diff options
Diffstat (limited to 'app.py')
-rw-r--r-- | app.py | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -165,7 +165,6 @@ def settings(): if request.form.get('submit_main'): if form.mail.data and form.mail.data != g.user.mail: - #TODO: check for uniqueness confirm_token = make_confirmation('change_mail', (g.user.uid, form.mail.data)) confirm_link = url_for('change_mail', token=confirm_token, _external=True) @@ -213,11 +212,16 @@ def settings(): @app.route('/settings/change_mail/<token>') @login_required def change_mail(token): - #TODO: check for uniqueness username, mail = http_verify_confirmation('change_mail', token.encode('ascii'), timeout=3*24*60*60) if g.user.uid != username: raise Forbidden(u'Bitte logge dich als der Benutzer ein, dessen E-Mail-Adresse du ändern willst.') + + results = g.ldap.find_by_mail(mail) + for user in results: + if user.uid != g.user.uid: + raise Forbidden(u'Diese E-Mail-Adresse wird schon von einem anderen account benutzt!') + g.user.change_email(mail) g.ldap.update(g.user) @@ -232,6 +236,13 @@ def logout(): return redirect(url_for('index')) +@app.route('/about') +@templated('about.html') +def about(): + return {} + + + @app.route('/debug') def debug(): raise Exception() |