Browse Source

Chapter 8: Password updates (8f)

master
T. Meissner 6 years ago
parent
commit
b718cc29e2
5 changed files with 46 additions and 3 deletions
  1. +9
    -0
      app/auth/forms.py
  2. +17
    -1
      app/auth/views.py
  3. +13
    -0
      app/templates/auth/change_password.html
  4. +7
    -1
      app/templates/base.html
  5. +0
    -1
      tests/test_user_model.py

+ 9
- 0
app/auth/forms.py View File

@ -33,3 +33,12 @@ class RegistrationForm(FlaskForm):
def validate_username(self, field): def validate_username(self, field):
if User.query.filter_by(username=field.data).first(): if User.query.filter_by(username=field.data).first():
raise ValidationError('Username already in use.') raise ValidationError('Username already in use.')
class ChangePasswordForm(FlaskForm):
old_password = PasswordField('Old password', validators=[DataRequired()])
password = PasswordField('New password', validators=[
DataRequired(), EqualTo('password2', message='Passwords must match.')])
password2 = PasswordField('Confirm new password',
validators=[DataRequired()])
submit = SubmitField('Update password')

+ 17
- 1
app/auth/views.py View File

@ -4,7 +4,7 @@ from . import auth
from .. import db from .. import db
from ..models import User from ..models import User
from ..email import send_email from ..email import send_email
from .forms import LoginForm, RegistrationForm
from .forms import LoginForm, RegistrationForm, ChangePasswordForm
@auth.before_app_request @auth.before_app_request
@ -84,3 +84,19 @@ def resend_confirmation():
'auth/email/confirm', user=current_user, token=token) 'auth/email/confirm', user=current_user, token=token)
flash('A new confirmation email has been sent to you by email.') flash('A new confirmation email has been sent to you by email.')
return redirect(url_for('main.index')) return redirect(url_for('main.index'))
@auth.route('/change-password', methods=['GET', 'POST'])
@login_required
def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.verify_password(form.old_password.data):
current_user.password = form.password.data
db.session.add(current_user)
db.session.commit()
flash('Your password has been updated')
redirect(url_for('main.index'))
else:
flash('Invalid password.')
return render_template('auth/change_password.html', form=form)

+ 13
- 0
app/templates/auth/change_password.html View File

@ -0,0 +1,13 @@
{% extends "base.html" %}
{% import "bootstrap/wtf.html" as wtf %}
{% block title %}Flasky - Change Password{% endblock %}
{% block page_content %}
<div class="page-header">
<h1>Change Your Password</h1>
</div>
<div class="col-md-4">
{{ wtf.quick_form(form) }}
</div>
{% endblock %}

+ 7
- 1
app/templates/base.html View File

@ -27,7 +27,13 @@
</ul> </ul>
<ul class="nav navbar-nav navbar-right"> <ul class="nav navbar-nav navbar-right">
{% if current_user.is_authenticated %} {% if current_user.is_authenticated %}
<li><a href="{{ url_for('auth.logout') }}">Log out</a></li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Account <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="{{ url_for('auth.change_password') }}">Change Password</a></li>
<li><a href="{{ url_for('auth.logout') }}">Log Out</a></li>
</ul>
</li>
{% else %} {% else %}
<li><a href="{{ url_for('auth.login') }}">Log in</a></li> <li><a href="{{ url_for('auth.login') }}">Log in</a></li>
{% endif %} {% endif %}


+ 0
- 1
tests/test_user_model.py View File

@ -35,7 +35,6 @@ class UserModelTestCase(unittest.TestCase):
u2 = User(password='cat') u2 = User(password='cat')
self.assertTrue(u.password_hash != u2.password_hash) self.assertTrue(u.password_hash != u2.password_hash)
def test_valid_confirmation_token(self): def test_valid_confirmation_token(self):
u = User(password='cat') u = User(password='cat')
db.session.add(u) db.session.add(u)


Loading…
Cancel
Save