Merge branch 'development' of gitlab.ub.uni-bielefeld.de:sfb1288inf/opaque into development

This commit is contained in:
Stephan Porada 2019-07-08 14:05:04 +02:00
commit 999e51bcc5
5 changed files with 35 additions and 11 deletions

2
.gitignore vendored
View File

@ -1,3 +1,3 @@
venv venv
.secretsenv .env
__pycache__ __pycache__

View File

@ -1,5 +1,9 @@
from flask import flash, redirect, render_template, request, url_for from flask import flash, redirect, render_template, request, url_for
<<<<<<< HEAD
from flask_login import login_required, login_user, logout_user, current_user from flask_login import login_required, login_user, logout_user, current_user
=======
from flask_login import current_user, login_required, login_user, logout_user
>>>>>>> 1a973bfbc68dfea26a8b5360074480641cb34f31
from . import auth from . import auth
from .. import db from .. import db
from .forms import LoginForm, PasswordResetRequestForm, RegistrationForm from .forms import LoginForm, PasswordResetRequestForm, RegistrationForm
@ -47,6 +51,8 @@ def register():
@auth.route('/reset', methods=['GET', 'POST']) @auth.route('/reset', methods=['GET', 'POST'])
def password_reset_request(): def password_reset_request():
if not current_user.is_anonymous:
return redirect(url_for('main.index'))
form = PasswordResetRequestForm() form = PasswordResetRequestForm()
if form.validate_on_submit(): if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first() user = User.query.filter_by(email=form.email.data.lower()).first()
@ -58,4 +64,10 @@ def password_reset_request():
flash('An email with instructions to reset your password has been ' flash('An email with instructions to reset your password has been '
'sent to you.') 'sent to you.')
return redirect(url_for('auth.login')) return redirect(url_for('auth.login'))
return render_template('auth/reset_password.html.j2', form=form, title='Password Reset') return render_template('auth/reset_password.html.j2', form=form,
title='Password Reset')
@auth.route('/reset/<token>')
def password_reset(token):
return 'test'

View File

@ -1,4 +1,6 @@
from flask import current_app
from flask_login import UserMixin from flask_login import UserMixin
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
from werkzeug.security import generate_password_hash, check_password_hash from werkzeug.security import generate_password_hash, check_password_hash
from . import db from . import db
from . import login_manager from . import login_manager
@ -26,6 +28,10 @@ class User(UserMixin, db.Model):
password_hash = db.Column(db.String(128)) password_hash = db.Column(db.String(128))
def generate_reset_token(self, expiration=3600):
s = Serializer(current_app.config['SECRET_KEY'], expiration)
return s.dumps({'reset': self.id}).decode('utf-8')
@property @property
def password(self): def password(self):
raise AttributeError('password is not a readable attribute') raise AttributeError('password is not a readable attribute')

View File

@ -1,14 +1,20 @@
{% extends "base.html.j2" %} {% extends "base.html.j2" %}
{% block page_content %} {% block page_content %}
<div class="col s12 m6 offset-m3"> <div class="col s12 m8 offset-m2">
<div class="card medium"> <div class="card small">
<div class="card-content"> <div class="card-content">
<p>Sign in into an exisiting account or register a new one!</p> <span class="card-title">Reset Your Password</span>
<br> <form method="POST">
<div class="card-action"> {{ form.hidden_tag() }}
<a class="btn" href="{{url_for('auth.register')}}">Register</a> <div class="input-field">
</div> {{ form.email(class='validate', type='email') }}
{{ form.email.label }}
</div>
<div class="card-action">
{{ form.submit(class='btn right') }}
</div>
</form>
</div> </div>
</div> </div>
</div> </div>

View File

@ -5,14 +5,14 @@ basedir = os.path.abspath(os.path.dirname(__file__))
class Config: class Config:
MAIL_SERVER = os.environ.get('MAIL_SERVER', 'smtp.uni-bielefeld.de') MAIL_SERVER = os.environ.get('MAIL_SERVER', 'smtp.gmail.com')
MAIL_PORT = int(os.environ.get('MAIL_PORT', '587')) MAIL_PORT = int(os.environ.get('MAIL_PORT', '587'))
MAIL_USE_TLS = os.environ.get('MAIL_USE_TLS', 'true').lower() in \ MAIL_USE_TLS = os.environ.get('MAIL_USE_TLS', 'true').lower() in \
['true', 'on', '1'] ['true', 'on', '1']
MAIL_USERNAME = os.environ.get('MAIL_USERNAME') MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD') MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD')
OPAQUE_MAIL_SUBJECT_PREFIX = '[Opaque]' OPAQUE_MAIL_SUBJECT_PREFIX = '[Opaque]'
OPAQUE_MAIL_SENDER = 'Opaque Admin <inf_sfb1288@uni-bielefeld.de>' OPAQUE_MAIL_SENDER = 'Opaque Development <dev.opaque@gmail.com>'
SECRET_KEY = os.environ.get('SECRET_KEY') or 'hard to guess string' SECRET_KEY = os.environ.get('SECRET_KEY') or 'hard to guess string'
SQLALCHEMY_TRACK_MODIFICATIONS = False SQLALCHEMY_TRACK_MODIFICATIONS = False