add change password functionality
This commit is contained in:
parent
86a896f78b
commit
09621485a7
55
stickup.py
55
stickup.py
|
@ -10,6 +10,7 @@ import aiohttp_jinja2
|
||||||
from aiohttp_jinja2 import render_template
|
from aiohttp_jinja2 import render_template
|
||||||
import uvloop
|
import uvloop
|
||||||
import asyncpg
|
import asyncpg
|
||||||
|
from passlib.hash import argon2
|
||||||
|
|
||||||
import config
|
import config
|
||||||
import buckler_aiohttp
|
import buckler_aiohttp
|
||||||
|
@ -18,13 +19,61 @@ uvloop.install()
|
||||||
routes = web.RouteTableDef()
|
routes = web.RouteTableDef()
|
||||||
|
|
||||||
@routes.get('/', name='index')
|
@routes.get('/', name='index')
|
||||||
|
@routes.post('/', name='index')
|
||||||
async def index(request):
|
async def index(request):
|
||||||
"""The index page."""
|
"""The index page."""
|
||||||
async with request.app['pool'].acquire() as conn:
|
|
||||||
user_id = int(request.cookies.get('userid'))
|
user_id = int(request.cookies.get('userid'))
|
||||||
email_addresses = await conn.fetch(
|
|
||||||
"SELECT email FROM virtual_users WHERE buckler_id = $1",
|
async with request.app['pool'].acquire() as conn:
|
||||||
|
user_data = await conn.fetch(
|
||||||
|
"SELECT * FROM virtual_users WHERE buckler_id = $1",
|
||||||
user_id)
|
user_id)
|
||||||
|
|
||||||
|
result = {}
|
||||||
|
if request.method == 'POST':
|
||||||
|
data = await request.post()
|
||||||
|
current_password = data.get('current_password', '')
|
||||||
|
new_password = data.get('new_password', '')
|
||||||
|
verify_new_password = data.get('verify_new_password', '')
|
||||||
|
|
||||||
|
if not argon2.verify(current_password, user_data[0]['password']):
|
||||||
|
result = {
|
||||||
|
'ok': False,
|
||||||
|
'message': "Current password does not match."
|
||||||
|
}
|
||||||
|
return render_template('index.html', request, locals())
|
||||||
|
|
||||||
|
if new_password != verify_new_password:
|
||||||
|
result = {
|
||||||
|
'ok': False,
|
||||||
|
'message': "New passwords do not match."
|
||||||
|
}
|
||||||
|
return render_template('index.html', request, locals())
|
||||||
|
|
||||||
|
if len(new_password) > config.max_password:
|
||||||
|
result = {
|
||||||
|
'ok': False,
|
||||||
|
'message': "Maximum password length is 1024 characters."
|
||||||
|
}
|
||||||
|
return render_template('index.html', request, locals())
|
||||||
|
|
||||||
|
if len(new_password) < config.min_password:
|
||||||
|
result = {
|
||||||
|
'ok': False,
|
||||||
|
'message': "Minimum password length is 8 characters."
|
||||||
|
}
|
||||||
|
return render_template('index.html', request, locals())
|
||||||
|
|
||||||
|
pw_hash = argon2.hash(new_password)
|
||||||
|
async with request.app['pool'].acquire() as conn:
|
||||||
|
await conn.fetch(
|
||||||
|
"UPDATE virtual_users SET password = $1 WHERE buckler_id = $2",
|
||||||
|
pw_hash, user_id)
|
||||||
|
result = {
|
||||||
|
'ok': True,
|
||||||
|
'message': "Password has been changed."
|
||||||
|
}
|
||||||
|
|
||||||
return render_template('index.html', request, locals())
|
return render_template('index.html', request, locals())
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -7,8 +7,30 @@
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<h1>This is a stickup!</h1>
|
<h1>This is a stickup!</h1>
|
||||||
{% for record in email_addresses %}
|
{% for record in user_data %}
|
||||||
<div>Your email address is {{ record['email'] }}</div>
|
<div>Your email address is {{ record['email'] }}</div>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% if result %}
|
||||||
|
<div>{{ result['message'] }}</div>
|
||||||
|
{% endif %}
|
||||||
|
<form method="post" enctype="application/x-www-form-urlencoded">
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><label for="current_password">Current password</label></td>
|
||||||
|
<td><input id="current_password" name="current_password" type="password"></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><label for="new_password">New password</label></td>
|
||||||
|
<td><input id="new_password" name="new_password" type="password"></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><label for="verify_new_password">Verify new password</label></td>
|
||||||
|
<td><input id="verify_new_password" name="verify_new_password" type="password"></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><input type="submit" value="Submit"></td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</form>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user