from flask import render_template, url_for, flash, redirect, request, Blueprint from flask_login import login_user, current_user, logout_user, login_required from minibase.app import db, bcrypt import minibase.theme as theme from minibase.blueprints.user.models import Users, User_Roles import minibase.blueprints.database.utils as dbUtils import minibase.blueprints.user.utils as UserUtils from minibase.blueprints.user.forms import registrationForm, loginForm, updateAccountForm, resetPasswordForm, requestResetForm, updateRoleForm from minibase.blueprints.user.utils import save_picture, send_reset_email # Declaring a blueprint user = Blueprint('user', __name__, template_folder='templates') @user.route("/register", methods=['GET', 'POST']) def register(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = registrationForm() if form.validate_on_submit(): hashed_pw = bcrypt.generate_password_hash(form.password.data).decode('utf-8') dbUtils.dbAddAndCommit(Users(username=form.username.data, email_account=form.email.data, email_comm=form.email.data, password=hashed_pw)) flash(f'{"Your account has been created you can now log in!"}', 'success') return redirect(url_for('user.login')) return render_template('user/register.html', theme=theme, form=form) @user.route("/login", methods=['GET', 'POST']) def login(): if current_user.is_authenticated: # Is the user alredy authenticated? return redirect(url_for('main.index')) # Then redirect home form = loginForm() if form.validate_on_submit(): user = UserUtils.dbGetMailFirst(form.email.data) if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user, remember=form.remember.data) next_page = request.args.get('next') return redirect(next_page) if next_page else redirect(url_for('main.index')) else: flash('Login unsuccessful. Please chek your Email and Password!', 'danger') return render_template('user/login.html', theme=theme, form=form) @user.route("/logout") def logout(): logout_user() return redirect(url_for('main.index')) @user.route("/account", methods=['GET', 'POST']) @login_required def account(): form = updateAccountForm() if form.validate_on_submit(): if form.picture.data: picture_file = save_picture(form.picture.data) current_user.image_file = picture_file current_user.username = form.username.data current_user.email_account = form.email_account.data current_user.email_comm = form.email_comm.data db.session.commit() flash('Your account has been updated!', 'success') return redirect(url_for('user.account')) elif request.method == 'GET': form.username.data = current_user.username form.email_account.data = current_user.email_account form.email_comm.data = current_user.email_comm image_file = url_for('static', filename='pics/' + current_user.image_file) return render_template('user/account.html', theme=theme, image_file=image_file, form=form) @user.route("/reset_password", methods=['GET', 'POST']) def reset_request(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = requestResetForm() if form.validate_on_submit(): user = UserUtils.dbGetMailFirst(form.email.data) send_reset_email(user) flash('An Email has been sent with instruction to reset your password', 'warning') return render_template('user/reset_request.html', theme=theme, form=form) @user.route("/reset_password/", methods=['GET', 'POST']) def reset_token(token): if current_user.is_authenticated: return redirect(url_for('main.index')) user = Users.verify_reset_token(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('user.reset_request')) form = resetPasswordForm() if form.validate_on_submit(): hashed_pw = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user.password = hashed_pw db.session.commit() flash(f'{"Your password has benn updated"}', 'success') return redirect(url_for('user.login')) return render_template('user/reset_token.html', theme=theme, form=form) @user.route("/roles", methods=['GET', 'POST']) @login_required def roles(): page=request.args.get('page', 1, type=int) table=dbUtils.table_printable_paginate(User_Roles, page, 20, 'role/edit/', 'id') return(render_template('view.html', theme=theme, table=table, title="User Roles")) class bottons: def __init__(self, name, link): self.name = name self.link = link @user.route("/role/edit/", methods=['GET', 'POST']) @login_required def updateRole(id): if current_user.role.id == 1: extraButton=[] extraButton.append(bottons('Back To Roles', url_for('user.roles'))) role = UserUtils.queryRoleById(id) form = updateRoleForm() if form.validate_on_submit(): role.title = form.role.data role.description = form.description.data dbUtils.dbCommit() flash('The role has been updated', 'success') return redirect(url_for('user.updateRole', id=role.id)) elif request.method == 'GET': form.id.data = role.id form.role.data = role.name form.description.data = role.description return(render_template('edit.html', theme=theme, form=form, title=current_user.role.name, extraButtons=extraButton)) else: flash('You have no permission to do that', 'danger') return redirect(url_for('main.index'))