Added Change Password

2010-03-26 14:33:41 +02:00 · 2010-03-26 14:33:41 +02:00 · 85b2cd8484
commit 85b2cd8484
parent 60f74bf90a
4 changed files with 68 additions and 12 deletions
--- a/scribeengine/controllers/account.py
+++ b/scribeengine/controllers/account.py
@ -74,6 +74,36 @@ class AccountController(BaseController):
            h.flash.set_message(u'There was a problem updating your account.',  u'error')
        h.redirect_to(h.url_for(controller=u'account'))

+    @authenticate()
+    def password(self):
+        c.page_title = u'Your Password'
+        return render(u'/account/password.mako')
+
+    @jsvalidate(u'account-password')
+    def password_jsschema(self):
+        return {
+            u'password-password': JSString(required=True, message=u'You haven\'t typed in a password.'),
+            u'password-confirm': JSString(required=True, equalTo=u'#password-password', message=u'Your passwords don\'t match.')
+        }
+
+    def password_schema(self):
+        return {
+            'password-password': UnicodeString(not_empty=True, messages={'empty': u'You haven\'t typed in a password.'}),
+            'confirm-password': [FieldsMatch('password-password', 'password-confirm', messages={'invalid': u'Your passwords don\'t match.'})]
+        }
+
+    @authenticate()
+    def password_POST(self):
+        password_hash = utils.hash_password(c.form_values[u'password-password'])
+        log.debug('Old Hash: "%s"', c.current_user.password)
+        log.debug('New Hash: "%s"', password_hash)
+        c.current_user.password = password_hash
+        c.current_user.modified = datetime.now()
+        Session.add(c.current_user)
+        Session.commit()
+        h.flash.set_message(u'Successfully updated your password.', u'success')
+        h.redirect_to('/account/password')
+
    def register(self):
        c.page_title = u'Register'
        return render(u'/account/register.mako')
@ -207,7 +237,10 @@ class AccountController(BaseController):
                u'e-mail.', u'success')
        h.redirect_to('/account/login')

-    def password(self, id=None):
+    def resetpassword(self, id=None):
+        """
+        Reset your password.
+        """
        if not id or not request.GET.get(u'code'):
            h.flash.set_message(u'There was a problem with your activation code, please reset your password again.', u'error')
            h.redirect_to(h.url_for(controller=u'account', action=u'login'))
@ -218,33 +251,35 @@ class AccountController(BaseController):
        if c.user.activation_key != request.GET.get(u'code'):
            h.flash.set_message(u'There was a problem with your activation code, please reset your password again.', u'error')
            h.redirect_to(h.url_for(controller=u'account', action=u'login'))
-        c.page_title = u'Change Password'
-        return render(u'/account/password.mako')
+        c.page_title = u'Reset Password'
+        return render(u'/account/resetpassword.mako')

-    @jsvalidate(u'account-password')
-    def password_jsschema(self):
+    @jsvalidate(u'account-resetpassword')
+    def resetpassword_jsschema(self):
        return {
            u'password-password': JSString(required=True, message=u'You haven\'t typed in a password.'),
            u'password-confirm': JSString(required=True, equalTo=u'#password-password', message=u'Your passwords don\'t match.')
        }

-    def password_schema(self):
+    def resetpassword_schema(self):
        return {
            'password-password': UnicodeString(not_empty=True, messages={'empty': u'You haven\'t typed in a password.'}),
            'confirm-password': [FieldsMatch('password-password', 'password-confirm', messages={'invalid': u'Your passwords don\'t match.'})]
        }

-    def password_POST(self, id=None):
+    def resetpassword_POST(self, id=None):
        user = Session.query(User).get(id)
        if not user:
-            h.flash.set_message(u'There was a problem with your account, please reset your password again.', u'error')
+            h.flash.set_message(u'There was a problem with your account, '
+                u'please reset your password again.', u'error')
            h.redirect_to(h.url_for(controller=u'account', action=u'login'))
        user.password = utils.hash_password(c.form_values[u'password-password'])
        user.activation_key = None
        user.modified = datetime.now()
        Session.add(user)
        Session.commit()
-        h.flash.set_message(u'Successfully updated your password. Please login with your new password.', u'success')
+        h.flash.set_message(u'Successfully updated your password. Please login '
+            u'with your new password.', u'success')
        h.redirect_to('/account/login')

    def login(self):
--- a/scribeengine/templates/account/password.mako
+++ b/scribeengine/templates/account/password.mako
@ -1,9 +1,9 @@
 <%inherit file="/base.mako"/>
        <%include file="/flash.mako"/>
        <div class="post">
-            <h2 class="title">New password</h2>
+            <h2 class="title">Change password</h2>
            <%include file="/errors.mako"/>
-            <form id="account-password" action="${h.url_for(controller=u'account', action=u'password', id=c.user.id)}" method="post">
+            <form id="account-password" action="${h.url_for(controller=u'account', action=u'password')}" method="post">
              <fieldset>
                <div class="form-item">
                  <label for="password-password">Password:</label>
--- a/scribeengine/templates/account/resetpassword.mako
+++ b/scribeengine/templates/account/resetpassword.mako
@ -0,0 +1,21 @@
+<%inherit file="/base.mako"/>
+        <%include file="/flash.mako"/>
+        <div class="post">
+            <h2 class="title">Reset password</h2>
+            <%include file="/errors.mako"/>
+            <form id="account-resetpassword" action="${h.url_for(controller=u'account', action=u'resetpassword', id=c.user.id)}" method="post">
+              <fieldset>
+                <div class="form-item">
+                  <label for="password-password">Password:</label>
+                  <input type="password" name="password-password" id="password-password" class="form-text" />
+                </div>
+                <div class="form-item">
+                  <label for="password-confirm">Confirm password:</label>
+                  <input type="password" name="password-confirm" id="password-confirm" class="form-text" />
+                </div>
+                <div class="form-item">
+                  <input type="submit" name="password-action" value="Change password" class="form-button"/>
+                </div>
+              </fieldset>
+            </form>
+        </div>
--- a/scribeengine/templates/email/reset.mako
+++ b/scribeengine/templates/email/reset.mako
@ -4,7 +4,7 @@ You have just reset your password on ${c.blog_title}, but before you continue,
 you will need to activate your account. You can do this by simply clicking on
 the link below, or copying and pasting it into your browser.

-${c.blog_host}${h.url_for(controller=u'account', action=u'password', id=c.user.id, code=c.user.activation_key)}
+${c.blog_host}${h.url_for(controller=u'account', action=u'resetpassword', id=c.user.id, code=c.user.activation_key)}

 Kind regards,