linuxrouter/docker/routlin-dash/app/pages/preferences/action.py

from pathlib import Path
from flask import Blueprint, request, session, redirect, flash
import bcrypt
import auth
import config_utils
import sanitize

_PAGE = Path(__file__).parent.name

bp = Blueprint(_PAGE, __name__)


def _tz_to_offset_seconds(tz_str):
    try:
        from zoneinfo import ZoneInfo
        from datetime import datetime
        return int(datetime.now(ZoneInfo(tz_str)).utcoffset().total_seconds())
    except Exception:
        import settings as _s
        return _s.get_host_utc_offset()


@bp.route('/action/preferences/accountdetails_save', methods=['POST'])
@auth.require_level('viewer')
def accountdetails_save():
    tz = sanitize.timezone(request.form.get('timezone', '').strip())

    if not tz:
        flash('Timezone is required.', 'error')
        return redirect(f'/{_PAGE}')

    tz_offset = _tz_to_offset_seconds(tz)
    session['tz_offset_seconds'] = tz_offset

    flash('Preferences saved.', 'success')
    return redirect(f'/{_PAGE}')


@bp.route('/action/preferences/changepassword_save', methods=['POST'])
@auth.require_level('viewer')
def changepassword_save():
    current_password = request.form.get('current_password', '')
    new_password     = request.form.get('new_password', '')
    confirm_password = request.form.get('confirm_password', '')

    if not current_password or not new_password or not confirm_password:
        flash('All fields are required.', 'error')
        return redirect(f'/{_PAGE}')

    if new_password != confirm_password:
        flash('New passwords do not match.', 'error')
        return redirect(f'/{_PAGE}')

    if len(new_password) < 8:
        flash('New password must be at least 8 characters.', 'error')
        return redirect(f'/{_PAGE}')

    account = config_utils.get_account_by_id(session.get('account_id', ''))
    if account is None:
        flash('Account not found. Please log in again.', 'error')
        return redirect('/accountlogin')

    if not bcrypt.checkpw(current_password.encode('utf-8'), account['hashed_password'].encode('utf-8')):
        flash('Current password is incorrect.', 'error')
        return redirect(f'/{_PAGE}')

    hashed = bcrypt.hashpw(new_password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')

    try:
        con = config_utils.open_accounts_db()
        con.execute(
            'UPDATE accounts SET hashed_password=? WHERE account_id=?',
            (hashed, account['account_id'])
        )
        con.commit()
        con.close()
    except Exception as exc:
        flash(f'Could not update password: {exc}', 'error')
        return redirect(f'/{_PAGE}')

    flash('Password changed successfully.', 'success')
    return redirect(f'/{_PAGE}')
Development 2026-05-27 22:04:04 -04:00			`from pathlib import Path`
Flask app progress 2026-05-17 03:26:01 -04:00			`from flask import Blueprint, request, session, redirect, flash`
Development 2026-06-10 14:23:47 -04:00			`import bcrypt`
Development 2026-06-07 00:21:08 -04:00			`import auth`
			`import config_utils`
Development 2026-05-27 20:56:30 -04:00			`import sanitize`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-27 22:04:04 -04:00			`_PAGE = Path(__file__).parent.name`

			`bp = Blueprint(_PAGE, __name__)`
Flask app progress 2026-05-17 03:26:01 -04:00

Development 2026-06-10 14:23:47 -04:00			`def _tz_to_offset_seconds(tz_str):`
Flask app progress 2026-05-17 03:26:01 -04:00			`try:`
Development 2026-06-10 14:23:47 -04:00			`from zoneinfo import ZoneInfo`
			`from datetime import datetime`
			`return int(datetime.now(ZoneInfo(tz_str)).utcoffset().total_seconds())`
Flask app progress 2026-05-17 03:26:01 -04:00			`except Exception:`
Development 2026-06-10 14:23:47 -04:00			`import settings as _s`
			`return _s.get_host_utc_offset()`
Flask app progress 2026-05-17 03:26:01 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/preferences/accountdetails_save', methods=['POST'])`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('viewer')`
Development 2026-05-27 22:04:04 -04:00			`def accountdetails_save():`
Development 2026-05-27 20:56:30 -04:00			`tz = sanitize.timezone(request.form.get('timezone', '').strip())`

			`if not tz:`
			`flash('Timezone is required.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Development 2026-05-27 20:56:30 -04:00
Development 2026-06-10 14:23:47 -04:00			`tz_offset = _tz_to_offset_seconds(tz)`
			`session['tz_offset_seconds'] = tz_offset`
Development 2026-05-27 20:56:30 -04:00
			`flash('Preferences saved.', 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Development 2026-05-27 20:56:30 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/preferences/changepassword_save', methods=['POST'])`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('viewer')`
Development 2026-05-27 22:04:04 -04:00			`def changepassword_save():`
Flask app progress 2026-05-17 03:26:01 -04:00			`current_password = request.form.get('current_password', '')`
			`new_password = request.form.get('new_password', '')`
			`confirm_password = request.form.get('confirm_password', '')`

			`if not current_password or not new_password or not confirm_password:`
			`flash('All fields are required.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
			`if new_password != confirm_password:`
			`flash('New passwords do not match.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
			`if len(new_password) < 8:`
			`flash('New password must be at least 8 characters.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`account = config_utils.get_account_by_id(session.get('account_id', ''))`
Flask app progress 2026-05-17 03:26:01 -04:00			`if account is None:`
			`flash('Account not found. Please log in again.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/accountlogin')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`if not bcrypt.checkpw(current_password.encode('utf-8'), account['hashed_password'].encode('utf-8')):`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('Current password is incorrect.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`hashed = bcrypt.hashpw(new_password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`try:`
			`con = config_utils.open_accounts_db()`
			`con.execute(`
			`'UPDATE accounts SET hashed_password=? WHERE account_id=?',`
			`(hashed, account['account_id'])`
			`)`
			`con.commit()`
			`con.close()`
			`except Exception as exc:`
			`flash(f'Could not update password: {exc}', 'error')`
			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
			`flash('Password changed successfully.', 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`