tmeissner
/
flasky
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 Commits
1 Branch
1.8 MiB
Tree: a482fe670c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a482fe670c'
${ noResults }
flasky/app/auth/views.py

166 lines
5.9 KiB
Raw Normal View History

Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: User registration (8d)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
Chapter 8: Email address changes (8h)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 10: User profiles (10a)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: User registration (8d)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password updates (8f)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
Chapter 8: Email address changes (8h)
6 years ago
 
  1. from flask import render_template, redirect, request, url_for, flash
  2. from flask_login import login_user, logout_user, login_required, current_user
  3. from . import auth
  4. from .. import db
  5. from ..models import User
  6. from ..email import send_email
  7. from .forms import LoginForm, RegistrationForm, ChangePasswordForm, \
  8.     PasswordResetRequestForm, PasswordResetForm, ChangeEmailForm
  9. 

  10. 

  11. @auth.before_app_request
  12. def before_request():
  13.     if current_user.is_authenticated:
  14.         current_user.ping()
  15.         if not current_user.confirmed \
  16.                 and request.blueprint != 'auth' \
  17.                 and request.endpoint != 'static':
  18.             return redirect(url_for('auth.unconfirmed'))
  19. 

  20. 

  21. @auth.route('/unconfirmed')
  22. def unconfirmed():
  23.     if current_user.is_anonymous or current_user.confirmed:
  24.         return redirect(url_for('main.index'))
  25.     return render_template('auth/unconfirmed.html')
  26. 

  27. 

  28. @auth.route('/login', methods=['GET', 'POST'])
  29. def login():
  30.     form = LoginForm()
  31.     if form.validate_on_submit():
  32.         user = User.query.filter_by(email=form.email.data).first()
  33.         if user is not None and user.verify_password(form.password.data):
  34.             login_user(user, form.remember_me.data)
  35.             next = request.args.get('next')
  36.             if next is None or not next.startswith('/'):
  37.                 next = url_for('main.index')
  38.             return redirect(next)
  39.         flash('Invalid username or password')
  40.     return render_template('auth/login.html', form=form)
  41. 

  42. 

  43. @auth.route('/logout')
  44. @login_required
  45. def logout():
  46.     logout_user()
  47.     flash('You have been logged out.')
  48.     return redirect(url_for('main.index'))
  49. 

  50. 

  51. @auth.route('/register', methods=['GET', 'POST'])
  52. def register():
  53.     form = RegistrationForm()
  54.     if form.validate_on_submit():
  55.         user = User(email=form.email.data,
  56.                     username=form.username.data,
  57.                     password=form.password.data)
  58.         db.session.add(user)
  59.         db.session.commit()
  60.         token = user.generate_confirmation_token()
  61.         send_email(user.email, 'Confirm your account',
  62.                    'auth/email/confirm', user=user, token=token)
  63.         flash('A confirmation email has been sent to you by email.')
  64.         return redirect(url_for('main.index'))
  65.     return render_template('auth/register.html', form=form)
  66. 

  67. 

  68. @auth.route('/confirm/<token>')
  69. @login_required
  70. def confirm(token):
  71.     if current_user.confirmed:
  72.         return redirect(url_for('main.index'))
  73.     if current_user.confirm(token):
  74.         db.session.commit()
  75.         flash('You have confirmed your account. Thanks!')
  76.     else:
  77.         flash('The confirmationlink is invalid or has expired')
  78.     return redirect(url_for('main.index'))
  79. 

  80. 

  81. @auth.route('/confirm')
  82. @login_required
  83. def resend_confirmation():
  84.     token = current_user.generate_confirmation_token()
  85.     send_email(current_user.email, 'Confirm your account',
  86.                'auth/email/confirm', user=current_user, token=token)
  87.     flash('A new confirmation email has been sent to you by email.')
  88.     return redirect(url_for('main.index'))
  89. 

  90. 

  91. @auth.route('/change-password', methods=['GET', 'POST'])
  92. @login_required
  93. def change_password():
  94.     form = ChangePasswordForm()
  95.     if form.validate_on_submit():
  96.         if current_user.verify_password(form.old_password.data):
  97.             current_user.password = form.password.data
  98.             db.session.add(current_user)
  99.             db.session.commit()
  100.             flash('Your password has been updated')
  101.             redirect(url_for('main.index'))
  102.         else:
  103.             flash('Invalid password.')
  104.     return render_template('auth/change_password.html', form=form)
  105. 

  106. 

  107. @auth.route('/reset', methods=['GET', 'POST'])
  108. def password_reset_request():
  109.     if not current_user.is_anonymous:
  110.         redirect(url_for('main.index'))
  111.     form = PasswordResetRequestForm()
  112.     if form.validate_on_submit():
  113.         user = User.query.filter_by(email=form.email.data).first()
  114.         if user:
  115.             token = user.generate_reset_token()
  116.             send_email(user.email, 'Reset your password',
  117.                        'auth/email/reset_password', user=user, token=token)
  118.         flash('An email with instructions to reset your password has been '
  119.               'sent to you')
  120.         return redirect(url_for('auth.login'))
  121.     return render_template('auth/reset_password.html', form=form)
  122. 

  123. 

  124. @auth.route('/reset/<token>', methods=['GET', 'POST'])
  125. def password_reset(token):
  126.     if not current_user.is_anonymous:
  127.         redirect(url_for('main.index'))
  128.     form = PasswordResetForm()
  129.     if form.validate_on_submit():
  130.         if User.reset_password(token, form.password.data):
  131.             db.session.commit()
  132.             flash('Your password has been updated.')
  133.             return redirect(url_for('auth.login'))
  134.         else:
  135.             return redirect(url_for('main.index'))
  136.     return render_template('auth/reset_password.html', form=form)
  137. 

  138. 

  139. @auth.route('/change-email', methods=['GET', 'POST'])
  140. @login_required
  141. def change_email_request():
  142.     form = ChangeEmailForm()
  143.     if form.validate_on_submit():
  144.         if current_user.verify_password(form.password.data):
  145.             new_email = form.email.data
  146.             token = current_user.generate_email_change_token(new_email)
  147.             send_email(new_email, 'Confirm your email address',
  148.                        'auth/email/change_email',
  149.                        user=current_user, token=token)
  150.             flash('An email with instructions to confirm your new email '
  151.                   'address has been sent to you')
  152.             return redirect(url_for('main.index'))
  153.         else:
  154.             flash('Invalid email or password')
  155.     return render_template('auth/change_email.html', form=form)
  156. 

  157. 

  158. @auth.route('/change-email/<token>')
  159. @login_required
  160. def change_email(token):
  161.     if current_user.change_email(token):
  162.         db.session.commit()
  163.         flash('Your email address has been updated.')
  164.     else:
  165.         flash('Invalid request.')
  166.     return redirect(url_for('main.index'))