From 97ff4acf02c8c7ec9e3c4b4334193ac0c8ed588c Mon Sep 17 00:00:00 2001 From: Stef Date: Mon, 11 Aug 2025 18:03:18 +0200 Subject: [PATCH] Add change password functionality for users Introduces a change password route, form, and template, allowing authenticated users to update their password. Updates the User model with a method to set the must_change_password flag. Adjusts login and navigation logic to support the new flow and ensures users are redirected to change their password if required. --- application/auth/routes.py | 24 +++++++++- .../auth/templates/change_password.html | 46 +++++++++++++++++++ application/auth/templates/login.html | 2 +- application/templates/base.html | 2 +- application/utils.py | 2 +- forms.py | 13 +++++- models.py | 3 ++ 7 files changed, 86 insertions(+), 6 deletions(-) create mode 100644 application/auth/templates/change_password.html diff --git a/application/auth/routes.py b/application/auth/routes.py index 043aaf9..b37b025 100644 --- a/application/auth/routes.py +++ b/application/auth/routes.py @@ -1,8 +1,9 @@ -from flask import Blueprint, request, render_template +from flask import Blueprint, request, render_template, redirect, url_for from flask_login import current_user, login_user -from forms import LoginForm +from forms import LoginForm, ChangePasswordForm from models import User from application.utils import default_return +from application import db bp = Blueprint( "auth", @@ -28,3 +29,22 @@ def login(): pass # invalid user return render_template("login.html", form=form) + + +@bp.route("/change_password", methods=["GET", "POST"]) +def change_password(): + if not current_user.is_authenticated: + return redirect(url_for("auth.login")) + + form = ChangePasswordForm() + if form.validate_on_submit(): + cur_check = current_user.check_password( + password=form.current_password.data + ) + eq_check = form.new_password.data == form.confirm_password.data + if cur_check and eq_check: + current_user.change_password(form.new_password.data) + current_user.set_pw_change(False) + db.session.commit() + return default_return() + return render_template("change_password.html", form=form) diff --git a/application/auth/templates/change_password.html b/application/auth/templates/change_password.html new file mode 100644 index 0000000..11a470c --- /dev/null +++ b/application/auth/templates/change_password.html @@ -0,0 +1,46 @@ +{% extends "base.html" %} + +{% block content %} +
+
+

Login

+
+ {{ form.hidden_tag() }} + +
+ {{ form.current_password.label(class="form-label") }} + {{ form.current_password(class="form-control", placeholder="") }} + {% if form.current_password.errors %} +
+ {{ form.current_password.errors[0] }} +
+ {% endif %} +
+ +
+ {{ form.new_password.label(class="form-label") }} + {{ form.new_password(class="form-control", placeholder="Enter password") }} + {% if form.new_password.errors %} +
+ {{ form.new_password.errors[0] }} +
+ {% endif %} +
+ +
+ {{ form.confirm_password.label(class="form-label") }} + {{ form.confirm_password(class="form-control", placeholder="Enter password") }} + {% if form.confirm_password.errors %} +
+ {{ form.confirm_password.errors[0] }} +
+ {% endif %} +
+ +
+ {{ form.submit(class="btn btn-primary btn-lg") }} +
+
+
+
+{% endblock%} \ No newline at end of file diff --git a/application/auth/templates/login.html b/application/auth/templates/login.html index e65d635..69597be 100644 --- a/application/auth/templates/login.html +++ b/application/auth/templates/login.html @@ -4,7 +4,7 @@

Login

-
+ {{ form.hidden_tag() }}
diff --git a/application/templates/base.html b/application/templates/base.html index 7323c8f..37428ff 100644 --- a/application/templates/base.html +++ b/application/templates/base.html @@ -36,7 +36,7 @@ {% else %}
  • - Login + Login
    • {% endif %}
  • diff --git a/application/utils.py b/application/utils.py index 3cb5a5b..6631122 100644 --- a/application/utils.py +++ b/application/utils.py @@ -6,7 +6,7 @@ from typing import Optional def login_required(): if not current_user.is_authenticated: return redirect(url_for("auth.login")) - # if current_user.must_change_password: + if current_user.must_change_password: flash("You have to change your password") return redirect(url_for("auth.change_password")) return diff --git a/forms.py b/forms.py index 70c64ab..0497b9e 100644 --- a/forms.py +++ b/forms.py @@ -11,7 +11,18 @@ from wtforms.validators import DataRequired, InputRequired, Optional class LoginForm(FlaskForm): username = StringField("Username", validators=[DataRequired()]) password = PasswordField("Password", validators=[DataRequired()]) - submit = SubmitField("auth.login") + submit = SubmitField("Log in") + + +class ChangePasswordForm(FlaskForm): + current_password = PasswordField( + "Current password", validators=[DataRequired()] + ) + new_password = PasswordField("New password", validators=[DataRequired()]) + confirm_password = PasswordField( + "Confirm new password", validators=[DataRequired()] + ) + submit = SubmitField("Change password") class FoodItemForm(FlaskForm): diff --git a/models.py b/models.py index dd1226c..22ca4b8 100644 --- a/models.py +++ b/models.py @@ -36,6 +36,9 @@ class User(UserMixin, db.Model): def change_password(self, password: str) -> None: self.password = generate_password_hash(password=password) + def set_pw_change(self, change: bool) -> None: + self.must_change_password = change + class Unit(db.Model): __tablename__ = "unit"