Add new profile forms and views (error prone)

app/profile/forms.py

@@ -1,7 +1,7 @@
 from flask_wtf import FlaskForm
 from wtforms import (PasswordField, StringField, SubmitField,
                      ValidationError, BooleanField)
-from wtforms.validators import DataRequired, EqualTo, Length
+from wtforms.validators import DataRequired, EqualTo, Length, Email
 from ..models import User
 import logging
 
@@ -26,7 +26,7 @@ class ChangePasswordForm(FlaskForm):
 
 class EditProfileForm(FlaskForm):
     email = StringField('Change Email',
-                        validators=[Length(0, 254), DataRequired()])
+                        validators=[Email(), DataRequired()])
     submit = SubmitField('Change Email')
 
     def __init__(self, user, *args, **kwargs):

app/profile/views.py

@@ -1,5 +1,5 @@
 from app.utils import background_delete_user
-from flask import current_app, flash, redirect, render_template, url_for
+from flask import abort, current_app, flash, redirect, render_template, url_for
 from flask_login import current_user, login_required, logout_user
 from . import profile
 from .forms import ChangePasswordForm, EditProfileForm, EditUserSettingsForm
@@ -16,44 +16,63 @@ def index():
     """
     View where loged in User can change own User information like Password etc.
     """
+    edit_user_info_form = EditProfileForm(user=current_user)
+    edit_user_info_form.email.data = current_user.email
+    return render_template('profile/index.html.j2',
+                           change_password_form=ChangePasswordForm(),
+                           edit_user_info_form=edit_user_info_form,
+                           edit_user_settings_form=EditUserSettingsForm(),
+                           title='Profile')
+
+
+@profile.route('/change_password', methods=['POST'])
+@login_required
+def profile_change_password():
     change_password_form = ChangePasswordForm()
-    if change_password_form.validate_on_submit():
+    if not change_password_form.validate_on_submit():
+        abort(400)
     if current_user.verify_password(change_password_form.old_password.data):
         current_user.password = change_password_form.new_password.data
         db.session.add(current_user)
         db.session.commit()
         flash('Your password has been updated.')
-            return redirect(url_for('profile.index'))
     else:
         flash('Invalid password.')
+    return redirect(url_for('profile.index'))
 
-    change_profile_form = EditProfileForm(user=current_user)
+
-    if change_profile_form.validate_on_submit():
+@profile.route('/edit_user_info', methods=['POST'])
-        current_user.email = change_profile_form.email.data
+@login_required
+def profile_edit_user_info():
+    edit_user_info_form = EditProfileForm(user=current_user)
+    if not edit_user_info_form.validate_on_submit():
+        abort(400)
+    current_user.email = edit_user_info_form.email.data
     db.session.add(current_user._get_current_object())
     db.session.commit()
     flash('Your email has been updated.')
-    change_profile_form.email.data = current_user.email
+    edit_user_info_form.email.data = current_user.email
+    return redirect(url_for('profile.index'))
 
+
+@profile.route('/edit_user_settings', methods=['POST'])
+@login_required
+def profile_edit_user_settings():
     edit_user_settings_form = EditUserSettingsForm()
-    if edit_user_settings_form.validate_on_submit():
+    if not edit_user_settings_form.validate_on_submit():
+        abort(400)
     current_user.is_dark = edit_user_settings_form.is_dark.data
     logger.warning('Form data: {}'.format(current_user.is_dark))
     db.session.add(current_user)
     db.session.commit()
-
+    return redirect(url_for('profile.index'))
-    return render_template('profile/index.html.j2',
-                           change_password_form=change_password_form,
-                           change_profile_form=change_profile_form,
-                           edit_user_settings_form=edit_user_settings_form,
-                           title='Profile')
 
 
 @profile.route('/delete_self', methods=['GET', 'POST'])
 @login_required
 def delete_self():
     """
-    Vie to delete yourslef and all associated data.
+    View to delete yourslef and all associated data.
     """
     delete_thread = threading.Thread(
         target=background_delete_user,

app/templates/profile/index.html.j2

@@ -8,7 +8,7 @@
 <div class="col s12 m8">
   <div class="card">
     <div class="card-content">
-      <form method="POST">
+      <form action="{{ url_for('profile.profile_edit_user_settings') }}" method="POST">
         {{ edit_user_settings_form.hidden_tag() }}
         <div class="switch">
           <i class="material-icons prefix">brightness_3</i>
@@ -38,7 +38,7 @@
 </div>
 <div class="col s12 m8">
   <div class="card">
-    <form method="POST">
+    <form action="{{ url_for('profile.profile_change_password') }}" method="POST">
       <div class="card-content">
         {{ change_password_form.hidden_tag() }}
         <div class="input-field ">
@@ -79,20 +79,20 @@
 </div>
 <div class="col s12 m8">
   <div class="card">
-    <form method="POST">
+    <form action="{{ url_for('profile.profile_edit_user_info')}}" method="POST">
       <div class="card-content">
-        {{ change_profile_form.hidden_tag() }}
+        {{ edit_user_info_form.hidden_tag() }}
         <div class="input-field">
           <i class="material-icons prefix">mail</i>
-          {{ change_profile_form.email() }}
+          {{ edit_user_info_form.email() }}
-          {{ change_profile_form.email.label }}
+          {{ edit_user_info_form.email.label }}
-          {% for error in change_profile_form.email.errors %}
+          {% for error in edit_user_info_form.email.errors %}
             <span class="helper-text red-text">{{ error }}</span>
           {% endfor %}
         </div>
       </div>
       <div class="card-action right-align">
-        {{ change_profile_form.submit(class='btn') }}
+        {{ edit_user_info_form.submit(class='btn') }}
       </div>
     </form>
   </div>