diff options
| author | Marian Sigler <m@qjym.de> | 2012-09-26 20:43:54 +0200 |
|---|---|---|
| committer | Marian Sigler <m@qjym.de> | 2012-09-26 20:43:54 +0200 |
| commit | 5e0e7ea9cc24846e9a682a70a2e9d3f8f55952e5 (patch) | |
| tree | 7c5e66cb4b68cbd67b7b4d3db02212ab17f15b7a | |
| parent | c27e5d3d34d01e9584580ce09e71d29c895b8d49 (diff) | |
| download | web-5e0e7ea9cc24846e9a682a70a2e9d3f8f55952e5.tar.gz web-5e0e7ea9cc24846e9a682a70a2e9d3f8f55952e5.tar.bz2 web-5e0e7ea9cc24846e9a682a70a2e9d3f8f55952e5.zip | |
check for unique mail addresses
| -rw-r--r-- | app.py | 15 | ||||
| -rw-r--r-- | forms.py | 5 | ||||
| -rw-r--r-- | templates/about.html | 6 | ||||
| -rw-r--r-- | templates/index.html | 4 |
4 files changed, 27 insertions, 3 deletions
@@ -165,7 +165,6 @@ def settings(): if request.form.get('submit_main'): if form.mail.data and form.mail.data != g.user.mail: - #TODO: check for uniqueness confirm_token = make_confirmation('change_mail', (g.user.uid, form.mail.data)) confirm_link = url_for('change_mail', token=confirm_token, _external=True) @@ -213,11 +212,16 @@ def settings(): @app.route('/settings/change_mail/<token>') @login_required def change_mail(token): - #TODO: check for uniqueness username, mail = http_verify_confirmation('change_mail', token.encode('ascii'), timeout=3*24*60*60) if g.user.uid != username: raise Forbidden(u'Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst.') + + results = g.ldap.find_by_mail(mail) + for user in results: + if user.uid != g.user.uid: + raise Forbidden(u'Diese E-Mail-Adresse wird schon von einem anderen account benutzt!') + g.user.change_email(mail) g.ldap.update(g.user) @@ -232,6 +236,13 @@ def logout(): return redirect(url_for('index')) +@app.route('/about') +@templated('about.html') +def about(): + return {} + + + @app.route('/debug') def debug(): raise Exception() @@ -43,6 +43,11 @@ class SettingsForm(Form): password_confirm = PasswordField(u'Passwort bestätigen') mail = TextField('E-Mail-Adresse', [validators.Optional(), validators.Email(), validators.Length(min=6, max=50)]) + def validate_mail(form, field): + results = g.ldap.find_by_mail(field.data) + for user in results: + if user.uid != g.user.uid: + raise ValidationError(u'Diese E-Mail-Adresse wird schon von einem anderen account benutzt!') def get_servicepassword(self, service_id): return getattr(self, 'password_%s' % service_id) diff --git a/templates/about.html b/templates/about.html new file mode 100644 index 0000000..3cd96a5 --- /dev/null +++ b/templates/about.html @@ -0,0 +1,6 @@ +{%- extends 'base.html' %} +{%- from '_macros.html' import render_field %} +{%- set title = 'Über spline accounts' %} +{%- block content %} +<p> +{%- endblock %} diff --git a/templates/index.html b/templates/index.html index b3bd93c..d652313 100644 --- a/templates/index.html +++ b/templates/index.html @@ -9,7 +9,9 @@ <h2>Login</h2> <p> Willkommen bei <strong>spline accounts</strong>. - Melde dich an, informier dich, oder leg einen account an. + Melde dich an, + <a href="{{ url_for('about') }}">informier dich</a>, oder + <a href="{{ url_for('register') }}">leg einen account an</a>. </p> {{ render_field(form.username, autofocus="autofocus") }} {{ render_field(form.password) }} |