Skip to content
Snippets Groups Projects
Commit dd7e6c52 authored by Marco De Donno's avatar Marco De Donno
Browse files

Add the functions for the configuration of a new donor account

parent 498f2b1c
No related branches found
No related tags found
No related merge requests found
...@@ -951,6 +951,58 @@ def do_config_new_user(): ...@@ -951,6 +951,58 @@ def do_config_new_user():
'error': False 'error': False
} ) } )
@app.route( baseurl + '/config/donor/<h>' )
def config_new_user_donor( h ):
session.clear()
sql = "SELECT id, username, email FROM users WHERE type = 2 AND password IS NULL"
for r in config.db.query_fetchall( sql ):
if h == hashlib.sha512( r[ 'email' ] ).hexdigest():
user = r
break
else:
return redirect( url_for( "home" ) )
session[ 'email_hash' ] = h
session[ 'user_id' ] = user[ 'id' ]
return render_template(
"users/config.html",
baseurl = baseurl,
js = config.cdnjs,
css = config.cdncss,
session_timeout = config.session_timeout,
envtype = envtype,
next_step = "do_config_new_donor",
hash = h
)
@app.route( baseurl + '/do_config/donor', methods = [ 'POST' ] )
def do_config_new_donor():
username = request.form.get( "username" )
password = request.form.get( "password" )
h = request.form.get( "hash" )
sql = "SELECT id FROM users WHERE username = %s"
user_id = config.db.query_fetchone( sql, ( username, ) )[ 'id' ]
session[ 'username' ] = username
if session[ "email_hash" ] == h and session[ "user_id" ] == user_id:
q = config.db.query( "UPDATE users SET password = %s WHERE username = %s", ( password, username, ) )
config.db.commit()
return jsonify( {
"error": False
} )
else:
return jsonify( {
"error": True,
"message": "Invalid parameters"
} )
@app.route( baseurl + '/totp_help' ) @app.route( baseurl + '/totp_help' )
def totp_help(): def totp_help():
return render_template( return render_template(
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment