Fix password issues caused by Flask-User migration
This commit is contained in:
@@ -65,7 +65,7 @@ def github_authorized(oauth_token):
|
||||
flash("Unable to find an account for that Github user", "error")
|
||||
return redirect(url_for("users.claim"))
|
||||
elif loginUser(userByGithub):
|
||||
if current_user.password is None:
|
||||
if not current_user.hasPassword():
|
||||
return redirect(next_url or url_for("users.set_password", optional=True))
|
||||
else:
|
||||
return redirect(next_url or url_for("homepage.home"))
|
||||
|
||||
@@ -170,7 +170,7 @@ class SetPasswordForm(FlaskForm):
|
||||
@bp.route("/user/set-password/", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def set_password():
|
||||
if current_user.password is not None:
|
||||
if current_user.hasPassword():
|
||||
return redirect(url_for("user.change_password"))
|
||||
|
||||
form = SetPasswordForm(request.form)
|
||||
@@ -185,10 +185,11 @@ def set_password():
|
||||
hashed_password = user_manager.hash_password(form.password.data)
|
||||
|
||||
# Change password
|
||||
user_manager.update_password(current_user, hashed_password)
|
||||
current_user.password = hashed_password
|
||||
db.session.commit()
|
||||
|
||||
# Send 'password_changed' email
|
||||
if user_manager.enable_email and user_manager.send_password_changed_email and current_user.email:
|
||||
if user_manager.USER_ENABLE_EMAIL and current_user.email:
|
||||
emails.send_password_changed_email(current_user)
|
||||
|
||||
# Send password_changed signal
|
||||
@@ -211,7 +212,7 @@ def set_password():
|
||||
task = sendVerifyEmail.delay(newEmail, token)
|
||||
return redirect(url_for("tasks.check", id=task.id, r=url_for("users.profile", username=current_user.username)))
|
||||
else:
|
||||
return redirect(url_for("users.profile", username=current_user.username))
|
||||
return redirect(url_for("user.login"))
|
||||
else:
|
||||
flash("Passwords do not match", "error")
|
||||
|
||||
|
||||
@@ -146,7 +146,7 @@ class User(db.Model, UserMixin):
|
||||
tokens = db.relationship("APIToken", backref="owner", lazy="dynamic")
|
||||
replies = db.relationship("ThreadReply", backref="author", lazy="dynamic")
|
||||
|
||||
def __init__(self, username, active=False, email=None, password=None):
|
||||
def __init__(self, username, active=False, email=None, password=""):
|
||||
self.username = username
|
||||
self.email_confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
|
||||
self.display_name = username
|
||||
@@ -155,6 +155,9 @@ class User(db.Model, UserMixin):
|
||||
self.password = password
|
||||
self.rank = UserRank.NOT_JOINED
|
||||
|
||||
def hasPassword(self):
|
||||
return self.password != ""
|
||||
|
||||
def canAccessTodoList(self):
|
||||
return Permission.APPROVE_NEW.check(self) or \
|
||||
Permission.APPROVE_RELEASE.check(self) or \
|
||||
@@ -203,6 +206,13 @@ class User(db.Model, UserMixin):
|
||||
return Thread.query.filter_by(author=self) \
|
||||
.filter(Thread.created_at > hour_ago).count() < 2
|
||||
|
||||
def __eq__(self, other):
|
||||
if not self.is_authenticated or not other.is_authenticated:
|
||||
return False
|
||||
|
||||
assert self.id > 0
|
||||
return self.id == other.id
|
||||
|
||||
class UserEmailVerification(db.Model):
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey("user.id"))
|
||||
|
||||
@@ -15,7 +15,7 @@ Sign in
|
||||
{{ form.hidden_tag() }}
|
||||
|
||||
{# Username or Email field #}
|
||||
{% set field = form.username if user_manager.USER_ENABLE_REGISTER else form.email %}
|
||||
{% set field = form.username if user_manager.USER_ENABLE_USERNAME else form.email %}
|
||||
<div class="form-group {% if field.errors %}has-error{% endif %}">
|
||||
{# Label on left, "New here? Register." on right #}
|
||||
<label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>
|
||||
|
||||
Reference in New Issue
Block a user