Remove options to change username and email.

This commit is contained in:
Patrick Jentsch 2019-07-12 17:23:11 +02:00
parent 6d1be8f391
commit 735802d88e
3 changed files with 56 additions and 47 deletions

View File

@ -1,6 +1,6 @@
from flask_wtf import FlaskForm from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, BooleanField, SubmitField from wtforms import StringField, PasswordField, BooleanField, SubmitField
from wtforms.validators import DataRequired, Length, Email, Regexp, EqualTo, Optional from wtforms.validators import DataRequired, Length, Email, Regexp, EqualTo
from wtforms import ValidationError from wtforms import ValidationError
from ..models import User from ..models import User
@ -13,8 +13,7 @@ class LoginForm(FlaskForm):
class RegistrationForm(FlaskForm): class RegistrationForm(FlaskForm):
email = StringField('Email', validators=[DataRequired(), Length(1, 64), email = StringField('Email', validators=[DataRequired(), Email()])
Email()])
username = StringField('Username', validators=[ username = StringField('Username', validators=[
DataRequired(), Length(1, 64), DataRequired(), Length(1, 64),
Regexp('^[A-Za-z][A-Za-z0-9_.]*$', 0, Regexp('^[A-Za-z][A-Za-z0-9_.]*$', 0,
@ -35,39 +34,46 @@ class RegistrationForm(FlaskForm):
class PasswordResetForm(FlaskForm): class PasswordResetForm(FlaskForm):
password = PasswordField('New Password', validators=[ password = PasswordField(
DataRequired(), EqualTo('password2', message='Passwords must match')]) 'New Password',
password2 = PasswordField('Confirm password', validators=[DataRequired()]) validators=[
DataRequired(),
EqualTo('password2', message='Passwords must match')
]
)
password2 = PasswordField(
'Confirm password',
validators=[
DataRequired(),
EqualTo('password', message='Passwords must match.')
]
)
submit = SubmitField('Reset Password') submit = SubmitField('Reset Password')
class PasswordResetRequestForm(FlaskForm): class PasswordResetRequestForm(FlaskForm):
email = StringField('Email', validators=[DataRequired(), Length(1, 64), email = StringField('Email', validators=[DataRequired(), Email()])
Email()])
submit = SubmitField('Reset Password') submit = SubmitField('Reset Password')
class ChangeAccountForm(FlaskForm): class ChangePasswordForm(FlaskForm):
""" """
Form to change information of currently logged in User. User can change Form to change information of currently logged in User. User can change
informations about him on his own. informations about him on his own.
""" """
email = StringField('Email', validators=[Optional(), Length(1, 64), old_password = PasswordField('Old password', validators=[DataRequired()])
Email()]) new_password = PasswordField(
username = StringField('Username', validators=[ 'New password',
Optional(), Length(1, 64), validators=[
Regexp('^[A-Za-z][A-Za-z0-9_.]*$', 0, DataRequired(),
'Usernames must have only letters, numbers, dots or ' EqualTo('new_password2', message='Passwords must match.')
'underscores')]) ]
password = PasswordField('Password', validators=[ )
Optional(), EqualTo('password2', message='Passwords must match.')]) new_password2 = PasswordField(
password2 = PasswordField('Confirm password', validators=[Optional()]) 'Confirm new password',
submit = SubmitField('Submit') validators=[
DataRequired(),
def validate_email(self, field): EqualTo('new_password', message='Passwords must match.')
if User.query.filter_by(email=field.data.lower()).first(): ]
raise ValidationError('Email already registered.') )
submit = SubmitField('Update Password')
def validate_username(self, field):
if User.query.filter_by(username=field.data).first():
raise ValidationError('Username already in use.')

View File

@ -2,7 +2,7 @@ from flask import flash, redirect, render_template, request, url_for
from flask_login import current_user, login_required, login_user, logout_user from flask_login import current_user, login_required, login_user, logout_user
from . import auth from . import auth
from .. import db from .. import db
from .forms import ChangeAccountForm, LoginForm, PasswordResetForm, PasswordResetRequestForm, RegistrationForm from .forms import ChangePasswordForm, LoginForm, PasswordResetForm, PasswordResetRequestForm, RegistrationForm
from ..email import send_email from ..email import send_email
from ..models import User from ..models import User
@ -20,7 +20,7 @@ def login():
if next is None or not next.startswith('/'): if next is None or not next.startswith('/'):
next = url_for('main.index') next = url_for('main.index')
return redirect(next) return redirect(next)
flash('<span class="red-text">Invalid username or password.</span>') flash('Invalid username or password.')
return render_template('auth/login.html.j2', form=form, title='Log in') return render_template('auth/login.html.j2', form=form, title='Log in')
@ -135,20 +135,18 @@ def settings():
""" """
View where loged in User can change own User information like Password etc. View where loged in User can change own User information like Password etc.
""" """
form = ChangeAccountForm() change_password_form = ChangePasswordForm()
if form.validate_on_submit(): if change_password_form.validate_on_submit():
flash('It is just a test, nothing changed.') if current_user.verify_password(change_password_form.old_password.data):
if form.username.data: current_user.password = change_password_form.new_password.data
current_user.username = form.username.data
db.session.add(current_user) db.session.add(current_user)
if form.email.data: db.session.commit()
current_user.email = form.email.data flash('Your password has been updated.')
current_user.confirmed = False return redirect(url_for('auth.settings'))
db.session.add(current_user) else:
resend_confirmation() flash('Invalid password.')
if form.password.data: return render_template(
current_user.password = form.password.data 'auth/settings.html.j2',
db.session.commit() form=change_password_form,
return redirect(url_for('auth.settings')) title='Settings'
return render_template('auth/settings.html.j2', form=form, )
title='Settings')

View File

@ -11,6 +11,11 @@ def index():
return render_template('main/index.html.j2', title='Portal') return render_template('main/index.html.j2', title='Portal')
@main.route('/about')
def about():
return render_template('main/about.html.j2', title='About')
@main.route('/admin') @main.route('/admin')
@login_required @login_required
@admin_required @admin_required
@ -21,5 +26,5 @@ def for_admins_only():
users = User.query.order_by(User.username).all() users = User.query.order_by(User.username).all()
items = [AdminUserItem(u.username, u.email, u.role_id, u.confirmed) for u in users] items = [AdminUserItem(u.username, u.email, u.role_id, u.confirmed) for u in users]
table = AdminUserTable(items) table = AdminUserTable(items)
return render_template('main/admin.html.j2', title='Administration Tools', return render_template('main/admin.html.j2', title='Administration tools',
table=table.__html__()) table=table.__html__())