104 lines
3.4 KiB
Python
104 lines
3.4 KiB
Python
from flask import Flask, render_template, request, redirect, session
|
|
from flask_session import Session
|
|
import utils
|
|
import database
|
|
import mail
|
|
|
|
app = Flask(__name__);
|
|
app.config["SESSION_PERMANENT"] = False
|
|
app.config["SESSION_TYPE"] = "filesystem"
|
|
Session(app)
|
|
|
|
@app.route("/")
|
|
def home():
|
|
return (render_template("home.html"));
|
|
|
|
@app.route("/connected")
|
|
def connected():
|
|
if (not session.get("email")):
|
|
return (redirect("/login"))
|
|
return (render_template("connected.html"));
|
|
|
|
@app.route("/login")
|
|
def login():
|
|
if (session.get("email")):
|
|
return (redirect("/connected"))
|
|
return (render_template("login.html"));
|
|
|
|
@app.route('/login', methods=['POST'])
|
|
def login_post():
|
|
email = request.form.get('email')
|
|
password = request.form.get('password')
|
|
if (not database.user_exist(email)):
|
|
return (render_template("login.html", error="Email ou mot de passe faux"))
|
|
if (not database.check_password(email, password)):
|
|
return (render_template("login.html", error="Email ou mot de passe faux"))
|
|
session["email"] = email
|
|
return (redirect("/connected"))
|
|
|
|
@app.route('/logout')
|
|
def logout():
|
|
session.pop('email', None)
|
|
return redirect("/login")
|
|
|
|
@app.route("/signin")
|
|
def signin():
|
|
if (session.get("email")):
|
|
return (redirect("/connected"))
|
|
return (render_template("signin.html"));
|
|
|
|
@app.route('/signin', methods=['POST'])
|
|
def signin_post():
|
|
email = request.form.get('email')
|
|
password = request.form.get('password')
|
|
repassword = request.form.get('repassword')
|
|
if (password != repassword):
|
|
return (render_template("signin.html", error="Les deux mots de passe sont differents"))
|
|
if (utils.check_email(email)):
|
|
return (render_template("signin.html", error="Votre email n'est pas valdie"))
|
|
if (database.user_exist(email)):
|
|
return (render_template("signin.html", error="Email deja utilisé"))
|
|
database.add_user(email, password);
|
|
return (redirect("/connected"))
|
|
|
|
@app.route("/forgot")
|
|
def forgot():
|
|
return (render_template("forgot.html"));
|
|
|
|
@app.route("/forgot", methods=["POST"])
|
|
def forgot_post():
|
|
email = request.form.get('email')
|
|
if (not database.email_exist(email)):
|
|
return (render_template("forgot.html", error="Ce compte n'existe pas'"))
|
|
uuid = database.create_reset_code_by_email(email);
|
|
mail.send_mail(email, "Password recovery", render_template("mails/password_recovery.html", code=uuid))
|
|
return (redirect(f"/reset/{uuid}"))
|
|
|
|
@app.route("/reset/<uuid>")
|
|
def reset(uuid):
|
|
if (not database.reset_code_exist(uuid)):
|
|
return (render_template("error.html", error="code inconnu"))
|
|
email = database.get_email_by_reset_code(uuid)
|
|
email = email["email"]
|
|
return (render_template("reset.html", email=email))
|
|
|
|
@app.route("/reset/<uuid>", methods=['POST'])
|
|
def reset_post(uuid):
|
|
if (not database.reset_code_exist(uuid)):
|
|
return (render_template("error.html", error="code inconnu"))
|
|
email = database.get_email_by_reset_code(uuid)
|
|
password = request.form.get('password')
|
|
repassword = request.form.get('repassword')
|
|
if (password != repassword):
|
|
return (render_template("reset.html", error="Les deux mots de passe sont differents"))
|
|
database.change_user_password(email, password);
|
|
database.remove_reset_code_by_code(uuid);
|
|
return (redirect("/login"))
|
|
|
|
@app.route("/join/<uuid>")
|
|
def join(uuid):
|
|
return ("bozo")
|
|
|
|
if __name__ == '__main__':
|
|
app.run(host='0.0.0.0', port=5000, debug=1)
|