more user handling features of flask-security activated
Now users can recover their passwords and change them while logged in.
This commit is contained in:
parent
01798e9548
commit
0303be7945
12
app/main.py
12
app/main.py
|
@ -8,6 +8,7 @@ from flask.ext.security import Security, SQLAlchemyUserDatastore, \
|
||||||
UserMixin, RoleMixin, login_required, roles_required, utils
|
UserMixin, RoleMixin, login_required, roles_required, utils
|
||||||
from flask.ext.security import user_registered
|
from flask.ext.security import user_registered
|
||||||
from flask.ext.mail import Mail, Message
|
from flask.ext.mail import Mail, Message
|
||||||
|
from flask_security.core import current_user
|
||||||
from flask_wtf import Form
|
from flask_wtf import Form
|
||||||
from wtforms import DateField, IntegerField, DecimalField
|
from wtforms import DateField, IntegerField, DecimalField
|
||||||
from wtforms.validators import DataRequired, ValidationError
|
from wtforms.validators import DataRequired, ValidationError
|
||||||
|
@ -20,6 +21,8 @@ db = SQLAlchemy(app)
|
||||||
|
|
||||||
app.config['SECURITY_PASSWORD_HASH'] = 'pbkdf2_sha512'
|
app.config['SECURITY_PASSWORD_HASH'] = 'pbkdf2_sha512'
|
||||||
app.config['SECURITY_REGISTERABLE'] = True
|
app.config['SECURITY_REGISTERABLE'] = True
|
||||||
|
app.config['SECURITY_CHANGEABLE'] = True
|
||||||
|
app.config['SECURITY_RECOVERABLE'] = True
|
||||||
app.config.from_envvar('config')
|
app.config.from_envvar('config')
|
||||||
app.config.from_object(__name__)
|
app.config.from_object(__name__)
|
||||||
|
|
||||||
|
@ -77,7 +80,6 @@ user_datastore = SQLAlchemyUserDatastore(db, User, Role)
|
||||||
security = Security(app, user_datastore)
|
security = Security(app, user_datastore)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@user_registered.connect_via(app)
|
@user_registered.connect_via(app)
|
||||||
def user_registered_sighandler(app, user, confirm_token):
|
def user_registered_sighandler(app, user, confirm_token):
|
||||||
"""
|
"""
|
||||||
|
@ -171,9 +173,17 @@ def get_manual():
|
||||||
@app.route('/admin', methods=['GET'])
|
@app.route('/admin', methods=['GET'])
|
||||||
@roles_required('admin')
|
@roles_required('admin')
|
||||||
def get_admin_page():
|
def get_admin_page():
|
||||||
|
g.data['users'] = User.query.all()
|
||||||
return render_template('admin.html', data=g.data)
|
return render_template('admin.html', data=g.data)
|
||||||
|
|
||||||
|
|
||||||
|
@app.route('/account', methods=['GET'])
|
||||||
|
@login_required
|
||||||
|
def get_account_page():
|
||||||
|
print(current_user)
|
||||||
|
return render_template('account.html', data=g.data)
|
||||||
|
|
||||||
|
|
||||||
@app.route('/statistics', methods=['GET'])
|
@app.route('/statistics', methods=['GET'])
|
||||||
@login_required
|
@login_required
|
||||||
def get_statistics():
|
def get_statistics():
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
{% extends "layout.html" %}
|
||||||
|
|
||||||
|
{% block body %}
|
||||||
|
<h1>Account management for {{current_user.email}}</h1>
|
||||||
|
|
||||||
|
<a href='{{ url_for('security.change_password') }}'>Change password</a>
|
||||||
|
{% endblock %}
|
|
@ -1,5 +1,12 @@
|
||||||
{% extends "layout.html" %}
|
{% extends "layout.html" %}
|
||||||
|
|
||||||
{% block body %}
|
{% block body %}
|
||||||
Admin
|
<h1>Admin</h1>
|
||||||
|
We have {{ data.users|length }} users so far:
|
||||||
|
<ul>
|
||||||
|
{% for user in data.users %}
|
||||||
|
<li>{{user.email}}</li>
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
<a href='{{ url_for('security.login', _external=True) }}'>Login</a>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
{% if current_user.email %}
|
{% if current_user.email %}
|
||||||
<li><a href='{{ url_for('create_pit_stop_form') }}'>Create Pitstop</a></li>
|
<li><a href='{{ url_for('create_pit_stop_form') }}'>Create Pitstop</a></li>
|
||||||
<li><a href='{{ url_for('get_statistics') }}'>Statistics</a></li>
|
<li><a href='{{ url_for('get_statistics') }}'>Statistics</a></li>
|
||||||
|
<li><a href='{{ url_for('get_account_page') }}'>Account</a></li>
|
||||||
{% if current_user.has_role('admin') %}
|
{% if current_user.has_role('admin') %}
|
||||||
<li><a href='{{ url_for('get_admin_page') }}'>Admin</a></li>
|
<li><a href='{{ url_for('get_admin_page') }}'>Admin</a></li>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
{% extends "layout.html" %}
|
||||||
|
{% from "security/_macros.html" import render_field_with_errors, render_field %}
|
||||||
|
|
||||||
|
{% block body %}
|
||||||
|
<h1>Change password</h1>
|
||||||
|
<form class='form-horizontal' action="{{ url_for_security('change_password') }}" method="POST" name="change_password_form">
|
||||||
|
{{ change_password_form.hidden_tag() }}
|
||||||
|
{{ render_field_with_errors(change_password_form.password) }}
|
||||||
|
{{ render_field_with_errors(change_password_form.new_password) }}
|
||||||
|
{{ render_field_with_errors(change_password_form.new_password_confirm) }}
|
||||||
|
{{ render_field(change_password_form.submit) }}
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
|
@ -0,0 +1,11 @@
|
||||||
|
{% extends "layout.html" %}
|
||||||
|
{% from "security/_macros.html" import render_field_with_errors, render_field %}
|
||||||
|
|
||||||
|
{% block body %}
|
||||||
|
<h1>Send password reset instructions</h1>
|
||||||
|
<form class='form-horizontal' action="{{ url_for_security('forgot_password') }}" method="POST" name="forgot_password_form">
|
||||||
|
{{ forgot_password_form.hidden_tag() }}
|
||||||
|
{{ render_field_with_errors(forgot_password_form.email) }}
|
||||||
|
{{ render_field(forgot_password_form.submit) }}
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
|
@ -2,6 +2,7 @@
|
||||||
{% from "security/_macros.html" import render_field_with_errors, render_field %}
|
{% from "security/_macros.html" import render_field_with_errors, render_field %}
|
||||||
|
|
||||||
{% block body %}
|
{% block body %}
|
||||||
|
<h1>Login</h1>
|
||||||
<form class='form-horizontal' action="{{ url_for_security('login') }}" method="POST" name="login_user_form">
|
<form class='form-horizontal' action="{{ url_for_security('login') }}" method="POST" name="login_user_form">
|
||||||
{{ login_user_form.hidden_tag() }}
|
{{ login_user_form.hidden_tag() }}
|
||||||
{{ render_field_with_errors(login_user_form.email) }}
|
{{ render_field_with_errors(login_user_form.email) }}
|
||||||
|
@ -9,5 +10,8 @@
|
||||||
{{ render_field_with_errors(login_user_form.remember) }}
|
{{ render_field_with_errors(login_user_form.remember) }}
|
||||||
{{ render_field(login_user_form.next) }}
|
{{ render_field(login_user_form.next) }}
|
||||||
{{ render_field(login_user_form.submit) }}
|
{{ render_field(login_user_form.submit) }}
|
||||||
|
{% if security.recoverable %}
|
||||||
|
<a href="{{ url_for_security('forgot_password') }}">Forgot password</a>
|
||||||
|
{% endif %}
|
||||||
</form>
|
</form>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
{% from "security/_macros.html" import render_field_with_errors, render_field %}
|
{% from "security/_macros.html" import render_field_with_errors, render_field %}
|
||||||
|
|
||||||
{% block body %}
|
{% block body %}
|
||||||
|
<h1>Register User</h1>
|
||||||
<form class='form-horizontal' action="{{ url_for_security('register') }}" method="POST" name="register_user_form">
|
<form class='form-horizontal' action="{{ url_for_security('register') }}" method="POST" name="register_user_form">
|
||||||
{{ register_user_form.hidden_tag() }}
|
{{ register_user_form.hidden_tag() }}
|
||||||
{{ render_field_with_errors(register_user_form.email) }}
|
{{ render_field_with_errors(register_user_form.email) }}
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
{% extends "layout.html" %}
|
||||||
|
{% from "security/_macros.html" import render_field_with_errors, render_field %}
|
||||||
|
|
||||||
|
{% block body %}
|
||||||
|
<h1>Reset password</h1>
|
||||||
|
<form class='form-horizontal' action="{{ url_for_security('reset_password', token=reset_password_token) }}" method="POST" name="reset_password_form">
|
||||||
|
{{ reset_password_form.hidden_tag() }}
|
||||||
|
{{ render_field_with_errors(reset_password_form.password) }}
|
||||||
|
{{ render_field_with_errors(reset_password_form.password_confirm) }}
|
||||||
|
{{ render_field(reset_password_form.submit) }}
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
Loading…
Reference in New Issue