aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorB. Stack <bgstack15@gmail.com>2023-06-17 21:13:43 -0400
committerB. Stack <bgstack15@gmail.com>2023-06-24 08:22:59 -0400
commit623e49870608ba3344d3f391901e56285617277e (patch)
tree36d454bb7e03d6f6f406208668989dcad508e080
parentuse attribute external_auth (diff)
downloadnewspipe-623e49870608ba3344d3f391901e56285617277e.tar.gz
newspipe-623e49870608ba3344d3f391901e56285617277e.tar.bz2
newspipe-623e49870608ba3344d3f391901e56285617277e.zip
disallow ext-auth user to change nickname
-rw-r--r--newspipe/templates/profile.html2
-rw-r--r--newspipe/web/forms.py5
-rw-r--r--newspipe/web/views/user.py6
3 files changed, 9 insertions, 4 deletions
diff --git a/newspipe/templates/profile.html b/newspipe/templates/profile.html
index 68ecab11..f5ae6992 100644
--- a/newspipe/templates/profile.html
+++ b/newspipe/templates/profile.html
@@ -21,7 +21,7 @@
<div class="col">
{{ form.nickname.label }}
- {{ form.nickname(class_="form-control") }} {% for error in form.nickname.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
+ {% if nick_disabled %}{{ form.nickname(class_="form-control", disabled=True) }}{% else %}{{ form.nickname(class_="form-control") }}{% endif %} {% for error in form.nickname.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
{% if not user.external_auth %}{{ form.password.label }}
{{ form.password(class_="form-control") }} {% for error in form.password.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
diff --git a/newspipe/web/forms.py b/newspipe/web/forms.py
index 7a245b94..0f6200f8 100644
--- a/newspipe/web/forms.py
+++ b/newspipe/web/forms.py
@@ -239,7 +239,8 @@ class ProfileForm(FlaskForm):
nickname = TextField(
lazy_gettext("Nickname"),
- [validators.Required(lazy_gettext("Please enter your nickname."))],
+ #[validators.Required(lazy_gettext("Please enter your nickname."))],
+ [validators.Optional()],
)
password = PasswordField(lazy_gettext("Password"))
password_conf = PasswordField(lazy_gettext("Password"))
@@ -264,7 +265,7 @@ class ProfileForm(FlaskForm):
)
self.password.errors.append(message)
validated = False
- if self.nickname.data != User.make_valid_nickname(self.nickname.data):
+ if self.nickname.data and (self.nickname.data != User.make_valid_nickname(self.nickname.data)):
self.nickname.errors.append(
lazy_gettext(
"This nickname has "
diff --git a/newspipe/web/views/user.py b/newspipe/web/views/user.py
index b8d01967..7bb6e6b1 100644
--- a/newspipe/web/views/user.py
+++ b/newspipe/web/views/user.py
@@ -9,6 +9,7 @@ from flask_login import current_user
from flask_login import login_required
from flask_paginate import get_page_args
from flask_paginate import Pagination
+from werkzeug.exceptions import BadRequest
from newspipe.bootstrap import application
from newspipe.controllers import ArticleController
@@ -165,6 +166,9 @@ def profile():
if request.method == "POST":
if form.validate():
try:
+ # for external user, just force the exact same username.
+ if user.external_auth or not form.nickname.data:
+ form.nickname.data = user.nickname
user_contr.update(
{"id": current_user.id},
{
@@ -195,7 +199,7 @@ def profile():
if request.method == "GET":
form = ProfileForm(obj=user)
- return render_template("profile.html", user=user, form=form)
+ return render_template("profile.html", user=user, form=form, nick_disabled=bool(user.external_auth))
@user_bp.route("/delete_account", methods=["GET"])
bgstack15