From 390118226dca712ea27488fe7a6f8b10dfe6b12b Mon Sep 17 00:00:00 2001
From: Place Jean-Marie
Date: Sat, 16 Oct 2021 23:22:03 +0200
Subject: [PATCH] modification du formulaire de changement de mot de passe
personnel
---
app/api/auth.py | 2 +-
app/templates/auth/change_password.html | 46 +++++++++++++
app/views/users.py | 90 +++++++++++++++++--------
3 files changed, 108 insertions(+), 30 deletions(-)
create mode 100644 app/templates/auth/change_password.html
diff --git a/app/api/auth.py b/app/api/auth.py
index 0226976cd2..24348aab83 100644
--- a/app/api/auth.py
+++ b/app/api/auth.py
@@ -33,7 +33,7 @@ token_auth = HTTPTokenAuth()
@basic_auth.verify_password
def verify_password(username, password):
- user = User.query.filter_by(username=username).first()
+ user = User.query.filter_by(user_name=username).first()
if user and user.check_password(password):
return user
diff --git a/app/templates/auth/change_password.html b/app/templates/auth/change_password.html
new file mode 100644
index 0000000000..228982ab6b
--- /dev/null
+++ b/app/templates/auth/change_password.html
@@ -0,0 +1,46 @@
+{% extends "base.html" %}
+{% import 'bootstrap/wtf.html' as wtf %}
+
+{% macro render_field(field) %}
+
+ {{ field.label }} |
+ {{ field(**kwargs)|safe }}
+ {% if field.errors %}
+
+ {% for error in field.errors %}
+ - {{ error }}
+ {% endfor %}
+
+ {% endif %}
+ |
+
+{% endmacro %}
+
+{% block app_content %}
+Changez vos données personnelles
+ Identifiez vous avez votre mot de passe actuel
+ Vous pouvez changer votre mot de passe (laisez les champs vides sinon)
+ et/ou votre adresse email.
+
+
+
+{##}
+{#
Votre identifiant: {{user.user_name}}
#}
+{#
#}
+{##}
+{##}
+{#
#}
+{# {{ wtf.quick_form(form) }}#}
+{#
#}
+{#
#}
+{% endblock %}
\ No newline at end of file
diff --git a/app/views/users.py b/app/views/users.py
index 98d14f303e..84f1766068 100644
--- a/app/views/users.py
+++ b/app/views/users.py
@@ -38,12 +38,15 @@ import re
from xml.etree import ElementTree
import flask
-from flask import g, url_for, request, current_app
+from flask import g, url_for, request, current_app, flash
from flask import redirect, render_template
from flask_login import current_user
+from wtforms import HiddenField, PasswordField, StringField, SubmitField
+from wtforms.validators import DataRequired, Email, ValidationError, EqualTo
from app import db
+from app.api.auth import verify_password
from app.auth.forms import DeactivateUserForm
from app.auth.models import Permission
from app.auth.models import User
@@ -69,6 +72,40 @@ from app.scodoc.sco_import_users import generate_password
from app.scodoc.sco_permissions_check import can_handle_passwd
from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message
from app.views import users_bp as bp
+from flask_wtf import FlaskForm
+
+_ = lambda x: x # sans babel
+_l = _
+
+
+class ChangePasswordForm(FlaskForm):
+ user_name = HiddenField()
+ old_password = PasswordField(_l("Ancien mot de passe"))
+ new_password = PasswordField(_l("Nouveau mot de passe"))
+ bis_password = PasswordField(
+ _l("Répéter"),
+ validators=[
+ EqualTo(
+ "new_password",
+ message="Les deux saisies sont " "différentes, recommencez",
+ ),
+ ],
+ )
+ email = StringField(_l("Email"), validators=[DataRequired(), Email()])
+ submit = SubmitField(_l("Modifier"))
+
+ def validate_email(self, email):
+ user = User.query.filter_by(email=email.data).first()
+ if user is not None and self.user_name.data != user.user_name:
+ raise ValidationError(_("Please choose a different email address."))
+
+ def validate_new_password(self, new_password):
+ if new_password.data != "" and not is_valid_password(new_password.data):
+ raise ValidationError(f"Mot de passe trop simple, recommencez")
+
+ def validate_old_password(self, old_password):
+ if not verify_password(self.user_name.data, old_password.data):
+ raise ValidationError("Ancien mot de passe incorrect, recommenccez")
@bp.route("/")
@@ -676,7 +713,7 @@ def get_user_list_xml(dept=None, start="", limit=25):
return scu.send_file(data, mime=scu.XML_MIMETYPE)
-@bp.route("/form_change_password")
+@bp.route("/form_change_password", methods=["GET", "POST"])
@scodoc
@permission_required(Permission.ScoView)
@scodoc7func
@@ -685,36 +722,31 @@ def form_change_password(user_name=None):
Un utilisateur peut toujours changer son propre mot de passe.
"""
if not user_name:
- u = current_user
+ user = current_user
else:
- u = User.query.filter_by(user_name=user_name).first()
- H = [html_sco_header.sco_header(user_check=False)]
- F = html_sco_header.sco_footer()
+ user = User.query.filter_by(user_name=user_name).first()
+
# check access
- if not can_handle_passwd(u):
- return (
- "\n".join(H)
- + "Vous n'avez pas la permission de changer ce mot de passe
"
- + F
+ if not can_handle_passwd(user):
+ return "\n".join(
+ [
+ html_sco_header.sco_header(user_check=False),
+ "Vous n'avez pas la permission de changer ce mot de passe
",
+ html_sco_header.sco_footer(),
+ ]
)
- #
- H.append(
- """Changement du mot de passe de %(nomplogin)s
-
-
- Note: en ScoDoc 9, les utilisateurs peuvent changer eux-même leur mot de passe
- en indiquant l'adresse mail associée à leur compte.
-
-"""
- % {"nomplogin": u.get_nomplogin(), "user_name": user_name}
- )
- return "\n".join(H) + F
+ form = ChangePasswordForm(user_name=user.user_name, email=user.email)
+ if form.validate_on_submit():
+ messages = []
+ if form.new_password.data != "": # change password
+ user.set_password(form.new_password.data)
+ messages.append("Mot de passe modifié")
+ if form.email.data != user.email: # change email
+ user.email = form.email.data
+ messages.append("Adresse email modifiée")
+ db.session.commit()
+ flash("\n".join(messages))
+ return render_template("auth/change_password.html", form=form)
@bp.route("/change_password", methods=["POST"])