commit ecb260512e87191bea610916b0bfa2dabf5c9b50
parent 21cbe8177396649744d1cb3d6fb268d82577cbf4
Author: parazyd <parazyd@dyne.org>
Date: Tue, 22 Jan 2019 15:28:41 +0100
Improvements to login and password changing.
Diffstat:
5 files changed, 20 insertions(+), 25 deletions(-)
diff --git a/diaspora.py b/diaspora.py
@@ -137,13 +137,19 @@ def changepass():
old_in_db = user['password']
old_in_pg = request.form['oldpassword']
new_in_pg = request.form['newpassword']
+ if not old_in_pg or not new_in_pg:
+ return render_template('fail.html',
+ 'Please input both old and new passwords!')
- if hashpw(old_in_pg.encode(), old_in_db) == old_in_db:
+ old_hashed = hashpw(old_in_pg.encode(), old_in_db)
+ if old_hashed == old_in_db:
hashed = hashpw(new_in_pg.encode(), gensalt())
sql_update_row_where([('password', hashed), ('is_active', 1)],
'email', user['email'], table='users')
+ else:
+ return render_template('fail.html', msg='Old password is incorrect.')
- return redirect('/')
+ return render_template('success.html', msg='Password change success!')
@app.route('/logout')
@@ -153,7 +159,7 @@ def logout():
User logout route.
"""
logout_user()
- return render_template('logout.html')
+ return render_template('success.html', msg='Successfully logged out!')
@app.route('/messages')
diff --git a/templates/change_pass.html b/templates/change_pass.html
@@ -4,10 +4,13 @@
{% include 'nav.html' %}
- <main role="main" class="container">
+ <main role="main" class="container cover">
+
+ <h1 class="cover-heading">Change your password</h1>
+ <hr>
{% if first == 0 %}
- <p class="lead">Since this is your first login, you are required
+ <p>Since this is your first login, you are required
to change your password.</p>
{% endif %}
diff --git a/templates/login.html b/templates/login.html
@@ -4,12 +4,15 @@
{% include 'nav.html' %}
- <main role="main" class="container">
+ <main role="main" class="container cover">
+
+ <h1 class="cover-heading">Login</h1>
+ <hr>
<form action="/login" method="POST">
<div class="form-group">
<p class="lead">Email:<br>
- <input type="text" class="form-control" name="username" placeholder="email" required>
+ <input type="email" class="form-control" name="username" placeholder="email" required>
</p>
<p class="lead">Password:<br>
diff --git a/templates/logout.html b/templates/logout.html
@@ -1,17 +0,0 @@
-{% include 'header.html' %}
-
- <title>Logout | Diaspora Diaries</title>
-
-{% include 'nav.html' %}
-
- <main role="main" class="container cover">
-
- <h1 class="cover-heading">Success!</h1>
-
- <p class="lead">Successfully logged out!</p>
-
- <p class="lead">You can return to the <a href="/">homepage</a> now.</p>
-
- </main>
-
-{% include 'footer.html' %}
diff --git a/templates/nav.html b/templates/nav.html
@@ -61,7 +61,7 @@
</li>
{% else %}
<li class="nav-item">
- <a class="nav-link" href="/login">Login</a>
+ <a class="nav-link {% if request.endpoint == 'login' %}active{% endif %}" href="/login">Login</a>
</li>
{% endif %}
</ul>
