Add account settings page with options to update email, password and delete account
This commit is contained in:
Peter Stockings
@@ -21,26 +21,27 @@ def get_client_ip():
|
||||
return request.remote_addr
|
||||
|
||||
class User(UserMixin):
|
||||
def __init__(self, id, username, password_hash, created_at, theme_preference='light'):
|
||||
def __init__(self, id, username, password_hash, created_at, theme_preference='light', email=None):
|
||||
self.id = id
|
||||
self.username = username
|
||||
self.password_hash = password_hash
|
||||
self.created_at = created_at
|
||||
self.theme_preference = theme_preference
|
||||
self.email = email
|
||||
|
||||
@staticmethod
|
||||
def get(user_id):
|
||||
user_data = db.get_user(int(user_id))
|
||||
|
||||
if user_data:
|
||||
return User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'))
|
||||
return User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'), email=user_data.get('email'))
|
||||
return None
|
||||
|
||||
@login_manager.user_loader
|
||||
def load_user(user_id):
|
||||
user_data = db.get_user(int(user_id))
|
||||
if user_data:
|
||||
return User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'))
|
||||
return User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'), email=user_data.get('email'))
|
||||
return None
|
||||
|
||||
@auth.route('/login', methods=['GET', 'POST'])
|
||||
@@ -64,7 +65,7 @@ def login():
|
||||
db.record_login(user_data['id'], get_client_ip(), str(request.user_agent), False, "Invalid password")
|
||||
return render_template("login.html", error="Invalid username or password")
|
||||
|
||||
user = User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'))
|
||||
user = User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'), email=user_data.get('email'))
|
||||
|
||||
# Record successful login with real IP
|
||||
db.record_login(user.id, get_client_ip(), str(request.user_agent), True)
|
||||
@@ -94,7 +95,7 @@ def signup():
|
||||
hashed_password = generate_password_hash(password)
|
||||
user_data = db.create_new_user(username, hashed_password)
|
||||
|
||||
user = User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'))
|
||||
user = User(id=str(user_data['id']), username=user_data['username'], password_hash=user_data['password_hash'], created_at=user_data['created_at'], theme_preference=user_data.get('theme_preference', 'light'), email=user_data.get('email'))
|
||||
login_user(user)
|
||||
|
||||
return redirect(url_for('home.index'))
|
||||
|
||||
@@ -50,7 +50,8 @@ def export():
|
||||
return render_block(
|
||||
environment,
|
||||
"dashboard/settings/export.html",
|
||||
"page"
|
||||
"page",
|
||||
current_user=current_user
|
||||
)
|
||||
return render_template("dashboard/settings/export.html")
|
||||
|
||||
@@ -74,7 +75,8 @@ def api_keys():
|
||||
"dashboard/settings/api_keys.html",
|
||||
"page",
|
||||
api_keys=api_keys,
|
||||
functions=functions
|
||||
functions=functions,
|
||||
current_user=current_user
|
||||
)
|
||||
return render_template("dashboard/settings/api_keys.html", api_keys=api_keys, functions=functions)
|
||||
|
||||
@@ -129,7 +131,8 @@ def database_schema():
|
||||
environment,
|
||||
"dashboard/settings/database_schema.html",
|
||||
"page",
|
||||
schema_info=schema_info
|
||||
schema_info=schema_info,
|
||||
current_user=current_user
|
||||
)
|
||||
return render_template("dashboard/settings/database_schema.html", schema_info=schema_info)
|
||||
|
||||
@@ -145,10 +148,92 @@ def login_history():
|
||||
environment,
|
||||
"dashboard/settings/login_history.html",
|
||||
"page",
|
||||
history=history
|
||||
history=history,
|
||||
current_user=current_user
|
||||
)
|
||||
return render_template("dashboard/settings/login_history.html", history=history)
|
||||
|
||||
@settings.route("/account", methods=["GET"])
|
||||
@login_required
|
||||
def account():
|
||||
"""Display account settings page"""
|
||||
if htmx:
|
||||
return render_block(
|
||||
environment,
|
||||
"dashboard/settings/account.html",
|
||||
"page",
|
||||
current_user=current_user
|
||||
)
|
||||
return render_template("dashboard/settings/account.html")
|
||||
|
||||
@settings.route("/account/password", methods=["POST"])
|
||||
@login_required
|
||||
def update_password():
|
||||
"""Update user password"""
|
||||
from werkzeug.security import generate_password_hash, check_password_hash
|
||||
|
||||
current_password = request.form.get('current_password')
|
||||
new_password = request.form.get('new_password')
|
||||
confirm_password = request.form.get('confirm_password')
|
||||
|
||||
# Verify current password
|
||||
user_data = db.get_user(current_user.id)
|
||||
if not check_password_hash(user_data['password_hash'], current_password):
|
||||
return render_template("dashboard/settings/account.html", error="Incorrect current password")
|
||||
|
||||
# Validate new password
|
||||
if len(new_password) < 10:
|
||||
return render_template("dashboard/settings/account.html", error="New password must be at least 10 characters")
|
||||
|
||||
if new_password != confirm_password:
|
||||
return render_template("dashboard/settings/account.html", error="New passwords do not match")
|
||||
|
||||
# Update password
|
||||
new_hash = generate_password_hash(new_password)
|
||||
db.update_user_password(current_user.id, new_hash)
|
||||
|
||||
return render_template("dashboard/settings/account.html", success="Password updated successfully")
|
||||
|
||||
@settings.route("/account/email", methods=["POST"])
|
||||
@login_required
|
||||
def update_email():
|
||||
"""Update user email"""
|
||||
email = request.form.get('email')
|
||||
|
||||
# Basic validation
|
||||
if email and '@' not in email:
|
||||
return render_template("dashboard/settings/account.html", error="Invalid email address")
|
||||
|
||||
db.update_user_email(current_user.id, email)
|
||||
|
||||
# Update current user object in session if needed, or just reload page
|
||||
return render_template("dashboard/settings/account.html", success="Email updated successfully")
|
||||
|
||||
@settings.route("/account/delete", methods=["POST"])
|
||||
@login_required
|
||||
def delete_account():
|
||||
"""Delete user account"""
|
||||
from werkzeug.security import check_password_hash
|
||||
from flask_login import logout_user
|
||||
|
||||
password = request.form.get('password')
|
||||
confirm_text = request.form.get('confirm_text')
|
||||
|
||||
# Verify password
|
||||
user_data = db.get_user(current_user.id)
|
||||
if not check_password_hash(user_data['password_hash'], password):
|
||||
return render_template("dashboard/settings/account.html", error="Incorrect password")
|
||||
|
||||
# Verify confirmation text
|
||||
if confirm_text != "DELETE":
|
||||
return render_template("dashboard/settings/account.html", error="Please type DELETE to confirm")
|
||||
|
||||
# Delete account
|
||||
db.delete_user(current_user.id)
|
||||
logout_user()
|
||||
|
||||
return redirect(url_for('landing_page'))
|
||||
|
||||
|
||||
def get_database_schema():
|
||||
"""Fetch database schema information for ERD generation"""
|
||||
|
||||
Reference in New Issue
Block a user