Development
This commit is contained in:
parent
eed1d295dc
commit
d9f3bd8289
45 changed files with 635 additions and 666 deletions
|
|
@ -1,10 +1,13 @@
|
|||
from pathlib import Path
|
||||
from flask import Blueprint, request, session, redirect, flash
|
||||
import json, bcrypt
|
||||
from auth import require_level
|
||||
from config_utils import ACCOUNTS_FILE
|
||||
import sanitize
|
||||
|
||||
bp = Blueprint('preferences', __name__)
|
||||
_PAGE = Path(__file__).parent.name
|
||||
|
||||
bp = Blueprint(_PAGE, __name__)
|
||||
|
||||
|
||||
|
||||
|
|
@ -20,14 +23,14 @@ def _save_accounts(data):
|
|||
json.dump(data, f, indent=2)
|
||||
|
||||
|
||||
@bp.route('/action/save_preferences', methods=['POST'])
|
||||
@bp.route('/action/preferences/accountdetails_save', methods=['POST'])
|
||||
@require_level('viewer')
|
||||
def save_preferences():
|
||||
def accountdetails_save():
|
||||
tz = sanitize.timezone(request.form.get('timezone', '').strip())
|
||||
|
||||
if not tz:
|
||||
flash('Timezone is required.', 'error')
|
||||
return redirect('/view/view_preferences')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
email = session.get('email_address', '').lower()
|
||||
data = _load_accounts()
|
||||
|
|
@ -36,7 +39,7 @@ def save_preferences():
|
|||
|
||||
if account is None:
|
||||
flash('Account not found. Please log in again.', 'error')
|
||||
return redirect('/view/view_login')
|
||||
return redirect('/accountlogin')
|
||||
|
||||
account['timezone'] = tz
|
||||
_save_accounts(data)
|
||||
|
|
@ -44,27 +47,27 @@ def save_preferences():
|
|||
session['timezone'] = tz
|
||||
|
||||
flash('Preferences saved.', 'success')
|
||||
return redirect('/view/view_preferences')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
|
||||
@bp.route('/action/change_password', methods=['POST'])
|
||||
@bp.route('/action/preferences/changepassword_save', methods=['POST'])
|
||||
@require_level('viewer')
|
||||
def change_password():
|
||||
def changepassword_save():
|
||||
current_password = request.form.get('current_password', '')
|
||||
new_password = request.form.get('new_password', '')
|
||||
confirm_password = request.form.get('confirm_password', '')
|
||||
|
||||
if not current_password or not new_password or not confirm_password:
|
||||
flash('All fields are required.', 'error')
|
||||
return redirect('/view/view_preferences')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
if new_password != confirm_password:
|
||||
flash('New passwords do not match.', 'error')
|
||||
return redirect('/view/view_preferences')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
if len(new_password) < 8:
|
||||
flash('New password must be at least 8 characters.', 'error')
|
||||
return redirect('/view/view_preferences')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
email = session.get('email_address', '').lower()
|
||||
data = _load_accounts()
|
||||
|
|
@ -73,12 +76,12 @@ def change_password():
|
|||
|
||||
if account is None:
|
||||
flash('Account not found. Please log in again.', 'error')
|
||||
return redirect('/view/view_login')
|
||||
return redirect('/accountlogin')
|
||||
|
||||
stored_hash = account.get('hashed_password', '').encode('utf-8')
|
||||
if not bcrypt.checkpw(current_password.encode('utf-8'), stored_hash):
|
||||
flash('Current password is incorrect.', 'error')
|
||||
return redirect('/view/view_preferences')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
salt = bcrypt.gensalt()
|
||||
hashed = bcrypt.hashpw(new_password.encode('utf-8'), salt)
|
||||
|
|
@ -88,4 +91,4 @@ def change_password():
|
|||
_save_accounts(data)
|
||||
|
||||
flash('Password changed successfully.', 'success')
|
||||
return redirect('/view/view_preferences')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue