diff options
Diffstat (limited to 'app.py')
-rw-r--r-- | app.py | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -52,6 +52,7 @@ def index(): @logout_required def register(): #TODO: check for double uids + #TODO: check for double mails form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data @@ -164,6 +165,7 @@ def settings(): if request.form.get('submit_main'): if form.mail.data and form.mail.data != g.user.mail: + #TODO: check for uniqueness confirm_token = make_confirmation('change_mail', (g.user.uid, form.mail.data)) confirm_link = url_for('change_mail', token=confirm_token, _external=True) @@ -179,7 +181,7 @@ def settings(): changed = True if form.password.data: - g.user.change_password(form.password.data, session['password']) + g.user.change_password(form.password.data, decrypt_password(session['password'])) session['password'] = encrypt_password(form.password.data) flash(u'Passwort geƤndert', 'success') @@ -211,6 +213,7 @@ def settings(): @app.route('/settings/change_mail/<token>') @login_required def change_mail(token): + #TODO: check for uniqueness username, mail = http_verify_confirmation('change_mail', token.encode('ascii'), timeout=3*24*60*60) if g.user.uid != username: |