implement password and display name changes
This commit is contained in:
parent
1486c63c44
commit
b7d400d774
|
@ -202,8 +202,8 @@ def whitelist(action, data, reason=None, db=None):
|
|||
|
||||
|
||||
@newtrans
|
||||
def user(handle, password, db=None):
|
||||
username = handle.lower()
|
||||
def user(username, password, db=None):
|
||||
handle = username.lower()
|
||||
timestamp = datetime.now().timestamp()
|
||||
|
||||
if query('users', {'username': username}):
|
||||
|
@ -270,19 +270,16 @@ def del_token(token, db=None):
|
|||
|
||||
|
||||
@newtrans
|
||||
def acct_name(handle, username=None, db=None):
|
||||
data = {'handle', handle}
|
||||
|
||||
if username:
|
||||
data['username'] = username
|
||||
|
||||
def acct_name(handle, username, db=None):
|
||||
data = {'username': username}
|
||||
user = get.user(handle)
|
||||
|
||||
if not user:
|
||||
logging.warning(f'Invalid user: {handle}')
|
||||
return
|
||||
|
||||
db.update('users', data, id=user['id'])
|
||||
if db.update('users', data, id=user['id']):
|
||||
return True
|
||||
|
||||
|
||||
@newtrans
|
||||
|
@ -292,4 +289,5 @@ def password(handle, password, db=None):
|
|||
if not user:
|
||||
logging.warning(f'Invalid user: {handle}')
|
||||
|
||||
db.update('users', {'password': Hash.hash(password)}, id=user['id'])
|
||||
if db.update('users', {'password': Hash.hash(password)}, id=user['id']):
|
||||
return True
|
||||
|
|
|
@ -277,6 +277,11 @@ tr:last-child .col2 {
|
|||
height: 200px;
|
||||
}
|
||||
|
||||
#code input[type="submit"] {
|
||||
display: inline-block;
|
||||
width: 100px;
|
||||
}
|
||||
|
||||
|
||||
/* info page */
|
||||
.stats .title, .info .title {
|
||||
|
|
|
@ -32,24 +32,20 @@
|
|||
%input{'type': 'submit', 'value': 'Delete'}
|
||||
|
||||
%div{'class': 'section account profile'}
|
||||
%h2{'class': 'title'} Profile
|
||||
%form{'action': 'https://{{config.host}}/account/profile', 'method': 'post'}
|
||||
%label< Display Name:
|
||||
%input{'type': 'text', 'name': 'displayname', 'placeholder': 'displayname', 'value': '{{user.handle}}'}
|
||||
%br
|
||||
%label< Username:
|
||||
%input{'type': 'text', 'name': 'username', 'placeholder': 'username', 'value': '{{user.username}}'}
|
||||
%h2{'class': 'title'} Display Name
|
||||
%form{'action': 'https://{{config.host}}/account/name', 'method': 'post'}
|
||||
%input{'type': 'text', 'name': 'displayname', 'placeholder': 'displayname', 'value': '{{user.username}}'}
|
||||
%br
|
||||
%input{'type': 'submit', 'value': 'Submit'}
|
||||
|
||||
%div{'class': 'section account password'}
|
||||
%h2{'class': 'title'} Password
|
||||
%form{'action': 'https://{{config.host}}/account/password', 'method': 'post'}
|
||||
%input{'type': 'password', 'name': 'oldpassword', 'placeholder': 'old password'}
|
||||
%input{'type': 'password', 'name': 'password', 'placeholder': 'old password'}
|
||||
%br
|
||||
%input{'type': 'password', 'name': 'password1', 'placeholder': 'new password'}
|
||||
%input{'type': 'password', 'name': 'newpass1', 'placeholder': 'new password'}
|
||||
%br
|
||||
%input{'type': 'password', 'name': 'password2', 'placeholder': 'new password again'}
|
||||
%input{'type': 'password', 'name': 'newpass2', 'placeholder': 'new password again'}
|
||||
%br
|
||||
%input{'type': 'submit', 'value': 'Submit'}
|
||||
|
||||
|
|
|
@ -68,7 +68,7 @@
|
|||
%div{'class': 'grid-item acct', 'style': 'display: inline'}
|
||||
-if config.setup
|
||||
-if user != None
|
||||
{{user.handle}} [<a href='/logout'>logout</a>]
|
||||
{{user.username}} [<a href='/logout'>logout</a>]
|
||||
|
||||
-else
|
||||
Guest [<a href='/login'>login</a>]
|
||||
|
|
|
@ -262,7 +262,7 @@ class Admin(HTTPMethodView):
|
|||
|
||||
|
||||
class Account(HTTPMethodView):
|
||||
async def get(self, request):
|
||||
async def get(self, request, msg=None):
|
||||
token = request.cookies.get('token')
|
||||
token_data = get.token(token)
|
||||
|
||||
|
@ -273,7 +273,8 @@ class Account(HTTPMethodView):
|
|||
tokens = get.token({'userid': token_data['userid']})
|
||||
context = {
|
||||
'tokens': [{'id': token['id'], 'token': token['token'], 'timestamp': format_date(token['timestamp'])} for token in tokens],
|
||||
'user': user
|
||||
'user': user,
|
||||
'msg': msg
|
||||
}
|
||||
|
||||
return render('account.html', request, context)
|
||||
|
@ -284,21 +285,49 @@ class Account(HTTPMethodView):
|
|||
token = request.cookies.get('token')
|
||||
token_data = get.token(token)
|
||||
user = get.user(token_data['userid'])
|
||||
username = user['handle']
|
||||
handle = user['handle']
|
||||
|
||||
if action in ['delete', 'password']:
|
||||
if not get.verify_password(handle, password):
|
||||
return await self.get(request, msg='Invalid password')
|
||||
|
||||
if action == 'delete':
|
||||
if None in [password, token, user]:
|
||||
return response.redirect('/account')
|
||||
|
||||
if not get.verify_password(username, password):
|
||||
return await self.get(request, msg='Invalid password')
|
||||
|
||||
print(put.del_user(token))
|
||||
resp = response.redirect('/')
|
||||
del resp.cookies['token']
|
||||
return resp
|
||||
|
||||
return await self.get(request)
|
||||
if action == 'password':
|
||||
pass1 = request['form'].get('newpass1')
|
||||
pass2 = request['form'].get('newpass2')
|
||||
|
||||
if pass1 != pass2:
|
||||
return await self.get(request, msg='New passwords do not match')
|
||||
|
||||
new_pass = pass1
|
||||
|
||||
if not put.password(handle, new_pass):
|
||||
return await self.get(request, msg='Failed to update password')
|
||||
|
||||
else:
|
||||
return await self.get(request, msg='Updated password')
|
||||
|
||||
if action == 'name':
|
||||
dispname = request['form'].get('displayname')
|
||||
|
||||
if not dispname:
|
||||
return await self.get(request, msg='Missing new display name')
|
||||
|
||||
if put.acct_name(handle, dispname):
|
||||
return await self.get(request, msg='Updated display name')
|
||||
|
||||
else:
|
||||
return await self.get(request, msg='Failed to update display name')
|
||||
|
||||
return response.redirect('/account')
|
||||
|
||||
|
||||
class Cache(HTTPMethodView):
|
||||
|
|
Loading…
Reference in a new issue