tmeissner
/
flasky
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
47 Commits
1 Branch
1.8 MiB
Tree: 468243cddb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '468243cddb'
${ noResults }
flasky/app/auth/views.py

167 lines
5.9 KiB
Raw Normal View History

Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: User registration (8d)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
Chapter 8: Email address changes (8h)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 10: User profiles (10a)
6 years ago
Fix forgotten changes
5 years ago
Chapter 10: User profiles (10a)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: User registration (8d)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password updates (8f)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
Chapter 8: Email address changes (8h)
6 years ago
 
  1. from flask import render_template, redirect, request, url_for, flash
  2. from flask_login import login_user, logout_user, login_required, current_user
  3. from . import auth
  4. from .. import db
  5. from ..models import User
  6. from ..email import send_email
  7. from .forms import LoginForm, RegistrationForm, ChangePasswordForm, \
  8.     PasswordResetRequestForm, PasswordResetForm, ChangeEmailForm
  9. 

  10. 

  11. @auth.before_app_request
  12. def before_request():
  13.     if current_user.is_authenticated:
  14.         current_user.ping()
  15.         if not current_user.confirmed \
  16.                 and request.endpoint \
  17.                 and request.blueprint != 'auth' \
  18.                 and request.endpoint != 'static':
  19.             return redirect(url_for('auth.unconfirmed'))
  20. 

  21. 

  22. @auth.route('/unconfirmed')
  23. def unconfirmed():
  24.     if current_user.is_anonymous or current_user.confirmed:
  25.         return redirect(url_for('main.index'))
  26.     return render_template('auth/unconfirmed.html')
  27. 

  28. 

  29. @auth.route('/login', methods=['GET', 'POST'])
  30. def login():
  31.     form = LoginForm()
  32.     if form.validate_on_submit():
  33.         user = User.query.filter_by(email=form.email.data).first()
  34.         if user is not None and user.verify_password(form.password.data):
  35.             login_user(user, form.remember_me.data)
  36.             next = request.args.get('next')
  37.             if next is None or not next.startswith('/'):
  38.                 next = url_for('main.index')
  39.             return redirect(next)
  40.         flash('Invalid username or password')
  41.     return render_template('auth/login.html', form=form)
  42. 

  43. 

  44. @auth.route('/logout')
  45. @login_required
  46. def logout():
  47.     logout_user()
  48.     flash('You have been logged out.')
  49.     return redirect(url_for('main.index'))
  50. 

  51. 

  52. @auth.route('/register', methods=['GET', 'POST'])
  53. def register():
  54.     form = RegistrationForm()
  55.     if form.validate_on_submit():
  56.         user = User(email=form.email.data,
  57.                     username=form.username.data,
  58.                     password=form.password.data)
  59.         db.session.add(user)
  60.         db.session.commit()
  61.         token = user.generate_confirmation_token()
  62.         send_email(user.email, 'Confirm your account',
  63.                    'auth/email/confirm', user=user, token=token)
  64.         flash('A confirmation email has been sent to you by email.')
  65.         return redirect(url_for('main.index'))
  66.     return render_template('auth/register.html', form=form)
  67. 

  68. 

  69. @auth.route('/confirm/<token>')
  70. @login_required
  71. def confirm(token):
  72.     if current_user.confirmed:
  73.         return redirect(url_for('main.index'))
  74.     if current_user.confirm(token):
  75.         db.session.commit()
  76.         flash('You have confirmed your account. Thanks!')
  77.     else:
  78.         flash('The confirmationlink is invalid or has expired')
  79.     return redirect(url_for('main.index'))
  80. 

  81. 

  82. @auth.route('/confirm')
  83. @login_required
  84. def resend_confirmation():
  85.     token = current_user.generate_confirmation_token()
  86.     send_email(current_user.email, 'Confirm your account',
  87.                'auth/email/confirm', user=current_user, token=token)
  88.     flash('A new confirmation email has been sent to you by email.')
  89.     return redirect(url_for('main.index'))
  90. 

  91. 

  92. @auth.route('/change-password', methods=['GET', 'POST'])
  93. @login_required
  94. def change_password():
  95.     form = ChangePasswordForm()
  96.     if form.validate_on_submit():
  97.         if current_user.verify_password(form.old_password.data):
  98.             current_user.password = form.password.data
  99.             db.session.add(current_user)
  100.             db.session.commit()
  101.             flash('Your password has been updated')
  102.             redirect(url_for('main.index'))
  103.         else:
  104.             flash('Invalid password.')
  105.     return render_template('auth/change_password.html', form=form)
  106. 

  107. 

  108. @auth.route('/reset', methods=['GET', 'POST'])
  109. def password_reset_request():
  110.     if not current_user.is_anonymous:
  111.         redirect(url_for('main.index'))
  112.     form = PasswordResetRequestForm()
  113.     if form.validate_on_submit():
  114.         user = User.query.filter_by(email=form.email.data).first()
  115.         if user:
  116.             token = user.generate_reset_token()
  117.             send_email(user.email, 'Reset your password',
  118.                        'auth/email/reset_password', user=user, token=token)
  119.         flash('An email with instructions to reset your password has been '
  120.               'sent to you')
  121.         return redirect(url_for('auth.login'))
  122.     return render_template('auth/reset_password.html', form=form)
  123. 

  124. 

  125. @auth.route('/reset/<token>', methods=['GET', 'POST'])
  126. def password_reset(token):
  127.     if not current_user.is_anonymous:
  128.         redirect(url_for('main.index'))
  129.     form = PasswordResetForm()
  130.     if form.validate_on_submit():
  131.         if User.reset_password(token, form.password.data):
  132.             db.session.commit()
  133.             flash('Your password has been updated.')
  134.             return redirect(url_for('auth.login'))
  135.         else:
  136.             return redirect(url_for('main.index'))
  137.     return render_template('auth/reset_password.html', form=form)
  138. 

  139. 

  140. @auth.route('/change-email', methods=['GET', 'POST'])
  141. @login_required
  142. def change_email_request():
  143.     form = ChangeEmailForm()
  144.     if form.validate_on_submit():
  145.         if current_user.verify_password(form.password.data):
  146.             new_email = form.email.data
  147.             token = current_user.generate_email_change_token(new_email)
  148.             send_email(new_email, 'Confirm your email address',
  149.                        'auth/email/change_email',
  150.                        user=current_user, token=token)
  151.             flash('An email with instructions to confirm your new email '
  152.                   'address has been sent to you')
  153.             return redirect(url_for('main.index'))
  154.         else:
  155.             flash('Invalid email or password')
  156.     return render_template('auth/change_email.html', form=form)
  157. 

  158. 

  159. @auth.route('/change-email/<token>')
  160. @login_required
  161. def change_email(token):
  162.     if current_user.change_email(token):
  163.         db.session.commit()
  164.         flash('Your email address has been updated.')
  165.     else:
  166.         flash('Invalid request.')
  167.     return redirect(url_for('main.index'))