.render_template(self.template_name, **context) + return flask.redirect(flask.url_for('core.user-profile')) core.add_url_rule('/login/', view_func=LoginView.as_view('login')) core.add_url_rule('/logout/', view_func=LogoutView.as_view('logout')) core.add_url_rule('/profile/', view_func=UserProfileView.as_view('user-profile')) +core.add_url_rule('/set_password/', view_func=UserPasswordView.as_view('set-password'))