1
0
mirror of https://github.com/Adam-Ant/QuotesDB synced 2024-12-20 11:34:35 +00:00

Add password update system

This commit is contained in:
Adam Dodman 2017-10-05 15:17:12 +01:00
parent 1ba261f4b3
commit 7763ce90cf
3 changed files with 79 additions and 7 deletions

49
main.py
View File

@ -101,6 +101,49 @@ def login():
return do_user_login(request.form['username'], request.form['pw'])
return gen_page("login.html")
@app.route("/logout")
def logout():
session.pop('username',None)
return redirect(url_for('index'))
@app.route("/resetpass", methods=["GET","POST"])
def pwreset():
if request.method == "POST":
try:
session['username']
except KeyError:
flash("INFO: Please login first.","info")
return redirect(url_for("login"))
if request.form['pw'] != request.form['pw_verify']:
flash ("Error: New Passwords do not match!","danger")
return redirect(url_for("pwreset"))
try:
userdata = mysql_do("SELECT * FROM Users WHERE user='%s'" % (session['username']))[0]
except IndexError:
# Returned when no rows found - no user with that name
flash( "Error: Internal server error - user not found", "danger")
return redirect(url_for('index'))
if not pass_ctx.verify(request.form['current_passwd'], userdata[3]):
flash ("Error: Current password is incorrect", "danger")
return redirect(url_for("pwreset"))
mysql_do("UPDATE Users SET password=\"%s\" WHERE uid=%d;" % (pymysql.escape_string(pass_ctx.hash(request.form['pw'])), session['uid']))
flash("INFO: Password updated successfully!", "success")
return redirect(url_for("index"))
# Check if the user is authenticated
try:
session['username']
except KeyError:
flash("INFO: Please login first.","info")
return redirect(url_for("login"))
return gen_page("passwd_reset.html")
@app.route("/addquote", methods=['GET','POST'])
def addquote():
if request.method == "POST":
@ -162,12 +205,6 @@ def addquote():
return redirect(url_for("login"))
return gen_page("add_quote.html", get_userdb())
@app.route("/logout")
def logout():
session.pop('username',None)
return redirect(url_for('index'))
@app.context_processor
def utility_processor():
def uid_to_user(uid):

View File

@ -31,6 +31,7 @@
<div class="collapse navbar-collapse" id="mainNavbar">
{% if user %}
<a href="logout" class="btn btn-primary navbar-btn navbar-right "role="button" ><span class="glyphicon glyphicon-log-out"></span> Sign Out</a>
<a href="resetpass" class="btn btn-primary navbar-btn navbar-right "role="button" ><span class="glyphicon glyphicon-wrench"></span></a>
<ul class="nav navbar-nav navbar-right">
<li class="navbar-text">Hello <b> {{ user }}!</b></li>
</ul>

View File

@ -0,0 +1,34 @@
{% extends "layout.html" %}
{% block body %}
<h1> Password Reset: </h1>
<form method="post" role="form" data-toggle="validator">
<div class="form-group">
<label class="control-label col-sm-4" for="pw">Current Password:</label>
<div class="col-xs-4 input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input type="password" class="form-control" placeholder="Current Password" id="current_passwd" name="current_passwd">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-4" for="pw">New Password:</label>
<div class="col-xs-4 input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input type="password" class="form-control" placeholder="Enter password" id="pw" name="pw">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-4" for="pw">Verify Password:</label>
<div class="col-xs-4 input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input type="password" class="form-control" placeholder="Enter password" id="pw_verify" name="pw_verify">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-4">
<button type="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</form>
{% endblock %}