Add new profile forms and views (error prone)

2025-06-15 02:20:40 +00:00 · 2019-10-30 15:16:37 +01:00
parent dcea3ea8e2
commit e9ef0d1391
3 changed files with 58 additions and 39 deletions
--- a/app/profile/forms.py
+++ b/app/profile/forms.py
@ -1,7 +1,7 @@
 from flask_wtf import FlaskForm
 from wtforms import (PasswordField, StringField, SubmitField,
                     ValidationError, BooleanField)
-from wtforms.validators import DataRequired, EqualTo, Length
+from wtforms.validators import DataRequired, EqualTo, Length, Email
 from ..models import User
 import logging

@ -26,7 +26,7 @@ class ChangePasswordForm(FlaskForm):

 class EditProfileForm(FlaskForm):
    email = StringField('Change Email',
-                        validators=[Length(0, 254), DataRequired()])
+                        validators=[Email(), DataRequired()])
    submit = SubmitField('Change Email')

    def __init__(self, user, *args, **kwargs):
--- a/app/profile/views.py
+++ b/app/profile/views.py
@ -1,5 +1,5 @@
 from app.utils import background_delete_user
-from flask import current_app, flash, redirect, render_template, url_for
+from flask import abort, current_app, flash, redirect, render_template, url_for
 from flask_login import current_user, login_required, logout_user
 from . import profile
 from .forms import ChangePasswordForm, EditProfileForm, EditUserSettingsForm
@ -16,44 +16,63 @@ def index():
    """
    View where loged in User can change own User information like Password etc.
    """
+    edit_user_info_form = EditProfileForm(user=current_user)
+    edit_user_info_form.email.data = current_user.email
+    return render_template('profile/index.html.j2',
+                           change_password_form=ChangePasswordForm(),
+                           edit_user_info_form=edit_user_info_form,
+                           edit_user_settings_form=EditUserSettingsForm(),
+                           title='Profile')
+
+
+@profile.route('/change_password', methods=['POST'])
+@login_required
+def profile_change_password():
    change_password_form = ChangePasswordForm()
-    if change_password_form.validate_on_submit():
-        if current_user.verify_password(change_password_form.old_password.data):
-            current_user.password = change_password_form.new_password.data
-            db.session.add(current_user)
-            db.session.commit()
-            flash('Your password has been updated.')
-            return redirect(url_for('profile.index'))
-        else:
-            flash('Invalid password.')
-
-    change_profile_form = EditProfileForm(user=current_user)
-    if change_profile_form.validate_on_submit():
-        current_user.email = change_profile_form.email.data
-        db.session.add(current_user._get_current_object())
-        db.session.commit()
-        flash('Your email has been updated.')
-    change_profile_form.email.data = current_user.email
-
-    edit_user_settings_form = EditUserSettingsForm()
-    if edit_user_settings_form.validate_on_submit():
-        current_user.is_dark = edit_user_settings_form.is_dark.data
-        logger.warning('Form data: {}'.format(current_user.is_dark))
+    if not change_password_form.validate_on_submit():
+        abort(400)
+    if current_user.verify_password(change_password_form.old_password.data):
+        current_user.password = change_password_form.new_password.data
        db.session.add(current_user)
        db.session.commit()
+        flash('Your password has been updated.')
+    else:
+        flash('Invalid password.')
+    return redirect(url_for('profile.index'))

-    return render_template('profile/index.html.j2',
-                           change_password_form=change_password_form,
-                           change_profile_form=change_profile_form,
-                           edit_user_settings_form=edit_user_settings_form,
-                           title='Profile')
+
+@profile.route('/edit_user_info', methods=['POST'])
+@login_required
+def profile_edit_user_info():
+    edit_user_info_form = EditProfileForm(user=current_user)
+    if not edit_user_info_form.validate_on_submit():
+        abort(400)
+    current_user.email = edit_user_info_form.email.data
+    db.session.add(current_user._get_current_object())
+    db.session.commit()
+    flash('Your email has been updated.')
+    edit_user_info_form.email.data = current_user.email
+    return redirect(url_for('profile.index'))
+
+
+@profile.route('/edit_user_settings', methods=['POST'])
+@login_required
+def profile_edit_user_settings():
+    edit_user_settings_form = EditUserSettingsForm()
+    if not edit_user_settings_form.validate_on_submit():
+        abort(400)
+    current_user.is_dark = edit_user_settings_form.is_dark.data
+    logger.warning('Form data: {}'.format(current_user.is_dark))
+    db.session.add(current_user)
+    db.session.commit()
+    return redirect(url_for('profile.index'))


@profile.route('/delete_self', methods=['GET', 'POST'])
@login_required
 def delete_self():
    """
-    Vie to delete yourslef and all associated data.
+    View to delete yourslef and all associated data.
    """
    delete_thread = threading.Thread(
        target=background_delete_user,