From f7064811d7347cccfcf536172c77f2d9d46f7768 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ricardo=20Monta=C3=B1ana?= Date: Thu, 8 Jun 2023 18:59:44 +0200 Subject: [PATCH] Update password for users --- app/forms.py | 11 +++++++++++ app/main.py | 36 ++++++++++++++++++++++++++++++++---- app/templates/_nav.html | 2 ++ app/templates/password.html | 12 ++++++++++++ app/templates/users.html | 2 ++ 5 files changed, 59 insertions(+), 4 deletions(-) create mode 100644 app/templates/password.html diff --git a/app/forms.py b/app/forms.py index 1989db9..ec5c208 100644 --- a/app/forms.py +++ b/app/forms.py @@ -65,5 +65,16 @@ class UserForm(FlaskForm): raise ValidationError(message) +class UpdatePasswordForm(FlaskForm): + password = PasswordField( + "Password", validators=[DataRequired(), Length(4, 150)] + ) + password2 = PasswordField( + "Password", + validators=[DataRequired(), Length(4, 150), EqualTo("password")], + ) + submit = SubmitField() + + class BenchmarkSelect(FlaskForm): submit = SubmitField("Select") diff --git a/app/main.py b/app/main.py index faf5d9c..b85f980 100644 --- a/app/main.py +++ b/app/main.py @@ -4,7 +4,6 @@ from benchmark.Utils import Files from flask import ( Blueprint, render_template, - current_app, url_for, flash, redirect, @@ -12,7 +11,7 @@ from flask import ( ) from flask_login import login_user, current_user, logout_user, login_required from werkzeug.urls import url_parse -from .forms import LoginForm, UserForm +from .forms import LoginForm, UserForm, UpdatePasswordForm from .models import User, Benchmark, db main = Blueprint("main", __name__) @@ -101,7 +100,7 @@ def users(): return render_template("users.html", users=users) -@main.route("/user_edit/", methods=["GET", "POST"]) +@main.route("/user_edit/", methods=["GET", "POST"]) @login_required def user_edit(user_id): if user_id != current_user.id and not current_user.admin: @@ -128,7 +127,7 @@ def user_edit(user_id): ) -@main.route("/user_delete/", methods=["GET", "POST"]) +@main.route("/user_delete/", methods=["GET", "POST"]) @login_required def user_delete(user_id): if user_id != current_user.id and not current_user.admin: @@ -186,3 +185,32 @@ def user_new(): return render_template( "user.html", form=form, alert_type="info", title="New User" ) + + +@main.route( + "/password//", + methods=["GET", "POST"], +) +@main.route( + "/password/", + defaults={"back": "None"}, + methods=["GET", "POST"], +) +@login_required +def password(user_id, back): + if not current_user.admin and user_id != current_user.id: + flash("You are not an admin.", "danger") + return redirect(url_for(INDEX)) + form = UpdatePasswordForm() + user = User.query.filter_by(id=user_id).first() + form.submit.label.text = "Update Password" + destination = "main.index" if back == "None" else back + if form.validate_on_submit(): + form.populate_obj(user) + user.set_password(form.password.data) + db.session.commit() + flash("Password updated successfully.") + return redirect(url_for(destination)) + return render_template( + "password.html", form=form, back=destination, user_name=user.username + ) diff --git a/app/templates/_nav.html b/app/templates/_nav.html index 3979b6a..e5682e5 100644 --- a/app/templates/_nav.html +++ b/app/templates/_nav.html @@ -38,6 +38,8 @@
    {% if current_user.admin %}{{ render_nav_item('main.users', 'Users') |safe }}{% endif %} + Password {{ render_nav_item('main.logout', 'Logout') |safe }}
diff --git a/app/templates/password.html b/app/templates/password.html new file mode 100644 index 0000000..ad64942 --- /dev/null +++ b/app/templates/password.html @@ -0,0 +1,12 @@ +{% extends "base.html" %} +{% from 'bootstrap5/form.html' import render_form %} +{% block content %} + +{% endblock %} diff --git a/app/templates/users.html b/app/templates/users.html index ffad9fd..c933624 100644 --- a/app/templates/users.html +++ b/app/templates/users.html @@ -48,6 +48,8 @@ class="btn btn-primary"> + {% endfor %}